[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OpenSSH and CVS

Matthew H. Ray wrote:

> I'm running Debian on a CVS server and have Debian clients.  We're using
> OpenSSH to replace the rsh calls in CVS.  The problem is that every time
> a cvs user makes a CVS call (like cvs diff file), they have to enter my
> password.  I know there's a way around this, but I can't find clear
> documentation. 

If you don't want to enter passwords then you could use RSA keys. (man ssh)
However you say - "enter my password" - that smacks of misconfiguration as
they should be entering *their* passwords, not yours.  Don't expect any
system which uses a single account shared among many users to be secure.

Also, if you have any wincvs users be sure you set your CVSROOT to
something that a) includes the :ext: protocol hint, and b) doesn't include
the username.  I have found through experience that wincvs is pretty picky
about those things, where unix clients aren't.  For example a good CVSROOT
is :ext:mycvsserver:/mycvs/root/path where as a bad one which will almost
certainly make wincvs choke (these get stored in the CVS control files
remember) is user@mycvsserver:/mycvs/root/path.

Jamie Heilman                   http://audible.transient.net/~jamie/
"You came all this way way without saying squat and now you're trying
 to tell me a '56 Chevy can beat a '47 Buick in a dead quarter mile?
 I liked you better when you weren't saying squat kid."	-Buddy

Reply to: