Hi, Glad it works now :)
You may want to add a note in the Savannah instructions directly yourself. It is a wiki. -- Sylvain On Wed, May 21, 2008 at 02:17:53PM -0700, David Hill wrote: > Hi Sylvain, > > Thanks. > > Of course, 'export CVS_RSH=ssh" doesn't work on my Mac using tcsh (I had > tried it, since I "knew" it was necessary, but the command wasn't > recognised and assumed [ <:-) ] it was therefore unnecessary ). > > Finally you prodded me into finding an equivalent, and that: > > 'setenv CVS_RSH ssh' > > *does* work, and it wasn't that hard to google. Thank you. > > You may want to update your notes in case anyone else has the same > problem. I was aware that my access problems started when I began using > the Mac under OS/X to access the various sites, and should have realised > what was going on and found the solution earlier. <:-) > > I appreciate your patience, forbearance and help. > > david > ----- > David Hill > [EMAIL PROTECTED] > http://savannah.gnu.org/projects/gnuspeech > -------- > The only function of economic forecasting is to make astrology look > respectable. (J.K. Galbraith) > -------- > > On May 21, 2008, at 1:08 PM, Sylvain Beucler wrote: > >> Hi, >> >> Try: >> export CVS_RSH=ssh >> before running CVS. >> >> Your cvs is trying to use rsh instead of ssh for connection. >> >> Nowadays most systems symlink 'rsh' to 'ssh' and the issue is solved >> automatically, but apparently not in this version of osx. >> >> >> Incidentally, option '-i' is an ssh (not cvs) option. If you need to >> use it in combination with cvs, you need to use an ssh wrapper, but >> that's another story :) >> >> -- >> Sylvain >> >> On Wed, May 21, 2008 at 12:04:07PM -0700, David Hill wrote: >>> Hi Sylvain, >>> >>> Thanks for the fast reply. >>> >>> On May 21, 2008, at 10:42 AM, Sylvain Beucler wrote: >>> >>>> Hi, >>>> >>>> "Permission denied" means SSH couldn't find a key to match the one >>>> at >>>> Savannah. >>>> >>>> "Connection refused" means you probably attempted to connect >>>> during a >>>> server maintenance. >>>> >>>> The most likely cause of failure is that SSH doesn't know where to >>>> find your private key. You can manually specify where your private >>>> key >>>> is using the '-i' option for SSH. By default, SSH looks at >>>> ~/.ssh/id_dsa and ~/.ssh/id_rsa . >>> >>> As I mentioned in my initial email, that's where they are. Using the >>> '-i' option gave me a "cvs: invalid option -- i". Both the 'man' >>> pages >>> and Fogel & Bar (Open Source Development with CVS) seem to think it >>> is an >>> obsolete option, but I shouldn't need it, since the keys are in the >>> default location -- right? >>> >>>> >>>> >>>> The reference documentation is here: >>>> http://savannah.gnu.org/maintenance/SshAccess >>> >>> Thanks. I had checked and used that. >>> >>>> >>>> >>>> To further diagnose your problem, please send us the output of these >>>> commands in a terminal: >>>> >>>> cvs -t -d:ext:[EMAIL PROTECTED]/cvsroot/yourproject co >>>> yourproject >>>> ssh -v [EMAIL PROTECTED] >>> >>> Here it is -- you'll notice that, with the second command, >>> authentication does eventually succeed (public key), and I bracketed >>> the >>> session with two 'date' commands so you can figure out whether the >>> "Connection refused" on the first command was during server >>> maintenance: >>> >>> [eldorado:~/.ssh] david% date >>> Wed May 21 11:27:46 PDT 2008 >>> [eldorado:~/.ssh] david% cvs -t - >>> d:ext:[EMAIL PROTECTED]/ >>> cvsroot/gnuspeech co gnuspeech >>> -> main loop with CVSROOT=:ext:[EMAIL PROTECTED]/ >>> cvsroot/gnuspeech >>> -> safe_location( where=(null) ) >>> -> Starting server: rsh -l davidhill