[cvsnt] In an authentication pickle

David Somers dsomers at omz13.com
Sat Aug 6 21:16:44 BST 2005


Joelle Tegwen wrote:
> I'm running it on Windows 2003 server. I've got an ssh service running
> (VShell), but I'm not a server admin so I don't know what to do to make
> the authentication work.

You really don't want (l)users running a shell on a Windows server... that's
something only a sys admin would want to do (and these days they'd probably
be better off using RDP when they need to play with the server).

> I'm sure this is a really basic thing. I just am completely in over my
> head.

Authentication and protocol security are different things. Pick up a copy of
Applied Cryptography (2nd Edition) by Bruce Schneier for all the nasty
details.

>> Peter Crowther wrote:
>> I just figured he was rambling... he lost me about halfway into his
>> message :)
>> 
>> It depends on which platform his CVSNT server is running on as to the
>> "best" secure protocol -- ext/ssh or sserver come to mind for linux /
>> Win32 respectively.

One question that springs to mind is: do you really need secure
authentication and a secure protocol? Then again, from your domain I guess
you are operating in a academic environment, so beware students with packet
sniffers :-))

BTW, you said in an earlier post that you're using MacCvsX (3.2-beta14)...
good grief, its years old... its from 2002!

Use a newer build! The last one (from 2003!) at least says it supports
cvsgui, so it should offer sspi, pserver, and sserver...  so just run it
using sspi. You'd probably want to drop the cvsnt that comes with it and
use a newer version.

-- 
David Somers
VoIP: FWD 622885
PGP Key = 7E613D4E
Fingerprint = 53A0 D84B 7F90 F227 2EAB  4FD7 6278 E2A8 7E61 3D4E



More information about the cvsnt mailing list