info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: what's to stop a developer from nuking the repository?

From: david
Subject: Re: what's to stop a developer from nuking the repository?
Date: Wed, 21 Jan 2004 09:23:38 -0600 (CST) 
> [ On Tuesday, January 20, 2004 at 15:13:08 (-0600), address@hidden wrote: ]
> > Subject: Re: what's to stop a developer from nuking the repository?
> >
> > > If you have a trusted network and you do feel comfortable with telnet
> > > and rlogin then USE THEM -- DO NOT USE PSERVER.
> > >
> > The logic for using pserver over ssh would be that it's harder to set
> > ssh up right.
> 
> Using pserver over SSH is about the biggest fallacy for "security" I can
> imagine for anything in this context.
>
However, setting up pserver is easier than setting up ssh.  Setting up
ssh requires reading more instructions, which are not necessarily as
accessible.  I set up remote users on a VPN with pserver once because
I wasn't familiar with the ssh-agent concept and didn't know what to
do.  (I know better now.)

My point is that setting up cvs with rsh is as easy as using pserver,
and that provides more accountability.

> If you're going to use SSH, then JUST USE SSH for goodness sake!!!!!
>
ssh is the correct way to use CVS over anything other than a secure LAN
(and I share an earlier contributor's feelings about "crunchy on the
outside, soft and chewy on the inside" LANs).  On a secure LAN, rsh
is about as easy to set up as pserver and works well.

So, it looks to me like we're in fairly argumentative agreement here.
 
-- 
Now building a CVS reference site at http://www.thornleyware.com
address@hidden
reply via email to
[Prev in Thread] Current Thread [Next in Thread]