Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
"Tony Hoyle" <tmh at nothing-on.tv> wrote in message news:3c73d1d2.19432906 at tony-home... > On Wed, 20 Feb 2002 09:53:45 +0000 (UTC), "Koen" <no at ssppaamm.com> > wrote: > >2. Use pserver protocol with impersonation > >No ntserver protocol, because: (1) in that case the NT passwords must be > >sent over the net and they are easily decrypted, and (2) we also need to > >access the repository from Linux machines... > > If you're that bothered about security then pserver is the *worst* > protocol to choose as the passwords are trivially decrypted. Kerberos > or SSH are needed for that level of security. Any pointer on a tutorial to set this up using SSH? > sspi is a good middle > ground - you can in theory crack the NT passwords (they're MD5'd I > believe) but it would take a couple of weeks on a fast machine > provided you don't use passwords that aren't susceptible to a > dictionary attack. So, if I use ntserver protocol the passwords are sent in a better encrypted way than when using pserver protocol? But can I still access the repository from a Linux machine if I choose to use ntserver protocol? > Users can set their own passwords using 'cvs passwd'. OK! Thanks a lot for all your help! Koen _______________________________________________ Cvsnt mailing list Cvsnt at cvsnt.org http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt https://www.march-hare.com/cvspro/en.asp#downcvs