From: kevin lyda (kevin+dated+1033838212.ba18c1 at domain ie.suberic.net)
Date: Mon 30 Sep 2002 - 18:17:02 IST
On Mon, Sep 30, 2002 at 07:09:08PM +0200, David Neary wrote:
> Would you mind going over how you'd do that? I only know of
> setting CVS_RSH to ssh, which introduces the problem of giving a
> password every time you do a cvs operation, and the inability to
use ssh-keygen to make your ssh pub/priv key. scp the public key up to
the cvs server and put it into ~/.ssh/authorized_keys. make sure ~/.ssh
is 700 and ~/.ssh/authorized_keys is 600. you should be able to ssh w/o
a password (assuming you use an empty password to "protect" your private
key file, or (better) use ssh-agent to unlock it for that process and
its wee little process munchkins). you should also be able to use cvs
w/o a password.
> use the cvs passwd file.
this would be a deficiency, yes. i'm sure if you got all cute with
pam you might be able to fix that, but in the meantime just give them
an account. you might be able to come up with a restricted shell that
would limit the commands to those that cvs over ssh/rsh uses.
-- kevin at domain ie.suberic.net "How do we know Saddam has weapons of mass fork()'ed on 37058400 destruction? We looked at the receipt." meatspace place: home --Bill Hicks http://ie.suberic.net/~kevin
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:19:09 GMT