On Mon, 13 Jan 2025 17:45:31 +0100, Daniel Sahlberg <daniel.l.sahlb...@gmail.com> wrote:
>> A separate RPi4 image can be built here and then transferred over via >> Internet >> so they can burn it to a blank SDcard and start the RPi device up there. >> Once on that netywork I can manage it from here via VPN. >> >> Meanwhile I have to enable the script on the Ubuntu server and put >> username/password into the call. That at least works, I have tested. >> I will protect it by modifying the $HOME/.subversion directory and the >> script to >> be only accessible by me. But executable by the system of course. > > >You are probably more secure by using the Python script linked from the FAQ >to insert a password into the password cache than by putting it on the >command line. In either case it is stored in plaintext on the computer. If >it is on the command line, it will be visible using ps. If it is stored in >the password cache, it will only be visible to root (as long as you protect >your ~ in an appropriate way). Not at all fluent in python so I want to avoid that.... UPDATE: ------- I have now built an RPi4B device using the latest 64 bit PiOS and on that I get a version of svn that *does* allow plaintext password cache. But it also came with a desktop and the first thing that happened when I tried a subversion command **from the ssh command line*** was that a dialog popped up on my *desktop monitor* where I was asked to enter my password etc!!! Exactly the same as a number of years ago when I could not understand why a svn command just stalled without any output. This time I saw it since I had a VNC connection too and when I entered the data on the GUII screen my ssh command line command completed. Sooo strange that it should throw up something in a completely different environment than where the trigger was. Anyway after it was fully configured I could send the disk image over to USA and a person in the office loaded it on another RPi4B and it started fine. So now I can VPN/VNC/SSH to the remote LAN and connect to the RPi4 on that LAN and test my validation scripts, which did work. So now I have a sync check being run late every night and if there is a difference in revision numbers it will send me an alert email. -- Bo Berglund Developer in Sweden
