?
Solved

Configure CVS to use winbind for authentication?

Posted on 2003-03-27
2
Medium Priority
?
793 Views
Last Modified: 2013-12-15
Hello,
I currently have two sites accessing my Samba server. One site is in a Win2K domain, and they authenticate using winbind - this allows their domain username and password to work. The second site is not in the domain, so they are using smb encrypted passwords (smbpasswd file). Winbind is configured to check the files first, and then go to the domain second.

I am looking to deploy CVS to these two sites on the same server, and would like to try to use the same authentication methods. It seems that CVS only wants to use the /etc/passwd file (besides rhosts, ssh, etc). This means setting extra passwords for each user (something I avoided doing for Samba).

Is there any way that I can configure CVS to use winbind or smbpasswd for authentication?

The server is RedHat 8.0, cvs-1.11.2-5, and the clients are using WinCvs or TortoiseCVS.

thanks!
JP
0
Comment
Question by:JammyPak
2 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 900 total points
ID: 8223683
CVS has several authentification methods, for example using /etc/passwd (which is not recommended, see docs) or CVS' private passwd in CVSROOT (see docs too)
IIRC all CVS docs recommend to use the CVS' private authentification to avoid exposing user passwords, keep in mind that CVS' main purpose is inter-operability and not security.

Well, this ends up in having at least 2 passwords, or lazy users using the same for system and CVS. And its far avay from single-sign-on. You have to decide what has the higher priority: security or CVS.
0
 
LVL 16

Author Comment

by:JammyPak
ID: 8270834
It seems there may be some potential to use PAM to authenticate to CVS with SMB authentication - before I give up on this, does anyone have any tips on this idea?

JP
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses
Course of the Month9 days, 3 hours left to enroll

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question