Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
Bo Berglund wrote: > The :pserver: protocol is considered insecure because it has no > method for encryption of the communication. And the password is > sent nearly in cleartext (very light encryption). > > So someone using a packet sniffer on the network should eb able to > decode your CVS communications. > If you are in a closed environment and are not exposing the > CVS system on the Internet then pserver is probably OK, but > otherwise you should consider SSPI or something else. > There's also :sserver: which is essentially encrypted pserver. The passwords are still stored on the client side in the registry but the wire protocol is secure. Tony