begin: Joey Hess <[EMAIL PROTECTED]> quote > Peter Jay Salzman wrote: > > i just found out that using method 2, you can't assign a shell of > > /bin/false. > > cvs won't work. so option 2 also means "giving a shell account on my > > machine". > > Read http://kitenet.net/programs/sshcvs > > > any thoughts? is pserver really as insecure as dpkg claims in the > > configuration of the package? > > It uses plain-text passwords, which is pretty insecure, yes. joey, i have no problem with plain text passwords.
just as long as they can't get _shell access_ with that password. one more question -- i gave that URL a brief read. it's not clear that this method allows people to import changes to the their local copy. does it? please excuse my newbieness. i /just/ learned how to use cvs a few days ago. i'm still struggling with concept and terminology. thanks. pete -- PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D PGP Public Key: finger [EMAIL PROTECTED]
