From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 24342 invoked by alias); 5 Dec 2010 08:33:40 -0000 Received: (qmail 24331 invoked by uid 22791); 5 Dec 2010 08:33:39 -0000 X-SWARE-Spam-Status: No, hits=-2.2 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS X-Spam-Check-By: sourceware.org Received: from taro.utanet.at (HELO taro.utanet.at) (213.90.36.45) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Sun, 05 Dec 2010 08:33:32 +0000 Received: from plenty.xoc.tele2net.at ([213.90.36.8]) by taro.utanet.at with esmtp (Exim 4.71) (envelope-from ) id 1PPA2C-0001zz-R0; Sun, 05 Dec 2010 09:33:28 +0100 Received: from d83-187-160-20.cust.tele2.at ([83.187.160.20] helo=[10.0.0.18]) by plenty.xoc.tele2net.at with esmtpa (Exim 4.71) (envelope-from ) id 1PPA2C-0001ff-FS; Sun, 05 Dec 2010 09:33:28 +0100 Message-ID: <4CFB4FFC.8070705@domob.eu> Date: Mon, 06 Dec 2010 17:36:00 -0000 From: Daniel Kraft User-Agent: Thunderbird 2.0.0.0 (X11/20070425) MIME-Version: 1.0 To: overseers@gcc.gnu.org, Daniel Kraft , Hans-Peter Nilsson Subject: Re: Write access from compile farm References: <4CFA1571.5030300@domob.eu> <20101205060427.GA26279@ednor.casa.cgf.cx> In-Reply-To: <20101205060427.GA26279@ednor.casa.cgf.cx> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Mailing-List: contact overseers-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: , Sender: overseers-owner@sourceware.org X-SW-Source: 2010-q4/txt/msg00072.txt.bz2 Hi, Christopher Faylor wrote: > On Sat, Dec 04, 2010 at 07:21:35PM -0500, Hans-Peter Nilsson wrote: >> On Sat, 4 Dec 2010, Daniel Kraft wrote: >> >>> some time ago I started using the GCC compile farm for development; so I'm >>> wondering whether it is ok to have SVN write access from the accounts there -- >>> or this is considered insecure. What are the policies there? >>> >>> As SVN write authentication is done with a public key, I guess that this means >>> you have to set the access up appropriately up for any machine I want to use >>> for check-in, right? So... in case the write-access from compile farm is ok, >>> can I generate a public key there and submit it to you -- or what should I do? >> Assuming those who set policies don't disagree, and you're >> talking about interactive session (i.e. not a cron job or robot) >> just forward the *auhentication session*, no need to forge a new >> key or deal with copying keys. Look at what ssh says about its >> -A option and ForwardAgent config. (It might even be the >> default for you.) I'm not sure, but you might have to have >> ssh-agent running. > > This is actually a better way of doing this than what I suggested since > what I suggested means copying a private key to a semi-public machine. thanks a lot for the useful tipps! Yours, Daniel -- http://www.pro-vegan.info/ -- Done: Arc-Bar-Cav-Kni-Ran-Rog-Sam-Tou-Val-Wiz To go: Hea-Mon-Pri