cvs server auth setup 3.9
Didier Wiroth
didier.wiroth at mcesr.etat.lu
Fri May 19 08:06:05 PDT 2006
hello,
(I'm an obsd novice too ;-))
But I do it like this, with ssh authentication.
For example, as root do the following:
a) add users that will have access via ssh with adduser
b) groupadd cvsdev
c) usermod -G cvsdev userX
d) mkdir /home/cvs
e) chown root:cvsdev /home/cvs
f) chmod 770 root-cvsdev /home/cvs
g) export MYCVSROOT=/home/cvs
h) cvs -d $MYCVSROOT init
Now, you have to have a ssh shell access for this to work on your cvs server!!!
>From your workstation for example:
export MYCVSROOT=your_username at myserver:/home/cvs
cvs -q $MYCVSROOT import -m "my files are now imported" xyz
... you will now be prompted to login ...
A tip: you should setup authorized_keys & ssh-agent so you won't be asked again and again when you checkout, commit or anything else.
Here is a nice tutorial on how to this:
http://www.securityfocus.com/infocus/1812
In case you didn't notice: have a look at /etc/X11/xinit/xinitrc, there is a nice script that checks if you have authorized_keys in your home .ssh directory. It actually
loads the ssh-agent before the windowmanager. Try it, it's really nice, you won't have to enter the passphrases again and again when ssh-ing ....
This one:
# if we have private ssh key(s), start ssh-agent and add the key(s)
id1=$HOME/.ssh/identity
id2=$HOME/.ssh/id_dsa
id3=$HOME/.ssh/id_rsa
if [ -x /usr/bin/ssh-agent ] && [ -f $id1 -o -f $id2 -o -f $id3 ];
then
eval `ssh-agent -s`
ssh-add < /dev/null
fi
if [ "$SSH_AGENT_PID" ]; then
ssh-add -D < /dev/null
eval `ssh-agent -s -k`
fi
I hope this is what you want ;-))
That's it
Good luck
Didier
More information about the Openbsd-newbies
mailing list