[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OpenSSH and CVS

On Tue, Feb 20, 2001 at 08:49:36AM -0500, Chris Matta wrote:
> This is easy:
> as the user that runs the CVS scripts:
>     run ssh-keygen
>     it will run thru and ask where you want the file (~/.ssh/identity will
> be fine)
>     when prompted for a password just hit return, and again on the next line
>     now copy the contents of ~/.ssh/identity.pub to the
> ~/.ssh/authorized_keys file on the machines you need to get to, if it
> doesn't exist create it.
>     you should now be able to login without a password.

Also note that if all you wish to provide is CVS access, you should
restrict the access only to the CVS server, for example by putting
something similar to the following in the authorized_keys file:

command="/usr/bin/cvs server",no-port-forwarding,no-X11-forwarding, \
    no-agent-forwarding 1024 35 1234...4321 foo@bar.com

The above should be on one line, I don't know if the backslash-
continuation works in authorized_keys, I haven't tried.

You might also find some interesting ideas from the following location:


Have fun.

Tommi Komulainen                                 Tommi.Komulainen@iki.fi
GPG 1024D/68388EE6    6FD6 DD79 EB38 BF6F 3533  09C0 04A8 9871 6838 8EE6

Attachment: pgp0An6HL2qhF.pgp
Description: PGP signature

Reply to: