SSH is: a. secure through encryption ( cleartexting across the net with pserver is inviting disaster) b. through the SSH command="" you can limit users to one command based on the key they are authenticating with.
tg ----- Original Message ----- From: "Greg A. Woods" <[EMAIL PROTECTED]> To: "CVS-II Discussion Mailing List" <[EMAIL PROTECTED]> Sent: Tuesday, May 04, 2004 3:10 PM Subject: Fw: need to force username of cvs 'action' when using shared SSHaccount > [ someone wrote: ] > > Subject: Fw: need to force username of cvs 'action' when using shared SSH account > > > > I just can't imagine that this hasn't been required before: a single shell > > account with a used id of, for example, 'cvsuser' requiring SSH, instead of > > pserver, authentication and access for developers. The nature of CVS, that > > of tracking diffs and who did what when, seems to be compromised in this > > situation. Thats all. > > I just cannot possibly ever even conceive of anyone using a "shared SSH > account". > > The very concept is entirely antithetical to the goals of SSH and > computing security in general. > > You may as well just use pserver in the clear and be very explicit and > forthright about your total lack of security. > > [[ And yes, I do intend that comment to be very sarcastic. ]] > > -- > Greg A. Woods > > +1 416 218-0098 VE3TCP RoboHack <[EMAIL PROTECTED]> > Planix, Inc. <[EMAIL PROTECTED]> Secrets of the Weird <[EMAIL PROTECTED]> > > > _______________________________________________ > Info-cvs mailing list > [EMAIL PROTECTED] > http://mail.gnu.org/mailman/listinfo/info-cvs > > > _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