cvs.savannah.gnu.org cvs server >>> cvs.savannah.gnu.org: Connection refused >>> cvs [checkout aborted]: end of file from server (consult above >>> messages >>> if any) >>> -> Lock_Cleanup() >>> [eldorado:~/.ssh] david% ssh -v [EMAIL PROTECTED] >>> OpenSSH_4.7p1, OpenSSL 0.9.7l 28 Sep 2006 >>> debug1: Reading configuration data /Users/david/.ssh/config >>> debug1: Reading configuration data /etc/ssh_config >>> debug1: Connecting to cvs.savannah.gnu.org [199.232.41.69] port 22. >>> debug1: Connection established. >>> debug1: identity file /Users/david/.ssh/id_rsa type -1 >>> debug1: identity file /Users/david/.ssh/id_dsa type 2 >>> debug1: Remote protocol version 2.0, remote software version >>> OpenSSH_4.3p2 Debian-9etch2 >>> debug1: match: OpenSSH_4.3p2 Debian-9etch2 pat OpenSSH* >>> debug1: Enabling compatibility mode for protocol 2.0 >>> debug1: Local version string SSH-2.0-OpenSSH_4.7 >>> debug1: Miscellaneous failure >>> No credentials cache found >>> >>> debug1: Miscellaneous failure >>> No credentials cache found >>> >>> debug1: SSH2_MSG_KEXINIT sent >>> debug1: SSH2_MSG_KEXINIT received >>> debug1: kex: server->client aes128-cbc hmac-md5 none >>> debug1: kex: client->server aes128-cbc hmac-md5 none >>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent >>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP >>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent >>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY >>> The authenticity of host 'cvs.savannah.gnu.org (199.232.41.69)' >>> can't be >>> established. >>> RSA key fingerprint is 80:5a:b0:0c:ec:93:66:29:49:7e:04:2b:fd:ba: >>> 2c:d5. >>> Are you sure you want to continue connecting (yes/no)? yes >>> Warning: Permanently added 'cvs.savannah.gnu.org' (RSA) to the list >>> of >>> known hosts. >>> debug1: ssh_rsa_verify: signature correct >>> debug1: SSH2_MSG_NEWKEYS sent >>> debug1: expecting SSH2_MSG_NEWKEYS >>> debug1: SSH2_MSG_NEWKEYS received >>> debug1: SSH2_MSG_SERVICE_REQUEST sent >>> debug1: SSH2_MSG_SERVICE_ACCEPT received >>> debug1: Authentications that can continue: publickey >>> debug1: Next authentication method: publickey >>> debug1: Trying private key: /Users/david/.ssh/id_rsa >>> debug1: Offering public key: /Users/david/.ssh/id_dsa >>> debug1: Server accepts key: pkalg ssh-dss blen 433 >>> debug1: PEM_read_PrivateKey failed >>> debug1: read PEM private key done: type <unknown> >>> Enter passphrase for key '/Users/david/.ssh/id_dsa': >>> debug1: read PEM private key done: type DSA >>> debug1: Authentication succeeded (publickey). >>> debug1: channel 0: new [client-session] >>> debug1: Entering interactive session. >>> You tried to execute: >>> Sorry, you are not allowed to execute that command. >>> debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 >>> debug1: channel 0: free: client-session, nchannels 1 >>> Connection to cvs.savannah.gnu.org closed. >>> debug1: Transferred: stdin 0, stdout 0, stderr 44 bytes in 0.5 >>> seconds >>> debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 97.2 >>> debug1: Exit status 1 >>> [eldorado:~/.ssh] david% date >>> Wed May 21 11:30:16 PDT 2008 >>> [eldorado:~/.ssh] david% >>> >>> --------- >>> >>> Thanks for your help. >>> >>> david >>> ----- >>> David Hill >>> [EMAIL PROTECTED] >>> http://savannah.gnu.org/projects/gnuspeech >>> -------- >>> The only function of economic forecasting is to make astrology look >>> respectable. (J.K. Galbraith) >>> -------- >>> >>> >>>> >>>> >>>> Cheers! >>>> >>>> -- >>>> Sylvain >>>> >>>> On Tue, May 20, 2008 at 11:59:45AM -0700, David Hill wrote: >>>>> Hi people, >>>>> >>>>> I am the administrator for the "gnuspeech" project. I have had >>>>> problems >>>>> logging into the gnu webcvs pages and the repository for quite some >>>>> time >>>>> now and have tried various measures including changing my keys (the >>>>> most >>>>> recent change being yesterday, May 19 2008) and updating my account >>>>> keys >>>>> to correspond. I have checked there are no line feeds in my >>>>> registered >>>>> ssh key and I have made sure 'cvs.sv.gnu.org' (RSA) has been added >>>>> correctly to the list of known hosts . The entry reads: >>>>> >>>>> -------- >>>>> cvs.sv.gnu.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzFQovi+67xa >>>>> +wymRz9u3plx0ntQnELBoNU4SCl3RkwSFZkrZsRTC0fTpOKatQNs1r/ >>>>> BLFoVt21oVFwIXVevGQwB+Lf0Z+5w9qwVAQNu/YUAFHBPTqBze4wYK/ >>>>> gSWqQOLoj7rOhZk0xtAS6USqcfKdzMdRWgeuZ550P6gSzEHfv0= >>>>> -------- >>>>> >>>>> I believe I have checked the most current documentation carefully, >>>>> but >>>>> such a process is notoriously prone to wishful thinking :-( >>>>> >>>>> Whether going directly from the command line, or using MacCvsX I >>>>> get >>>>> the >>>>> same "Permission denied (publickey)" or "Connection refused" errors >>>>> as in >>>>> the following copied transactions from the MacCvsX console >>>>> window and >>>>> terminal window: >>>>> >>>>> MacCvsX console >>>>> ------- >>>>> cvs -d :ext:[EMAIL PROTECTED]:/webcvs/gnuspeech checkout -- >>>>> cvs.sv.gnu.org:/webcvs/gnuspeech (in directory /Users/david/ >>>>> gnuspeech/ >>>>> www/) >>>>> Permission denied (publickey). >>>>> >>>>> cvsnt [checkout aborted]: end of file from server (consult above >>>>> messages if any) >>>>> >>>>> ***** CVS exited normally with code 1 ***** >>>>> ----- >>>>> >>>>> Terminal window: >>>>> ------- >>>>> [eldorado:~/gnuspeech/www/software] david% cvs -z3 - >>>>> d:ext:[EMAIL PROTECTED]:/webcvs/gnuspeech co gnuspeech >>>>> cvs.savannah.gnu.org: Connection refused >>>>> cvs [checkout aborted]: end of file from server (consult above >>>>> messages >>>>> if any) >>>>> [eldorado:~/gnuspeech/www/software] david% >>>>> -------- >>>>> >>>>> the "software" directory contains: >>>>> >>>>> ------ >>>>> [eldorado:~/gnuspeech/www/software] david% ls >>>>> CVS gnuspeech >>>>> [eldorado:~/gnuspeech/www/software] david% >>>>> ------ >>>>> >>>>> My ~/.ssh directory contains: >>>>> >>>>> ------ >>>>> [eldorado:~/.ssh] david% ls >>>>> config id_dsa.pub identity.pub >>>>> id_dsa identity known_hosts >>>>> [eldorado:~/.ssh] david% >>>>> ------ >>>>> >>>>> The ssh dsa keys are in the "id_dsa*" files, not in the "identity*" >>>>> files. The config file contains "Protocol 2" >>>>> >>>>> Long experience tells me that the problem is something *I* am doing >>>>> wrong or missing, but I don't see it, and am therefore checking >>>>> with >>>>> you >>>>> on the off-chance that something has changed, or some kind of block >>>>> has >>>>> been placed on my access. If there are no changes or blocks, and >>>>> you can >>>>> spot my error, that would be very helpful too. >>>>> >>>>> I am using the standard Openssh that comes with the Mac, dated >>>>> February >>>>> 26 2008, though I believe there was an update to Openssh to deal >>>>> with a >>>>> vulnerability as recently as last month. It has not made it to my >>>>> machine so far. >>>>> >>>>> Many thanks in anticipation of your help -- I hope I have provided >>>>> all >>>>> the information you may need for this. >>>>> >>>>> david >>>>> ------ >>>>> David Hill >>>>> [EMAIL PROTECTED] >>>>> http://savannah.gnu.org/projects/gnuspeech >>>>> -------- >>>>> The only function of economic forecasting is to make astrology >>>>> look >>>>> respectable. (J.K. Galbraith) >>>>> -------- >>>> >>> >> >
