Eric S. Raymond wrote on Fri, Nov 30, 2012 at 10:17:39 -0500: > Ben Reser <b...@reser.org>: > > Precisely. I was under the impression that he wanted something that > > was user controlled and had nothing to do with the authentication to > > display as the author. > > Maybe I'm confused. Or perhaps we're using "authentication" in > different senses on different levels. I think there's a question I > should have asked sooner... > > Normally, access to the Subversion repositories I use is actually > authenticated > via an ssh key used for login to the server host. I'm not sure in what sense > the username field actually contributes any security-relevant information > in a setup like that. Does it?
It does yes, if the server has ForceCommand='svnserve -t' configured in sshd, then path-based authz and/or "anon-access=none" can be meaningfully set up --- and these key off of the svn-level authenticated username (as opposed to the OS-level username).
