Vijay, On the client side I am using WinCVS and Tortoise CVS with ssh public key authentication. I am using the putty plink.exe command line client to obtain the SSH connection with CVS. I just need to set the path to the private key and specify plink.exe as the rsh executable in WinCVS.
I tried attached detailed instructions in an attached zipped Word file but the list ate it. :) I will summarize below. I am using OpenSSH on the server-side not SSH2 so I can't help out too much with that. The O'Reilly book "SSH, the Secure Shell: The Definitive Guide" (see http://safari.oreilly.com/0596000111) is an excellent source for how to set up sshd with SSH2. Basic Configuration Project contributors have access to the repository using the secure shell protocol (SSH) for the purpose of interacting with the CVS repository only. Only the SSH2 protocol with RSA public keys can be used to access this server. Password access has been disabled and SSH accounts are not allowed shell account access for interactive sessions. This is, of course, for security reasons. Each project contributor has an account on the server for the purpose of using CVS. SCM Server Configuration: OS: Windows XP Professional with cygwin CVS server: cygwin CVS server port ssh server: cygwin openssh port (using SSH2 mode with 1024 RSA bit keys) Recommended Environment There are two basic configurations that can be used for accessing the CVS repository. For those who are comfortable with Unix-style command-line clients for CVS and ssh the recommended approach is to use cygwin for these purposes. For those who want to use a Windows graphical application the recommended setup is WinCVS and TortoiseCVS for CVS and Putty for ssh. The CVSROOT should be set as follows: Unix-style CVSROOT :ext:[EMAIL PROTECTED]:/cvs Windows CVSROOT :ext:cvssession:/cvs The recommended clients are discussed below. Windows Graphical Client Setup In order to setup your machine for CVS access using Windows graphical clients the following products must be downloaded, installed, and configured. Putty ssh client Plink ssh command-line client PuttyGen key generator WinCVS cvs client Tortoise CVS Explorer Shell extension (very cool!) Step 1. Download Putty, Plink, and PuttyGen client programs download from http://www.chiark.greenend.org.uk/~sgtatham/putty/ These programs are all executables and can be run immediately without the need for installing. If Windows complains when you run these make sure you use the FTP download since I have had difficulty using the http download from IE. Step 2. Create a public/private Key Pair using PuttyGen Run the puttygen.exe executable Set the radio buttons on the bottom to SSH2 RSA and click the Generate button. You will be prompted to randomly move the mouse around Click on Save private key and choose a location for the key that is secure. You will need to remember the location of this key file for a later step. You will be prompted for a pass phrase when you do this. I recommend not using a pass phrase and saying "Yes". This makes it easier to use CVS with the ssh method. This is secure as long as nobody else can physically access your machine to use your key. If you want to use a pass phrase for extra security then the private key will be encrypted with that pass phrase and nobody can use it without supplying the pass phrase. You can still avoid constantly typing the pass phrase by downloading and configuring the Pageant SSH authentication agent but you are on your own :) Step 3. Set up public key on server account Specific to SSH2 For SSH2, you need to edit two files, one on the client machine and one on the server machine. On the client machine, create or edit the file ~/.ssh2/identification and insert a line to identify your private key file: IdKey id_dsa_1024_a On the server machine, create or edit the file ~/.ssh2/authorization, which contains information about public keys, one per line. But unlike SSH1's authorized_keys file, which contains copies of the public keys, the authorization file lists only the filename of the key: Key id_dsa_1024_a.pub Finally, copy id_dsa_1024_a.pub from your local machine to the remote SSH2 server machine, placing it in ~/.ssh2. Regardless of which SSH implementation you use, make sure your remote SSH directory and associated files are writable only by your account. Step 4. Establish a saved Putty Session and attempt to connect to your account You should use the Putty client to establish a saved session to access the account. Run the putty.exe executable I recommend saving your session as cvssession so that the CVSROOT given above will work as is. There are three screens