Comment 2 for bug 297398
Revision history for this message
| Martin Pool (mbp) wrote Re: support password/passphrase authentication for bazaar | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
example:
user runs 'bzr push lp:~johndoe/project/foo'
user has no ssh private keys, or none registered with launchpad, or has configured their client to prefer password auth
the ssh client negotiates with lp to do password authentication
ssh client prompts the user for their password, and sends it across the encrypted channel
launchpad checks the password against the database, just as when logging in over https
if the password is correct, launchpad allows the user in
Since the password is already used over https to _set_ the ssh pubkey, so in that regard the password is equally trusted.
However, if there is eg a dns-spoofing attack, and the user connects to a server that's not really launchpad (cf bug 238869), and they don't have keys configured, they will end up giving their password to that site. However, doing key based authentication would be nearly as bad because it allows a mitm attack. A better way to solve this is to make sure users can authenticate the server.
For some users it's much easier to type the password every time than to set up a key.