[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure remote CVS

From: Mike Castle
Subject: Re: Secure remote CVS
Date: Mon, 5 Feb 2001 15:52:55 -0800
User-agent: Mutt/1.3.6i

On Mon, Feb 05, 2001 at 05:05:51PM -0600, David H. Thornley wrote:
> I recommended setting CVS_RSH=ssh, and was told that the users
> then had to type in their password for every file being transferred,
> and that is more typing than they're willing to put up with.

What implementation of ssh are they using?

I was using a port of 1.2.14 to win32 and did the following:

Set up HOME environment variables for everyone, and create %HOME%/.ssh
directories for all involved.  (also handy place to put .cvsrc and
.cvsignore files too).

On all of the clients, run ssh-keygen and supply NO passphrase (It turns
out the particular port that I used was broken in this aspect.  So I had
to run ssh-keygen on the unix box and ftp files back.  It was a pain,
but worked.  Apparently there is a work around for this particular port,
but I forget what it is).

Then we did the appropriate things with public/private key files onto the
server (been a while since set it up so don't remember details).

Now, problem with this is that any access to this machine/account now
allows access to the cvs server without another need for a password.  Is
that sufficient or not?

If using a Cygwin port, can you do things with ssh-agent to have it up and
running?  I've never used ssh-agent so don't know if it would serve this
purpose or not.

       Mike Castle       Life is like a clock:  You can work constantly
  address@hidden  and be right all the time, or not work at all and be right at least twice a day.  -- mrc
    We are all of us living in the shadow of Manhattan.  -- Watchmen

reply via email to

[Prev in Thread] Current Thread [Next in Thread]