that you need to go to in this dialog to set up the session. First type the name of the session in the Saved Sessions textbox and hit the Save button. Don't hit the Open button until you are ready to test the connection since this will prevent you from saving. This is just an annoying feature of Putty. Enter the IP address of the CVS server in the Host Name box Select the ssh protocol Next go to the tree on the left and select the Connection node Enter your cvs user name in the Auto-login username textbox Next go to the tree on the left and select the Connection/SSH/Auth node Hit the browse button and select your private key file. (Don't Hit Open!!!!) Go back to the Session node and click on Save to save the session. Now click on the Open button to test the connection. If this is the first time you have connected you will receive a warning saying this host key is unknown to you. You can say OK and it will be added to a list of known host keys. If you are paranoid you should check the fingerprint value for the server and make sure that it matches the correct value. If the fingerprint matches then click Yes. You should see a window with the following message if you are able to access your account Using username "username" Authenticating ewith public key ... Server refused to allocate pty The username and key comment will be different. The pty message is normal and occurs because your account is not permitted shell access. Close the window to end the session Your session is actually saved in the Windows registry at HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions. You can also go to the SshHostKeys key if you need to delete a cached server host key. Step 5. Download and install the WinCVS client Download the client from http://www.wincvs.org/ I recommend using the stable 1.2 version. The download is a zip file that must be unzipped to yield a standard windows installer that you should use to install WinCVS. Step 6. Configure WinCVS You start WinCVS from the Start menu like a typical Windows app. There are only a few things to configure here. Select Admin | Preferences from the main menu There are two screens to configure in these tabs. Set the CVSROOT to :ext:cvssession:/cvs Set the Authentication to SSH Server Select the RSA identity radio button and hit the ellipsis button to browse to where you have saved your private key file. Next click on the Ports tab Click the check box next to "Check for an alternate rsh name" and enter plink.exe. Note that this assumes you have added the location where you installed plink to your system path. This is handy because then you can test your ssh connection by typing "plink cvssession" at the command line. You are now finished configuring WinCVS. Step 7. Download and install TortoiseCVS This step is not strictly necessary but the integration this product offers with Windows Explorer is well worth the extra step. Download TortoiseCVS from http://www.tortoisecvs.org/ I recommend using version 1-2-2. The download is an installation program that you can run as usual. There is not much to configure here. Select Preferences from TortoiseCVS off the start menu and go to the "Quirky" tab Make sure that the Unix compatibility check box is unchecked. This product integrates with Windows Explorer and lets you do CVS client operations from Explorer. If you click on file properties you can look at the neato revision history graph and version information there. There are a couple of free external diff tools that work with TortoiseCVS. They are Examdiff http://www.prestosoft.com/ps.asp?page=edp_examdiff and WinMerge http://winmerge.sourceforge.net/. I prefer Examdiff but both are exellent tools. They can be added as the external diff tool through the Main tab on the TortoiseCVS preferences dialog. Step 8. Checkout Projects from the CVS Repository If you have never used CVS before I recommend first checking out the foo project since there is no harm that can be done there. You can't really screw up too bad with CVS but like all things from Unix it will do exactly as you say, which may not be what you mean. It is also unlikely to prompt you for actions. Check out the foo project using WinCVS (You cannot use TortoiseCVS for this but you can for everything else) Unfortunately there is no graphical way to checkout projects using WinCVS because it does not gracefully support SSH. You will need to checkout projects using the command line option at Admin | Command Line. To check out the foo project you would do as follows: Enter the command cvs -d :ext:cvssession:/cvs checkout foo Use the Change folder button to specify the parent directory