Apache Software Foundation > Apache Forrest
 
Font size:      

CVS through SSH

This is documentation for development version v0.10-dev (More)
This How-To describes the steps necessary to configure an SSH enabled CVS connection. It is recommended to configure an SSH enabled CVS connection to work with Apache code repositories.

Intended audience

This How-to is aimed at developers who have been granted committer access to CVS repositories for particular projects.

Purpose

Using SSH to access CVS repositories is recommended for security reasons. By configuring CVS to work with remote repository using private/public SSH keys you'll be able to run CVS commands without a need to enter your password every time you need access to CVS through SSH.

Prerequisites

  • Account on the local machine.
  • Commiter access to the project(s). This also imply having account on the CVS host machine.
  • Cygwin - a Unix environment for Windows systems. You can get it here. Not required for Linux/*nix users.
  • A CVS GUI application (for Windows users only), e.g. WinCVS. It is not required, but can be very useful.
Note
If you are behind a firewall check that you can communicate through the 22 port. For anonymous access you will need 2401 one.

Steps

How to proceed.

Terms

SSH
Secure Shell. See OpenSSH
CVS
Concurrent Version System See CVS Home Page
Note
$ represents local, % remote machine.

Setting up domain users

Note
This step is necessary only for Windows users. Linux users can happily skip this section and pass to Setting up SSH access section

If you are a domain user then you should be added to Cygwin users list (See [cygwin-dir]/etc/passwd).

  • Start Cygwin, then enter following commands:
$ whoami
administrator
$ mkgroup -d > /etc/group
$ mkpasswd -d | grep 'userxxx' >> /etc/passwd
$ exit
    
Note
Replace 'userxxx' by your account name
  • Start Cygwin/shell again and check that everything's Ok:
$ whoami
userxxx
            

Setting up SSH access

Start Cygwin/shell, then enter:

$ ssh-user-config
  Shall I create an SSH1 RSA identity file for you? (yes/no) no
  Shall I create an SSH2 RSA identity file for you? (yes/no)  (yes/no) no
  Shall I create an SSH2 DSA identity file for you? (yes/no)  (yes/no) yes
  Generating /home/userxxx/.ssh/id_dsa
  Enter passphrase (empty for no passphrase):
  Enter same passphrase again:
  Do you want to use this identity to login to this machine? (yes/no) yes
  Adding to /home/userxxx/.ssh/authorized_keys2
  
  Configuration finished. Have fun!
    

Now you have configured SSH on your machine. Next you have to setup access to the CVS machine.

Warning
Having an empty passphrase isn't recommended for security reasons. See ssh-agent documentation on how to configure automatic passphrase retaining.

Setting up passphrase access

Perform the following:

$ scp ~/.ssh/id_dsa.pub userxxx@cvs.apache.org:.
$ ssh -l userxxx -L 2401:localhost:2401 cvs.apache.org
% mkdir ~/.ssh
% chmod 700 ~/.ssh
% cat ~/id_dsa.pub >> ~/.ssh/authorized_keys2
% rm ~/id_dsa.pub
% chmod 600 ~/.ssh/*
% exit            
            
Note
Note, that the account name on CVS machine can differ from your local account name.

Check that your configuration is correct:

$ ssh userxxx@cvs.apache.org
            
Note
If this command doesn't work then it can mean that you have an old version of SSH. In this case try ssh -l userxxx cvs.apache.org. Run ssh --help to get all available options.

If now you are logged in to the to the CVS machine without entering the password then everything's Ok.

Getting the project from CVS

Now you are ready to get a project from CVS using SSH connection.

E.g. how it is done using Cygwin/shell

$ export CVS_RSH=/bin/ssh
$ cvs -d :ext:userxxx@cvs.apache.org:/home/cvs co xml-cocoon2            
            

How to setup WinCVS

  • Add ssh.exe directory to your system PATH environment variable. Say:
    C:\>set PATH=%PATH%;C:\cygwin\bin
  • Add CVS_RSH=ssh environment variable

Start WinCVS, then:

  • From the main menu select Admin
  • Then select Preferences
  • In the dialog that comes up:
    Set the CVSROOT to userxxx@cvs.apache.org:/home/cvs
  • Set the Authentication to SSH Server
  • Click Ok

References

You can find more on CVS, SSH and WinCVS here:

1.0