subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache subversion Wiki <comm...@subversion.apache.org>
Subject [Subversion Wiki] Update of "EncryptedPasswordStorage" by CMichaelPilato
Date Tue, 03 Jan 2012 16:19:29 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Subversion Wiki" for change notification.

The "EncryptedPasswordStorage" page has been changed by CMichaelPilato:
http://wiki.apache.org/subversion/EncryptedPasswordStorage?action=diff&rev1=2&rev2=3

  On Mac OS X, Subversion stores passwords in the login keyring (which is managed        
      by the Keychain service).  Similarly to the Windows situation, this keychain is protected
by the               user's account password.  The Keychain service allows users to impose
additional policies, too, such as requiring that the               user's account password
be entered each time the               Subversion password is used.
  
  === GNOME Keyring and KDE Wallet ===
- Many Unix systems provide either the GNOME or KDE graphical windowing environments, both
of which offer services similar to the Mac OS X Keychain.  Generally speaking, these password
managers offer one or more keychains, which each keychain encrypted by some passphrase.  Users
must first unlock the keychains with the passphrase before applications can read and write
from the keychains.  GNOME Keyring offers a small improvement here in that it can automatically
create a default login keychain and use the user's login password as the passphrase for that
keychain.  This allows a single-sign-on sort of behavior (the same way that Mac OS X Keychain
and the Windows Cryptographic Services work).  KDE Wallet has not yet implemented similar
behavior (see http://techbase.kde.org/Projects/Utils/kwallet/FeaturePlan42).
+ Many Unix systems provide either the GNOME or KDE graphical windowing environments, both
of which offer services similar to the Mac OS X Keychain.  Generally speaking, these password
managers offer one or more keychains, which each keychain encrypted by some passphrase.  Users
must first unlock the keychains with the passphrase before applications can read and write
from the keychains.  GNOME Keyring offers a small improvement here in that it can automatically
create a default login keychain and use the user's login password as the passphrase for that
keychain.  This allows a single-sign-on sort of behavior (the same way that Mac OS X Keychain
and the Windows Cryptographic Services work).  KDE Wallet has not yet implemented similar
behavior (see http://techbase.kde.org/Projects/Utils/kwallet/FeaturePlan42).  Subversion 1.6
and newer allows users to optionally store their credentials in these services.  One downside
of these services is that they often aren't installed on headless machines -- computers which
are only accessed via remote login and for command-line usage only.
  
+ === GPG Agent ===
+ Subversion's 1.8-dev codebase currently offers an integration with GPG Agent, which is yet
another third-party cryptographic service provider.
+ 

Mime
View raw message