[p4] password encyrption
David Jones
drj at ravenbrook.com
Fri Oct 6 01:20:56 PDT 2006
On 5 Oct 2006, at 22:50, Jeff Grills wrote:
> You can always tunnel p4 through SSH if you're that concerned about
> security. See this tech note:
>
> http://www.perforce.com/perforce/technotes/note022.html
>
> And this too:
>
> http://www.perforce.com/perforce/doc.061/manuals/p4sag/
> 03_superuser.html#104
> 5198
>
> Even if there's not a firewall in the way, you can likely find a
> way to keep
> the box from receiving any packets to the P4 port except over the
> local
> loopback interface (this would be trivial with linux & ipchains), and
> require users to ssh into the perforce server box and use a ssh
> port tunnel
> to access the server.
Every socket server should have an option to bind to a particular
interface or interfaces and it's a small bug that p4d does not. Of
course with this being such a useful feature it would be better if
Unix could somehow support this in the shell. inetd allows you to
specify that a server runs only on 127.0.0.1 (for example) but no-
ones runs their p4d in inetd mode do they?
drj
More information about the perforce-user
mailing list