On Mon, 13 Jan 2025 17:45:31 +0100, Daniel Sahlberg
<daniel.l.sahlb...@gmail.com> wrote:
>> A separate RPi4 image can be built here and then transferred over via
>> Internet
>> so they can burn it to a blank SDcard and start the RPi device up there.
>> Once on that netywork I can manage it from here via VPN.
>>
>> Meanwhile I have to enable the script on the Ubuntu server and put
>> username/password into the call. That at least works, I have tested.
>> I will protect it by modifying the $HOME/.subversion directory and the
>> script to
>> be only accessible by me. But executable by the system of course.
>
>
>You are probably more secure by using the Python script linked from the FAQ
>to insert a password into the password cache than by putting it on the
>command line. In either case it is stored in plaintext on the computer. If
>it is on the command line, it will be visible using ps. If it is stored in
>the password cache, it will only be visible to root (as long as you protect
>your ~ in an appropriate way).

Not at all fluent in python so I want to avoid that....

UPDATE:
-------
I have now built an RPi4B device using the latest 64 bit PiOS and on that I get
a version of svn that *does* allow plaintext password cache. But it also came
with a desktop and the first thing that happened when I tried a subversion
command **from the ssh command line*** was that a dialog popped up on my
*desktop monitor* where I was asked to enter my password etc!!!

Exactly the same as a number of years ago when I could not understand why a svn
command just stalled without any output.

This time I saw it since I had a VNC connection too and when I entered the data
on the GUII screen my ssh command line command completed.

Sooo strange that it should throw up something in a completely different
environment than where the trigger was.

Anyway after it was fully configured I could send the disk image over to USA and
a person in the office loaded it on another RPi4B and it started fine.

So now I can VPN/VNC/SSH to the remote LAN and connect to the RPi4 on that LAN
and test my validation scripts, which did work.

So now I have a sync check being run late every night and if there is a
difference in revision numbers it will send me an alert email.



-- 
Bo Berglund
Developer in Sweden

Reply via email to