[cvsnt] Re: Questions about sserver protocol

Tony Hoyle tmh at nodomain.org
Wed May 18 14:36:14 BST 2005


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


Jonathan Belson wrote:

> 1. Does 'sserver' encrypt the password when logging on to a cvs server?

Yes.  The entire session is encrypted.

> 2. Does 'sserver' only use encryption if 'EncryptionLevel' is set to 
> '4'?  Does setting '4' imply '3', too?

sserver is always encrypted.  EncryptionLevel affects only protocols 
where encryption is optional eg. sspi, gserver.

Forcing encryption also effectively disables things like pserver, but 
it's safer to delete the protocol library in that case.

> 3. I created a certificate and key as described in 'InstallationLinux' 
> section 1.9.  I added references to these in PServer (CertificateFile 
> and PrivateKeyFile), but I found I could still log into the cvs server 
> without making the certificate available to the client.  Does the client 
> actually need a copy of the certificate, or is it all handled by the 
> server?

The client only needs a copy of the CA certificate file - it has a 
default one installed which has all the major CA's on there.  By default 
it'll ignore some problems such as selfsign certificates.. specify 
strict=1 in the cvsroot string to check for that.

Tony



More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook