[cvsnt] Yet Another Security Question

Bo Berglund bo.berglund at telia.com
Thu Feb 27 23:37:10 GMT 2003


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


Some small comments...
On Thu, 27 Feb 2003 14:36:25 -0700, "Glen Starrett"
<grstarrett at cox.net> wrote:

>First off, it looks like you're using an old client (and server).  I get the
>same client and server version numbers:  "1.11.1.3 (Build 72)
>(client/server)".  I'm not sure where you got the version you listed.  If
>you are using winCVS, you need to be on the latest Beta version to be able
>to use sspi protocol (I am using 1.3.10.1 beta 10 build 1)--and even then,
>they ship an old version of CVSNT with their client (build 57k).  I don't

The WinCvs you download today is 1.3.12.1 and it ships with CVSNT b72.

... snip ...

And the 1.10.8 version does not use the latest style of authentication
at all. I don't even now remember how it was done, but surely not the
way the original poster wants it.
So the advice is this:

Get the latest dsitribution of CVSNT for the server and replace the
existing one. During installation make sure the pserver protocol is
not included and to be on the safe side only include the SSPI
protocol. This minimizes the chance for eavesdropping...

Get the latest version of WinCvs as well.

Then use the SSPI protocol, since you are an all Windows shop there is
no need for anything else at all.

After this is done I am quite certain you will find the going much
easier.


/Bo
(Bo Berglund, developer in Sweden)


More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook