[lug] VPN or SSH for cvs?

[Rob Nagler]

> same effect as if you were leaving an SSH tunnel open.  If you leave 
> your keyboard open, anyone could come by and use your open tunnel, so 
> using ssh-agent is the same amount of risk.

Good point.  Interesting risk trade-off.  In the case of ssh-agent,
you are opening up your private key to local snoopers.  The downside
is that once the key is stolen, you can get to N machines, assuming
you use the same private key for all your connections.

With tunneling, you leave the door open to just about anybody on the
machine to get to one other machine and to a specific set of
primitives.  The tunnel doesn't do user process auth.  (I would think
ssh should do this, but it doesn't.)

I think tunneling cvs pserver has the best risk/reward ratio.  You get
cvs without logins.  Your cvs password is different from your regular
password because it is stored in ~/.csvpass.  In the worst case
scenario, the cracker gains access to cvs on the remote machine.
Since you can't delete anything with cvs, the damage is a denial of
service attack by flooding the file system and/or packets.  This can
be stopped by logging out.

The private key case is worse, because you have to delete all copies
of the public key, which might be many machines.

Rob