Bug#322129: marked as done (RFP: cvssh -- a secure bridge for cvs pservers using SSL tunnel)

To: David Moreno Garza <damog@merkel.debian.org>
Subject: Bug#322129: marked as done (RFP: cvssh -- a secure bridge for cvs pservers using SSL tunnel)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Wed, 16 Aug 2006 11:03:54 -0700
Message-id: <[🔎] handler.322129.D322129.115575117917497.ackdone@bugs.debian.org>
References: <E1GDPg2-0005ll-LY@merkel.debian.org> <E1E2P1t-0001eF-6E@cante.cante.net>

Your message dated Wed, 16 Aug 2006 11:59:38 -0600
with message-id <E1GDPg2-0005ll-LY@merkel.debian.org>
and subject line WNPP bug closing
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: RFP: cvssh -- a secure bridge for cvs pservers using SSL tunnel
From: Jari Aalto <jari.aalto@cante.net>
Date: Tue, 09 Aug 2005 11:00:08 +0300
Message-id: <E1E2P1t-0001eF-6E@cante.cante.net>

Package: wnpp
Severity: wishlist

* Package name    : cvssh
  Version         : 0.3
  Upstream Author : <sabren@manifestation.com>
* URL             : http://sabren.net/code/cvssh/
* License         : GPL
  Description     : a secure bridge for cvs pservers using SSL tunnel

Language: python.

(Include the long description here.)

[From the above URL]

The cvs pserver option is a useful but insecure tool for managing cvs
repositories. Most approaches to securing cvs either involve ssh
tunneling or avoid pserver altogether. The cvssh program offers a
third alternative, which combines the simplicity of ext on the client
with the flexibility of a pserver-based repository.

There are actually several other ways to access cvs:

    method		pros			cons	
    ---------------------------------------------------------------------
    pserver		easy to manage		horribly insecure	
    chrooted 		pserver + ssh		can be fairly secure	
						complex setup	
    ext (CVS_RSH=ssh)	security through ssh	requires shell accounts	
    kserver/gserver	kerberos security	no win32 support (??)
    ---------------------------------------------------------------------

The ext method is interesting, because it lets you specify an external
program for connecting to the repository. By default, that program is
RSH (remote shell), but usually, people change this to ssh (secure
shell) because it encrypts your data as it moves across the net.

A basic pserver setup has no encryption, which is one reason it's
insecure. Most schemes to secure pserver involve setting up ssh to
listen on the local cvspserver port (2401) and securely forward
connections to the cvspserver port on the real server. This is called
tunnelling.

The tunnelling concept is a good one, but it can be somewhat confusing
for users to set up, and it still requires at least one shell account
to work.

I wanted something that would be simpler for my customers to set up,
so I came up with my own tunnelling scheme that does not rely on ssh
port forwarding.


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US)

--- End Message ---

--- Begin Message ---

To: 322129-done@bugs.debian.org
Subject: WNPP bug closing
From: David Moreno Garza <damog@merkel.debian.org>
Date: Wed, 16 Aug 2006 11:59:38 -0600
Message-id: <E1GDPg2-0005ll-LY@merkel.debian.org>

Hello,

This is an automatic mail sent to close the RFP you have reported or 
are involved with.

Your RFP wnpp bug is being closed because of the following reasons:
- It is, as of today, older than 365 days.
- It hasn't had any activity recently.

As this is an automatic procedure, it could of course have something
wrong and probably it would be closing some bugs that are not 
intended by owners and submitters (like you) to be closed, for
example if the RFP is still of your interest, or there has been 
some kind of activity around it. In that case, please reopen the
bug, do it, DO IT NOW! (I don't want to be blamed because of
mass closing and not let people know that they can easily reopen
their bugs ;-).

To re-open it, you simply have to mail control@bugs.debian.org
with a body text like this:

reopen 322129
thanks bts

Further comments on the work done in the bug sent to
322129@bugs.debian.org would be truly welcomed.
Anyway, if you have any kind of problems when dealing with
the BTS, feel free to contact me and I'd be more than happy to help
you on this: <damog@debian.org>.

A similar process is being applied to other kind of wnpp bugs.

Thanks for your cooperation,

 -- David Moreno Garza <damog@debian.org>.

--- End Message ---

Reply to:

Prev by Date: Bug#323398: marked as done (RFP: python-networkx -- package for the creation, manipulation, and study of the structure, dynamics, and functions of complex networks)
Next by Date: Bug#323166: marked as done (ITP: libboost-log -- logging library for C++)
Previous by thread: Bug#323398: marked as done (RFP: python-networkx -- package for the creation, manipulation, and study of the structure, dynamics, and functions of complex networks)
Next by thread: Bug#323166: marked as done (ITP: libboost-log -- logging library for C++)
Index(es):
- Date
- Thread