[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: gEDA-dev: Switching to git -- getting write access

To: "gEDA developer mailing list" <geda-dev@xxxxxxxxxxxxxx>
Subject: Re: gEDA-dev: Switching to git -- getting write access
From: "Ales Hvezda" <ahvezda@xxxxxxxxx>
Date: Fri, 8 Jun 2007 14:20:58 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: geda-dev@xxxxxxxxxxxxxx
Delivery-date: Fri, 08 Jun 2007 14:21:08 -0400
In-reply-to: <200706081812.l58IC2jZ017958@xxxxxxxxxxxxxxxx>
List-archive: <http://www.seul.org/pipermail/geda-dev>
List-help: <mailto:geda-dev-request@moria.seul.org?subject=help>
List-id: gEDA developer mailing list <geda-dev.moria.seul.org>
List-post: <mailto:geda-dev@moria.seul.org>
List-subscribe: <http://www.seul.org/cgi-bin/mailman/listinfo/geda-dev>, <mailto:geda-dev-request@moria.seul.org?subject=subscribe>
List-unsubscribe: <http://www.seul.org/cgi-bin/mailman/listinfo/geda-dev>, <mailto:geda-dev-request@moria.seul.org?subject=unsubscribe>
References: <200706081832.51945.peter@xxxxxxxxxxxxx> <8af6e2520706081043n59777fa5v7297dc9701ac9936@xxxxxxxxxxxxxx> <200706081841.00793.peter@xxxxxxxxxxxxx> <8af6e2520706081100x53d83ab9p83089b04ff5e7a8f@xxxxxxxxxxxxxx> <200706081812.l58IC2jZ017958@xxxxxxxxxxxxxxxx>
Reply-to: gEDA developer mailing list <geda-dev@xxxxxxxxxxxxxx>
Sender: geda-dev-bounces@xxxxxxxxxxxxxx

> ssh public key is more secure than ssh with passwords, because nothing
> that passes over the internet or lives on remote machines is
> sufficient to give someone access to your priviledges.  Even if geda's
> git server is compromized, the public key therein isn't enough to gain
> access to other machines.

Okay fair enough, but what if the local machine (not the git server machine)
is compromised?  Wouldn't that mean that now my server is vulnerable because
the attacker has the private key?  Of course, they would need to know the
pass phrase assuming there is one (I've never created a public/private key
without a pass phrase).

>
> If you do ssh with password, that password has to exist on the remote
> server, which makes it available if the machine is compromized.

If the remote machine is compromised, I doubt they will care about a
password on some local account.  Please tell me people aren't using
the same password everywhere.

-Ales


_______________________________________________
geda-dev mailing list
geda-dev@xxxxxxxxxxxxxx
http://www.seul.org/cgi-bin/mailman/listinfo/geda-dev

Follow-Ups:
- Re: gEDA-dev: Switching to git -- getting write access
  - From: DJ Delorie

References:
- gEDA-dev: Switching to git -- getting write access
  - From: Peter TB Brett
- Re: gEDA-dev: Switching to git -- getting write access
  - From: Ales Hvezda
- Re: gEDA-dev: Switching to git -- getting write access
  - From: Peter TB Brett
- Re: gEDA-dev: Switching to git -- getting write access
  - From: Ales Hvezda
- Re: gEDA-dev: Switching to git -- getting write access
  - From: DJ Delorie

Prev by Author: Re: gEDA-dev: Switching to git -- getting write access
Next by Author: Re: gEDA-dev: Considering git
Previous by thread: Re: gEDA-dev: Switching to git -- getting write access
Next by thread: Re: gEDA-dev: Switching to git -- getting write access
Index(es):
- Author
- Thread