Date: Fri, 28 Sep 2012 18:38:27 -0500 From: David Noel <david.i.noel@gmail.com> To: Matthew Seaman <matthew@freebsd.org> Cc: Ed Flecko <edflecko@gmail.com>, freebsd-questions@freebsd.org Subject: Re: svn checkout "head" or "stable" Message-ID: <CAHAXwYAzoCO2kk%2Bcj8qe81ivNpNqrU0nO9AHORw1zR_bGn_URQ@mail.gmail.com> In-Reply-To: <CAHAXwYDFi1A_z-6XV0PkhFpUQY_ySwd8jKjPqze=pr7Nw8gEyA@mail.gmail.com> References: <CAFS4T6bMvrPFBECkT_dOZd4XWTAFt_-j62fO1C8YS8C38wpNXw@mail.gmail.com> <alpine.BSF.2.00.1209280014410.2700@mail.fig.ol.no> <CAFS4T6YPpZTRRjOVmSxE8L3D4w1SMFT4_W8GEJogUODRuwKmxw@mail.gmail.com> <alpine.BSF.2.00.1209280100460.2700@mail.fig.ol.no> <20120928102822.GD2389@kontrol.kode5.net> <alpine.BSF.2.00.1209281237010.2700@mail.fig.ol.no> <20120928115700.GE2389@kontrol.kode5.net> <CAFS4T6bxr%2BtZbMXF9Kr%2Bn%2BmRTZQuPtbtAK2QSHDwoy=pmnDOrg@mail.gmail.com> <CAHAXwYD%2BoohtWcYjeN%2BiHWfJonWaK7Jo1hcqtbMECM=AhAQ6sw@mail.gmail.com> <CAFS4T6YzbqQuqiHmyQdNtmS9OW_Kyodx46wT5wYgCk2p1bF=Eg@mail.gmail.com> <50660AEF.2010301@FreeBSD.org> <CAHAXwYDFi1A_z-6XV0PkhFpUQY_ySwd8jKjPqze=pr7Nw8gEyA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/28/12, David Noel <david.i.noel@gmail.com> wrote: > On 9/28/12, Matthew Seaman <matthew@freebsd.org> wrote: >> On 28/09/2012 20:41, Ed Flecko wrote: >>> David - I'd like to, but every time I try that it prompts me for a >>> password...and I don't know what password it wants??? >> >> That would be the password to a freebsd.org account, which isn't going >> to work for most people on two counts: >> >> * freebsd.org uses SSH keys for authentication, not passwords. >> >> * even if you've got a SSH key, not being a FreeBSD committer you >> probably don't have a freebsd.org account. >> >> For anonymous access, you can use http or svn. Given that anonymous >> access is read-only, there's really not much to be gained from SSH or >> other means of encrypting the connection, either for you, or for the >> FreeBSD servers. It's anonymous, so you don't care about >> authentication. FreeBSD sources are publicly available, so you don't >> care about anyone eavesdropping on the traffic. About the only thing >> you're still exposed to is a man-in-the-middle attack, where someone >> could pose as a FreeBSD server and feed you a trojanned set of sources >> -- but then, you'ld still be exposed in exactly the same way even using >> svn+ssh. In practice, attacks of this type are very (pretty much >> vanishingly) rare. If they do concern you, then use portsnap(8) / >> freebsd-update(8) which has specific cryptographic protection against >> such things. The portsnap and freebsd-update build systems also have >> special access to the master FreeBSD repositories to minimize the >> chances that they themselves could be fed trojanned sources. >> >> Cheers, >> >> Matthew >> >> -- >> Dr Matthew J Seaman MA, D.Phil. >> PGP: http://www.infracaninophile.co.uk/pgpkey > > > MITM-based attacks--and subsequent corrupted sources--are my concern. > It was my understanding that anonymous svn+ssh would prevent this > assuming the host key was properly verified against > http://www.freebsd.org/internal/ssh-keys.asc. > > Recently I've installed from an iso and then manually updated with > pgp-signed security patches. It would certainly be nice to have some > secure source update mechanism though. > Apologies for the spam and the hastily written closing paragraph. I was hoping to end with a heartwarming anecdote that would leave the reader with no choice but to agree that anonymous ssh+svn access would benefit us all. AnonCVS is still of course an option, but with its eventual retirement the addition of an anonymous svn+ssh account would seem fitting, or at least consistent. -David
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHAXwYAzoCO2kk%2Bcj8qe81ivNpNqrU0nO9AHORw1zR_bGn_URQ>