ID: 5999 Fixed in:
Issue Date: 2010-09-15 09:55 AEST Owner:  CVS Support
Last Modified:  2015-06-11 11:19 AESTReporter:  Arthur Barrett
Current Est.  0.0 hours % Complete:  0.0  
Status:NEW / Severity:normal

Affected:  2.8.01
Description:  windows client: 'cvs passwd', 'cvs login' warn on first use

Actions:    
2010-09-15 09:55 AEST by Arthur Barrett - The 'cvs passwd' and 'cvs login' commands are not usually used on windows.

People familiar with SVN or very old versions of CVS often appear to believe 
they need to 'create users' or 'login'.  CVSNT (particularly on windows - but
even on linux) is designed to be more secure and use your authentication token
instead (with gserver or sspi).

I propose that a series of dialog boxes be used to warn users of improper use,
each with a 'do not show this warning again' option that is OFF by default.

On windows:

* cvs passwd (any protocol)
  - for 99% of customers this command should not be used.  Read the 'guide to
cvsnt authentication' for more information.
    <standard blurb about tokens>

* cvs login (sspi or gserver)
  - for 99% of customers this command should not be used.  Read the 'guide to
cvsnt authentication' for more information.
    <standard blurb about tokens>


Standard blurb about tokens:
=============================

When you log in to a windows computer you are given an authentication toekn -
this allows you to access network resources without supplying a password.  The
token proves you have already been authenticated.  Active directory
administrators can set expiry times and encryption requirements for these tokens.

The safest and most secure way to use Software Change and Configuration
Management is to rely on these tokens to identify users.  All users (including
'build' users) should have real windows login accounts and those accounts will
automatically have access to CVS Suite Server.

The 'cvs login' command is primarily used to impersonate one user account from a
different account and should only be performed by system adminstrators.


Documentation
==============

We probably need a new eBook for trial users (or all users?) 'guide to cvsnt
authentication' which covers:
* token based auth
  -- sspi
  -- gserver
* certificate based auth
  -- sserver
  -- ssh
* why impersonation compromises SCCM
* RSA SecurID
* password based auth
  -- sserver
  -- pserver
* alias users (where your cvsnt name is different to your login name)
* users file (linking email to userid)
 
2015-06-11 11:19 AEST by Arthur Barrett - Also see bug 5184.

The 'cvs login' command is routinely used with sspi if connecting from 'home' via a VPN (or it's an external 
contractor).  In these cases it would be a lot better to force the use of cvsagent rather than 'cvs login'.

On windows, I think 'cvs login' should be basically deprecated and replaced with 'cvsagent'.  For people 
who really know what they are doing and want a password permanently stored in the registry then they 
should be forced to use 'cvs login --force --yes-I-want-to-tell-everyone-my-password' or something.


     Query page