5

I'm trying to update my Subversion configuration so that it won't store passwords in plaintext. I understand that you need to update the configuration in the ~/.subversion/servers file to prevent this by adding a line: "store-plaintext-passwords = no".

I've done this, but my Subversion client continues to show me the standard warning:

———————————————————————————————————-
ATTENTION! Your password for authentication realm:

RainStorm Subversion Repository
can only be stored to disk unencrypted! You are advised to configure
your system so that Subversion can store passwords encrypted, if
possible. See the documentation for details.

You can avoid future appearances of this warning by setting the value
of the ‘store-plaintext-passwords’ option to either ‘yes’ or ‘no’ in
’/home/.subversion/servers’.
———————————————————————————————————-

I've tried logging out and logging back in again from the terminal, but that doesn't seem to make a difference. I assume that with SVN it's just a CLI tool and not a daemon that I have to restart, but I'm not positive.

What might be going on?

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Matt James
  • 491
  • 3
  • 11

3 Answers3

5

To disable the warning, edit your ~/.subversion/servers file.
Add/modify the following section to it :

[global]
store-plaintext-passwords=no
TheCodeArtist
  • 21,479
  • 4
  • 69
  • 130
Andy Ericksen
  • 51
  • 1
  • 3
0

Did you cut-and-paste that error message? If so, "/home/.subversion/servers" is not the same as "~/.subversion/servers".

Buster
  • 546
  • 7
  • 23
  • The directory path /home/.subversion/servers does not exist on my server, but ~/.subversion/servers does. It's been a while, but I believe the ~ path was the one referenced in all the documentation I read. – Matt James May 25 '12 at 03:04
0

I'm trying to update my Subversion configuration so that it won't store passwords in plaintext.

Does it store as plain text?

Windows passwords (for repositories) are always stored securely. It is only Linux where there has been an issue.

SVN 1.6 added two secure options for Linux users -- GNOME Keyring and KDE Kwallet. They are both compile-time options, so the binary you use has to have support for one or both of these.

The CollabNet binaries support GNOME Keyring. If you are using SVN from a graphical GNOME desktop it should "just work".

ADDON 1

Subversion clients store authentication data in ./subversion/auth for each realm.

To remove cached data go to “.subversion/auth/svn.simple” folder and delete the particular file.

Disable caching by opening “config” file in “.subversion” folder and setting the values of “store-passwords” and “store-auth-creds” to “no” or use –no-auth-cache as command line argument.

Somehow

[auth]
...
password-stores =

may also help.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Lazy Badger
  • 94,711
  • 9
  • 78
  • 110
  • Subversion 1.6 throws a prompt before storing passwords in plain text if it is unable to locate a mechanism to encrypt passwords provided by the operating system. – Lazy Badger Oct 13 '11 at 15:39
  • Yes, I'm trying to make it so that this prompt won't show up and also won't store passwords at all, plain text or encrypted. I just want to to type in the password each time. – Matt James Oct 17 '11 at 19:58