Change authentication method to svn+ssh.

This commit is contained in:
Martin v. Löwis 2005-08-08 07:18:17 +00:00
parent c0b589e388
commit d41da01c32
1 changed files with 32 additions and 18 deletions

View File

@ -71,9 +71,8 @@ Migration Procedure
To move the Python CVS repository, the following steps need to be
executed. The steps are elaborated upon in the following sections.
1. Assign passwords for all current committers for use on
svn.python.org. User names on SF and svn.python.org should be
identical, unless some committer requests a different user name.
1. Collect SSH keys for all current committers, along with usernames
to appear in commit messages.
2. At the beginning of the migration, announce that the repository on
SourceForge closed.
@ -88,14 +87,28 @@ executed. The steps are elaborated upon in the following sections.
6. Disable CVS access on SF.
Assign Passwords
Collect SSH keys
----------------
Currently, access to Subversion on svn.python.org uses WebDAV over
https, using basic authentication. For this to work, authorized users
need to provide a password. This mechanism should be used, at least
initially, for the Python CVS as well, since various committers also
have a username/password pair for the www SVN repository already.
After some discussion, svn+ssh was selected as the best method
for write access to the repository. Developers can continue to
use their SSH keys, but they must be installed on python.org.
In order to avoid having to create a new Unix user for each
developer, a single account should be used, with command=
attributes in the authorized_keys files.
The lines in the authorized_keys file should read like this
(wrapped for better readability)::
command="/usr/bin/svnserve --root=/svnroot -t
--tunnel-user='<username>'",no-port-forwarding,
no-X11-forwarding,no-agent-forwarding,no-pty
ssh-dss <key> <comment>
As the usernames, the real names should be used instead of
the SF account names, so that people can be better identified
in log messages.
Downloading the CVS Repository
@ -174,7 +187,8 @@ Publish the Repository
The repository should be published at https://svn.python.org/projects.
Read-write access should be granted through basic authentication to
all current SF committers; read-only anonymous access should also be
granted.
granted. Read-write access will go through
svn+ssh://pythondev@svn.python.org/projects.
As an option, websvn (available e.g. from the Debian websvn package)
could be provided. Unfortunately, in the test installation, websvn
@ -220,21 +234,21 @@ The rejected alternatives are shortly discussed here:
to the additional workload; migrating the repository again if
they get overworked is an option.
- People have expressed dislike of the basic auth (username/password)
authentication. Two alternatives have been suggested:
- Different authentication strategies were discussed. As
alternatives to svn+ssh were suggested
* Subversion over SSH, using SSH key pairs for a single Unix
account, restricted to the execution of svnserve. The pydotorg
admins have ruled out creation of one account per committer;
whether a single account would be acceptable is not yet
decided.
* Subversion over WebDAV, using SSL and basic authentication,
with pydotorg-generated passwords mailed to the user. People
did not like that approach, since they would need to store
the password on disk (because they can't remember it); this
is a security risk.
* Subversion over WebDAV, using SSL client certificates. This would
work, but would require us to administer a certificate authority.
Copyright
---------
=========
This document has been placed in the public domain.