[cvsnt] Re: Trouble with pserver on WinXP
John Waugh
john.waugh at gmail.com
Sun Oct 9 19:10:39 BST 2005
I must be missing something...
I thought that with pserver, authentication was accomplished by sending
passwords in cleartext over the line.
It may be insecure, but it is authenticated, no?
A trivially encrypted version of the password is stored in the registry, to
match against future passwords - that process is authentication, isn't it?
If I had set the server to "Require encryption" then of course pserver
couldn't comply. But I only used "Require authentication" - seems like
pserver fits that bill
or does "Require authentication" imply it needs an ssh connection or
somesuch?
On 10/8/05, Tony Hoyle <tony.hoyle at march-hare.com> wrote:
>
> John Waugh wrote:
> >> E:\>cvs checkout -P module
> > cvs [checkout aborted]: cvs [server aborted]: This server reqires a
> signed
> > or encrypted connection
> >
> > I can then go to the CVSNT control panel and set Encryption to "Request
> > Authentication" and the checkout works
> > only when the "Require Authentication" is used is there a problem
> >
> It's doing exactly what you're asking.. pserver is a hopelessly insecure
> protocol and you've set the server to only allow authenticated protocols.
>
> Tony
> _______________________________________________
> cvsnt mailing list
> cvsnt at cvsnt.org
> http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
>
More information about the cvsnt
mailing list