Re: CVS Manual, section 2.9.2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello John, Am Mittwoch, 26. März 2003 03:05 schrieb John Daues: Thanks for taking care of the 'bug'. I don't know enough about it yet to know what to choose (rsh, ssh, other?) Maybe if I tell y'all the basics of the system, you can say which. Server is a P3 machine running Red Hat 8.0 sitting on the LAN. Clients are 3 users. Two running Win2k, One with RH 8.0. Clients connect by the LAN, or dialing into LAN thru modem. Does this point one way or the other? (or is there more info that would help?) I made best experiences with ssh. I have tried: local access / NFS, pserver and ext (with ssh). I have not tried: ext with rsh (it's unencrypted, but else doesn't differ from ssh), Kerberos etc.. The disadvantage about rsh/ssh access is that there must be user accounts. Best case one account for each cvs user, so you can tell the users from CVS ($Author$ etc.). With local access / NFS or pserver I often ran into Lock problems. (Waiting for XYZ's lock in directory abc). That never occurred to me with ext. I use ssh instead of rsh because a) the connection is encrypted b) Authentication can be done on a Private Key / Public Key basis, which I consider much more secure than .rhosts at rsh. When using key authentication (using ssh-keygen and ~/.ssh/authorized_keys) it is not neccessary to type in the password (same as with pserver and login, but more secure for the connection). On the other hand, giving everyone an account in the system could be considered insecure, unless they need or already have accounts anyway. Then pserver is better because you can create non-system-accounts that exist only within CVS / pserver. I have also heard that it's possible to tunnel pserver through ssh or http or https, but I do not know wether that is really possible, even less I know how to configure that. Bye - -- ITCQIS GmbH Christian Wolfgang Hujer Geschäftsführender Gesellschafter Telefon: +49 (0)89 27 37 04 37 Telefax: +49 (0)89 27 37 04 39 E-Mail: [EMAIL PROTECTED] WWW: http://www.itcqis.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+hCvPzu6h7O/MKZkRAtxoAJwIKmXdJqmLAPPmpSo1pLL82bEc1gCfcq6m pWLmo7nuLFI2VXC0FqyI0pw= =hEd1 -END PGP SIGNATURE- ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
RE: CVS Manual, section 2.9.2
From: Herr Christian Wolfgang Hujer [mailto:[EMAIL PROTECTED] I use ssh instead of rsh because a) the connection is encrypted b) Authentication can be done on a Private Key / Public Key basis, which I consider much more secure than .rhosts at rsh. When using key authentication (using ssh-keygen and ~/.ssh/authorized_keys) it is not neccessary to type in the password (same as with pserver and login, but more secure for the connection). Don't forget: c) ssh is universally interoperable - rsh is not. There are systems, even OS versions, that do not interopertae over rsh. I have also heard that it's possible to tunnel pserver through ssh or http or https, but I do not know wether that is really possible, even less I know how to configure that. It's possible. I don't have the instructions handy, either. /|/|ike ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
CVS Manual, section 2.9.2
In the CVS manual, in section 2.9.2 Connecting with rsh, it says: --- For example, suppose you are the user `mozart' on the local machine `toe.example.com', and the server machine is `faun.example.org'. On faun, put the following line into the file `.rhosts' in `bach''s home directory: toe.example.com mozart Then test that `rsh' is working with rsh -l bach faun.example.org 'echo $PATH' --- Should the 2 occurences of bach be replaced with mozart? (or vice-versa). If not, who is bach? (there's a setup for a joke) ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
RE: CVS Manual, section 2.9.2
From: John Daues [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 25, 2003 3:51 PM In the CVS manual, in section 2.9.2 Connecting with rsh, it says: --- For example, suppose you are the user `mozart' on the local machine `toe.example.com', and the server machine is `faun.example.org'. On faun, put the following line into the file `.rhosts' in `bach''s home directory: toe.example.com mozart Then test that `rsh' is working with rsh -l bach faun.example.org 'echo $PATH' --- Should the 2 occurences of bach be replaced with mozart? (or vice-versa). If not, who is bach? (there's a setup for a joke) I believe that bach would be the username that you would use on faun.example.org. Note the test command: SNIP rsh -l bach faun.example.org 'echo $PATH' /SNIP You probably should not learn rsh from a CVS manual. Read the rsh manual page on the system to which you will be connecting. Better yet, visit http://openssh.org/manual.html and read up on ssh, which is a more secure and less problematic remote connection method. Of course, you may not be able to use this, but if you can, it is the better way to fly. /|/|ike ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: CVS Manual, section 2.9.2
On Tue, Mar 25, 2003 at 04:50:41PM -0700, John Daues wrote: In the CVS manual, in section 2.9.2 Connecting with rsh, it says: --- For example, suppose you are the user `mozart' on the local machine `toe.example.com', and the server machine is `faun.example.org'. On faun, put the following line into the file `.rhosts' in `bach''s home directory: toe.example.com mozart Then test that `rsh' is working with rsh -l bach faun.example.org 'echo $PATH' --- Should the 2 occurences of bach be replaced with mozart? (or vice-versa). If not, who is bach? Arnold. (there's a setup for a joke) Ok, so I had to bite. Seriously, the names should *not* be replaced. bach is the repo's owner, on faun. You can connect via rsh to a repo on a machine where your username is spelled differently, and the example is constructed to demonstrate that. A better choice of names might have been bach and jsb, to suggest that they're the same person. It's also possible to use this capability in the way the example implies -- to let entirely different people all access the repo using the same login on the server. Whether you *should* set things up that way is a matter for serious -- indeed, extended, recurring, and flame-prone -- debate. I don't blame you for being confused. The example never says who bach is; you have to infer it. I'll be sending a patch for that to bug-cvs in a minute. -- | | /\ |-_|/ Eric Siegerman, Toronto, Ont.[EMAIL PROTECTED] | | / A distributed system is one on which I cannot get any work done, because a machine I have never heard of has crashed. - Leslie Lamport ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: CVS Manual, section 2.9.2
Thanks for taking care of the 'bug'. I don't know enough about it yet to know what to choose (rsh, ssh, other?) Maybe if I tell y'all the basics of the system, you can say which. Server is a P3 machine running Red Hat 8.0 sitting on the LAN. Clients are 3 users. Two running Win2k, One with RH 8.0. Clients connect by the LAN, or dialing into LAN thru modem. Does this point one way or the other? (or is there more info that would help?) ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
