From owner-freebsd-questions@FreeBSD.ORG  Fri Sep 28 23:38:30 2012
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0557D1065670;
	Fri, 28 Sep 2012 23:38:30 +0000 (UTC)
	(envelope-from david.i.noel@gmail.com)
Received: from mail-ie0-f182.google.com (mail-ie0-f182.google.com
	[209.85.223.182])
	by mx1.freebsd.org (Postfix) with ESMTP id A96118FC0C;
	Fri, 28 Sep 2012 23:38:27 +0000 (UTC)
Received: by ieak10 with SMTP id k10so4451293iea.13
	for <multiple recipients>; Fri, 28 Sep 2012 16:38:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=mime-version:reply-to:in-reply-to:references:date:message-id
	:subject:from:to:cc:content-type;
	bh=NcBmqdxEKph4/H0ImVA/NHJAZITB1fcl62qcWrjdZh0=;
	b=gkk83fBTyEyO3IUBayE8CuHPzjomgaSM+C7DJFZtUqFDvqaSCKNJ2QU3k1D+5eOY3I
	PC4yPYDcOSKTmTYly9PGe6xjPE2FHOVq97Er0eBlwnU72TSq8kTbSmq+hFApO1JgvYiR
	BzthOh/JZjKd126hq/hZe2DW5zGYg+ugG1MAKqY69lr4h/WPMzZQ3F66w3h2cymo9slT
	Oeixaomd0gcTBCdxuulYaZZautuTY415uA9LJJtlE6G13DtceDofcYGBJRu9oWi4wwgv
	hs5YQmnbtsLa0ddPTcpdicPaAOKHizIj7NPogYkYWIwK7CvOTjOFhs1TMMTiK6G/Ffc2
	j8dg==
MIME-Version: 1.0
Received: by 10.50.10.131 with SMTP id i3mr255226igb.10.1348875507391; Fri, 28
	Sep 2012 16:38:27 -0700 (PDT)
Received: by 10.64.25.130 with HTTP; Fri, 28 Sep 2012 16:38:27 -0700 (PDT)
In-Reply-To: <CAHAXwYDFi1A_z-6XV0PkhFpUQY_ySwd8jKjPqze=pr7Nw8gEyA@mail.gmail.com>
References: <CAFS4T6bMvrPFBECkT_dOZd4XWTAFt_-j62fO1C8YS8C38wpNXw@mail.gmail.com>
	<alpine.BSF.2.00.1209280014410.2700@mail.fig.ol.no>
	<CAFS4T6YPpZTRRjOVmSxE8L3D4w1SMFT4_W8GEJogUODRuwKmxw@mail.gmail.com>
	<alpine.BSF.2.00.1209280100460.2700@mail.fig.ol.no>
	<20120928102822.GD2389@kontrol.kode5.net>
	<alpine.BSF.2.00.1209281237010.2700@mail.fig.ol.no>
	<20120928115700.GE2389@kontrol.kode5.net>
	<CAFS4T6bxr+tZbMXF9Kr+n+mRTZQuPtbtAK2QSHDwoy=pmnDOrg@mail.gmail.com>
	<CAHAXwYD+oohtWcYjeN+iHWfJonWaK7Jo1hcqtbMECM=AhAQ6sw@mail.gmail.com>
	<CAFS4T6YzbqQuqiHmyQdNtmS9OW_Kyodx46wT5wYgCk2p1bF=Eg@mail.gmail.com>
	<50660AEF.2010301@FreeBSD.org>
	<CAHAXwYDFi1A_z-6XV0PkhFpUQY_ySwd8jKjPqze=pr7Nw8gEyA@mail.gmail.com>
Date: Fri, 28 Sep 2012 18:38:27 -0500
Message-ID: <CAHAXwYAzoCO2kk+cj8qe81ivNpNqrU0nO9AHORw1zR_bGn_URQ@mail.gmail.com>
From: David Noel <david.i.noel@gmail.com>
To: Matthew Seaman <matthew@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Cc: Ed Flecko <edflecko@gmail.com>, freebsd-questions@freebsd.org
Subject: Re: svn checkout "head" or "stable"
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: David.I.Noel@gmail.com
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Sep 2012 23:38:30 -0000

On 9/28/12, David Noel <david.i.noel@gmail.com> wrote:
> On 9/28/12, Matthew Seaman <matthew@freebsd.org> wrote:
>> On 28/09/2012 20:41, Ed Flecko wrote:
>>> David - I'd like to, but every time I try that it prompts me for a
>>> password...and I don't know what password it wants???
>>
>> That would be the password to a freebsd.org account, which isn't going
>> to work for most people on two counts:
>>
>>    * freebsd.org uses SSH keys for authentication, not passwords.
>>
>>    * even if you've got a SSH key, not being a FreeBSD committer you
>>      probably don't have a freebsd.org account.
>>
>> For anonymous access, you can use http or svn.  Given that anonymous
>> access is read-only, there's really not much to be gained from SSH or
>> other means of encrypting the connection, either for you, or for the
>> FreeBSD servers.  It's anonymous, so you don't care about
>> authentication.  FreeBSD sources are publicly available, so you don't
>> care about anyone eavesdropping on the traffic.  About the only thing
>> you're still exposed to is a man-in-the-middle attack, where someone
>> could pose as a FreeBSD server and feed you a trojanned set of sources
>> -- but then, you'ld still be exposed in exactly the same way even using
>> svn+ssh.  In practice, attacks of this type are very (pretty much
>> vanishingly) rare.  If they do concern you, then use portsnap(8) /
>> freebsd-update(8) which has specific cryptographic protection against
>> such things.  The portsnap and freebsd-update build systems also have
>> special access to the master FreeBSD repositories to minimize the
>> chances that they themselves could be fed trojanned sources.
>>
>> 	Cheers,
>>
>> 	Matthew
>>
>> --
>> Dr Matthew J Seaman MA, D.Phil.
>> PGP: http://www.infracaninophile.co.uk/pgpkey
>
>
> MITM-based attacks--and subsequent corrupted sources--are my concern.
> It was my understanding that anonymous svn+ssh would prevent this
> assuming the host key was properly verified against
> http://www.freebsd.org/internal/ssh-keys.asc.
>
> Recently I've installed from an iso and then manually updated with
> pgp-signed security patches. It would certainly be nice to have some
> secure source update mechanism though.
>

Apologies for the spam and the hastily written closing paragraph. I
was hoping to end with a heartwarming anecdote that would leave the
reader with no choice but to agree that anonymous ssh+svn access would
benefit us all.

AnonCVS is still of course an option, but with its eventual retirement
the addition of an anonymous svn+ssh account would seem fitting, or at
least consistent.

-David