[cvsnt] Latest CVSNT and Windows Server 2003?

Oliver Giesen ogware at gmx.net
Fri Dec 19 22:58:29 GMT 2003 

Woellert, Kirk D. wrote:

> So :sspi is easier? I'll give it a try. How do I support my Linux and
> Unix users that are outside our corporate firewall? These guys WILL
> not develop code on a Win platform. Absolutely refuse to do so.

So let them use one of the other protocols. You could provide :sspi:
for Windows clients and :sserver: or whatever for the rest.


> In regard to SSL, I can't a CVS client that actually supports SSL. Or
> maybe the documentation I have is just poorly written. Yeah, I would
> love to use SSL, should be more universal. Do you know of a client
> that supports it?

You've already got it. I wouldn't have mentioned it if CVSNT wasn't
able to do it. In case you haven't noticed: CVSNT runs on *ix too.


> Is this in fact true? I have been logging in to CVSNT via the Cygwin
> server for a few days now. The SSH mode is still password
> authentication, but it seems to handling the protocol. So your
> telling me that even though the user is "kdwoell", and even if I set
> NTFS pemissions such that "kdwoell" cannot get CVS access to a
> particular folder, the SSH authentication takes precedence and the
> NTFS permissions are ignored?

I'm only relaying what I read here as well. I didn't try it myself.
>From what I've read, this is indeed what appears to be the case. The
username and password/keypair are only evaluated for authentication and
encryption but all actual repository access will happen as SYSTEM...
IOW you are secured against unauthorized entities accessing your
repository and against someone tapping your lines but you cannot assign
different access privileges to authorized users and you cannot
distinguish who did what. You could test for yourself if this is the
case in your environment: If all of this is true, then a log of any
revision committed via SSH to a Windows server should always report
SYSTEM as the author.

Hope this helps.

-- 
Oliver
----  ------------------
JID:  ogiesen at jabber.org
ICQ:  18777742     (http://wwp.icq.com/18777742)

More information about the cvsnt mailing list