List
Subject: Re: cvs with xinetd
Peter Ajamian wrote:
Larry Jones wrote:
I'm having trouble reconciling this information with the
original report that MD5 passwords don't work, but DES passwords do.
Hrmmm, just thought of another possibility, what version of the crypt
library are the CVS
Larry Jones wrote:
Then it would appear that RedHat and/or Linux in general implemented MD5
passwords in a less than desirable fashion. What they should have done
is enhance crypt(3) to do MD5 based on the first character(s) of the
salt;
They did (see below).
Presumably, they've patched
Peter Ajamian writes:
For the MD5-based algorithm, the SALT should consist of the string
`$1$', followed by up to 8 characters, terminated by either
another `$' or the end of the string. The result of `crypt' will
be the SALT, followed by a `$' if the salt didn't end
Larry Jones wrote:
If that's correct, and if MD5 passwords in /etc/passwd (or whatever
shadow file gets used) correctly start with $1$
I checked the shadow file on a RH7.0 installation I administer and the
passwords do indeed start with $1$.
, and that's what
getpwnam() (or getspnam())
Peter Ajamian wrote:
Larry Jones wrote:
I'm having trouble reconciling this information with the
original report that MD5 passwords don't work, but DES passwords do.
Hrmmm, just thought of another possibility, what version of the crypt
library are the CVS binaries (rpms, etc) built
]
cc:
Subject:RE: cvs with xinetd
After doing some experimentation, I think I've determined that enabling
MD5 passwords on my RedHat 7.0 box does, indeed, prevent OS-level
authentication by CVS. I built my box first with MD5 passwords enabled,
and configured CVS for a pserver, but could
To: Gianni Mariani
Cc: Adam W. Montville; Info-Cvs
Subject: Re: cvs with xinetd
Gianni Mariani writes:
env = HOME=
Again, it is much better to use:
passenv = PATH
(plus whatever other environment variables you want to pass to the
server but *not* HOME) instead
=)
variables.
So, at another guess, using passenv= agessively unsets all environment
variables.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Adam W. Montville
Sent: Thursday, May 03, 2001 5:55 AM
To: Info-Cvs; Larry Jones
Subject: RE: cvs with xinetd
What I
Adam W. Montville writes:
This configuration works wonderfully, although I'm not entirely sure what
leaving passenv null actually does.
It prevents xinetd from passing *any* environment variables to the
server. Not having at least $PATH can be inconvenient, particularly for
scripts, but
Adam W. Montville writes:
Also, I've been experiencing problems with my pserver
authentication. This may be due to the fact that RedHat installed with
MD5 passwords enabled. Does this pose the problem I think it might?
Hard to say, what problem do you think it might pose? CVS uses the
Also, I've been experiencing problems with my pserver
authentication. This may be due to the fact that RedHat
installed with
MD5 passwords enabled. Does this pose the problem I think it might?
Hard to say, what problem do you think it might pose? CVS uses the
crypt(3) library
Jones
Sent: Thursday, May 03, 2001 2:41 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: cvs with xinetd
[EMAIL PROTECTED] writes:
The very fact that it uses the crypt(3) library function is why I
believe it
would break. Suppose I use jCVS to connect to my CVS server, on which
MD5
Adam W. Montville writes:
After doing some experimentation, I think I've determined that enabling
MD5 passwords on my RedHat 7.0 box does, indeed, prevent OS-level
authentication by CVS. I built my box first with MD5 passwords enabled,
and configured CVS for a pserver, but could not
Adam,
The
following is the configuration file I use for xinetd and it works like a charm
!
G
--
# default: on# description: The
cvspserver provides support for cvs network
Gianni Mariani writes:
env = HOME=
Again, it is much better to use:
passenv = PATH
(plus whatever other environment variables you want to pass to the
server but *not* HOME) instead.
-Larry Jones
In short, open revolt and exile is the only hope for change? --
15 matches
Mail list logo
