Re: Looking for Subversion server-side SSH key manager

On 16 Jun, 12:34, "Stachu 'Dozzie' K."
<doz...@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Zawarto¶æ nag³ówka ["Followup-To:" comp.os.linux.security.]
On 16.06.2007, Nico <nka...@xxxxxxxxx> wrote:

Morning, folks:

Subversion has long had a fundamental flaw in its Linux or UNIX
command line clients: like CVS, from which it evolved, it stores
passwords locally in the clear on the client side. Using SSH or HTTPS
authentication does not address this. Many good clients, such as
TortoiseSVN, use the local operating system's password storage, but
for CygWin or Linux or UNIX clients, it's an amazingly fundamental
security problem.

Erm. How would you like to store Subversion password? Subversion must be
able to read it. If the password is encrypted in any way, Subversion
must ask user for decryption key. Otherwise everything could be stored
as plain text, since "encryption with publicly known key" is no
encryption at all. "Windows password storage", whatever are you talking
about, is affected exactly by the same facts. It's just a matter of
reading appropriate object from the system.

I believe I just said. It's an issue I've raised before in the
Subversion developer's and discussion lists. The Subversion client
must be able to access it, true. That *does not* mean it has to be
stored in plain text!!!! Numerous tools, such as Internet Explorer,
Firefox, and ssh-agent, store keys encrypted on local disk that are
unlocked by the user at login or software activation time and are not
available to any schmuck who can read a backup tape or convince an NFS
server that he's actually got the same login name as the software
owner, plug in a USB stick at an unattended console and read the
user's stored SVN configuration settings, etc., etc., etc.

"Reading appropriate objects from the system" should require access to
RAM, not to the backup tapes or the disk from a botnetted machine or
shared home directories in a corporate network. No one but the key
owner should be able to extract the key, even if they have access to
the user's files: this is a serious basic of network security..

.

Relevant Pages

  • Re: Looking for Subversion server-side SSH key manager
    ... Many good clients, such as ... How would you like to store Subversion password? ... since "encryption with publicly known key" is no ...
    (comp.os.linux.security)
  • Re: Best Practice for storing keys
    ... But if you store information such as Credit Card or Social Security ... I have an encryption base class which does TripleDES encrpytion. ... two methods: Encryptand Decrypt(). ... I am creating one key for all clients. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: SMS 2003 SP1 Client Install Problem or Policy Retreival Problem?
    ... > Failed to find running shell process ... >> It is possible that the crypto store has somehow been corrupted. ... >>> The MP is setup and thousands of other clients have access. ... >>> Failed to find the certificate in the store, ...
    (microsoft.public.sms.admin)
  • Re: IPSec to encrypt SMB traffic?
    ... of our clients are within our own Domain. ... Removed all entries under Key Exchange Security Method except for: ... default lists intact) - this new list is the Selected one ... Encryption and Integrity Security Method. ...
    (microsoft.public.windows.server.security)
  • Re: IPSec to encrypt SMB traffic?
    ... of our clients are within our own Domain. ... Removed all entries under Key Exchange Security Method except for: ... default lists intact) - this new list is the Selected one ... Encryption and Integrity Security Method. ...
    (microsoft.public.windowsxp.security_admin)