On Mon, Mar 21, 2011 at 12:36 PM, Cecil Westerhof <ce...@decebal.nl> wrote: > As I understood it, the best way to setup subversion is just with > svnserve. Because it is accessed through the Internet, we should also > SASL. > > It looks like the passwords are then stored in a text-file. Which > means that when an user want to change his password, the maintainer of > the svnserver has to change the password and mail it to the user. Is > this correct, or am I overlooking something?
Cecil, there are trade-offs. Do go to the redbook at http://svnbook.red-bean.com/. svnserve works, but is not automatically encrypted, and has poor logging. HTTP/HTTPS access can be set to encryption, but the UNIX/Linux clients store passwords in cleartext locally, which I personally consider absolute anathema. svn+ssh works, but handling the SSH public keys is awkward and has no tool for easy management of access. They've all got trade-offs: different ports need to be acessible for clients, for example. SASL, in particular, *CAN* be managed by authorized users from offsite, but it requires more infrastructure.
