[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVS authentication
From: |
Todd Denniston |
Subject: |
Re: CVS authentication |
Date: |
Thu, 28 Feb 2008 09:18:37 -0500 |
User-agent: |
Thunderbird 2.0.0.9 (X11/20071031) |
Shawn Henson wrote, On 02/27/2008 02:47 PM:
Is there a way to capture/log authentication via
pserver?
I have a requirement to monitor login activity which
would include, cvs "login" and cvs "up" activity.
Currently I am able to capture commit history via
loginfo.
Thank You,
Shawn Henson
--Shawn Henson
Are you tied to using pserver?
If not, and you are using system accounts, I believe ssh access (:ext: with
CVS_RSH=ssh) is logged fairly tightly by sshd and if you want tighter, you can
tweak sshd_config.
Also if it is a real 'requirement' then you might get a pass on the audit if
using ssh, but I suspect anyone who knows pserver would require you to PROVE
it does it's logging correctly, and then tell you to use ssh.
As Arther indicated CVSNT has some other logging capabilities. I don't know
if external entity has ever audited CVSNT's 'failsafe logging' but it has a
much better chance (going from Arther's description) of passing an audit than
pserver on normal CVS ever had.
--
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter