CMIIW: CVS over SSH with no shell access

To: DeBiAn uSeR LiSt <debian-user@lists.debian.org>
Subject: CMIIW: CVS over SSH with no shell access
From: Abdul Latip <dullatip@angin.com>
Date: Mon, 16 Jun 2003 03:05:17 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.4.21.0306160302030.26881-100000@florence.regex.com>

Hello:

I just want to be sure that I have not make any potential security
boo-boo here while setting CVS over SSH with no shell access. So
far, so good, but please CMIIW.

1. Is it considered a security risk to put the root into the
   /var/www/cvs/ (web) directory while protecting the CVSROOT/ 
   directory?

2. Is it considered a problem to share one CVS server account with
   several cvs (external) users?

3. I have set "PasswordAuthentication no" on the CVS server
   /etc/ssh/sshd_config file.

4. I have add a 'command=3D"/usr/bin/cvs server" ssh-rsa RSAKEY'
   line for each user into a CVS server account's
   ~/.ssh/authorized_keys file.

5. Is there anything in the CVSROOT/ directory that I have to fidle ?


References:
http://www.e-smith.org/docs/howto/cvs_ssh_howto.html
http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html_single/CVS-RCS-HOWTO.html
http://www.cvshome.org/docs/manual/cvs-1.11.6/cvs.html
http://www.kitenet.net/~joey/sshcvs/
http://ami.scripps.edu/software/cvs/
http://lists.debian.org/debian-user/2003/debian-user-200306/msg01962.html
http://lists.debian.org/debian-user/2003/debian-user-200306/msg02154.html
http://www.mail-archive.com/kiss%40worldless.net/msg03402.html


Thank you very much to all who have helped me, including Mike Mueller,
P.Y. Adi Prasaja, dan Bob Proulx.



--
Abdul Latip -- Angkasa Internet Junior Staff -- ANGIN.com
http://people.WebIndonesia.com/dullatip/ ----------------

Reply to:

Prev by Date: Re: Mounting windows boxes
Next by Date: Re: xdvitune not working properly
Previous by thread: Re: Mounting windows boxes - Got it!
Next by thread: Re: vim broken: unstable / hppa
Index(es):
- Date
- Thread