for where you want the foo root to show up. After you hit OK you should see something similar to the following output in the textbox at the bottom of the screen if everything went well: cvs -d :ext:cvssession:/cvs checkout foo (in directory C:\bowl) cvs server: Updating foo U foo/bogus.c U foo/bogus.h U foo/newjunk.c U foo/readme.txt *****CVS exited normally with code 0***** You can now begin using the foo project. You can checkout other projects with the same command but change the last argument to the name of the appropriate project. Cygwin Setup If you choose to install cygwin then follow these steps: Download cygwin from http://www.cygwin.com/ There are detailed instructions on the site for how to install cygwin. Be sure to select the packages for OpenSSH and cvs (and probably vim) when you do the install. Configure ssh You should tun the script "/usr/bin/ssh-user-config" to configure your account. This should create your public/private key pairs for you. If not you can run ssh-keygen to do that. The ssh client will look in the default location for those keys so you should not have to do anything special. Setup environment You should set the following environment variables in .bash_profile CVSROOT :ext:[EMAIL PROTECTED]:/cvs CVS_RSH ssh Test your ssh connection type "ssh [EMAIL PROTECTED]" at the command prompt. You should receive a message saying that no tty can be allocated but the key should be accepted. Since your CVSROOT is set you should not need to specify it when checking out projects. So in the proper parent directory you just need to type "cvs checkout foo" to checkout the foo project from the repository. Next Steps There is an open source project by the author of TortoiseCVS that integtrates directly with the Visual Studio. I have been unable to get this to work for me, however, after much effort. Personally, the combination of WinCVS and TortoiseCVS is more than enough for my purposes. If you are interested the Visual Studio plugin can be downloaded from http://cvssccplugin.sourceforge.net/ -Mark > ----- Original Message ----- > From: "Dewey M. Sasser" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, July 08, 2003 2:47 PM > Subject: Re: CVS Server configuration. > > > > "Vijay Kumar" <[EMAIL PROTECTED]> writes: > > > > > I am running RedHat ES 2.1 with cvs-1.11.1p1-8.7 > > > > > > I have been trying to setup a CVS Server with SSH2 for a very long time. > > > The latest link I tried to follow is : http://ioctl.org/unix/cvs/ > > > > > > Please can anyone guide me to another link or give me some tips on the > same > > > ? > > > I know its not a difficult task to do the same. > > > > > I need some tips on server side setup + client side setp - using WinCVS > 1.2 > > > Some links say CVS_RSH has to be on the server in the /etc/profile file, > > > some say it should be set on the client side - Windows box. I have got > > > confused after reading a lot of stuff about all this. > > > Preferably, I dont want to change the client as the users are already > used > > > to using WinCVS. > > > > I've been running an SSH environment using cvs command line (cygwin > > and Linux), WinCVS and TortoiseCVS to a Debian based CVS server. > > > > 1) Get your SSH configuration working *before* you throw CVS into the > > mix. > > > > 2) I believe WinCVS has a configuration parameter for what shell > > program to use, so you don't have to set CVS_RSH. In any case, it > > would be on the client side. I don't use WinCVS -- I just > > troubleshoot it :) > > > > 3) I've never gotten the cvs.exe binary that came with WinCVS to work > > with SSH. Dropping in the binary from the TortoiseCVS distribution > > seems to do the trick. > > > > 4) All clients have to have an account they can shell into on the > > server side. CVS server is started by the CVS client shelling to > > the server and executing "cvs server". There is no separate server > > executable to run on the server side (other than SSHD of course). > > > > 5) (Advanced, Warning) If you try to mix-and-match sandboxes between > > cygwin cvs.exe and on of the native windows ports the "binaryness" > > of the cygwin mount will affect you. CVS is not forgiving of extra > > ^M characters in its book-keeping files. > > > > > > -- > > Dewey M. Sasser > > [EMAIL PROTECTED] > > --- > > The price one pays for pursuing any profession, or calling, is an intimate > > knowledge of its ugly side. > > -- James Baldwin > > > > > > > > _______________________________________________ > > Info-cvs mailing list > > [EMAIL PROTECTED] > > http://mail.gnu.org/mailman/listinfo/info-cvs > > > _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
