[linux-elitists] Secure CVS

Rick Moen rick@linuxmafia.com
Sat Feb 10 09:05:43 PST 2001


begin  Jeff Waugh quotation:
> 'tag alles,

God dag!  (Forstaar Norsk?)

> So, pservers scare me. Behind the firewall on a dev box, fine, but not on a
> webserver (staging or otherwise). I've finally convinced a few blockhead
> web developers that CVS will save them from themselves, but I can't find any
> good secure CVS howtoish stuff.

I'm really rusty at that, but there's a document that sometimes helps me
out in these matters, that I found somewhere on the Net:
http://linuxmafia.com/pub/linux/security/ssh-clients

Which finds us:

Joey Hess's <joey@kitenet.net> "Anonymous CVS access via ssh", at
    http://kitenet.net/programs/sshcvs/
The XFree86 Project's "Anoncvs Via ssh setup in an UNIX-type environment" 
    (possibly inspired by Joey Hess's article, preceding), at
    http://www.xfree86.org/cvs/ 
Functional Win9x [SSH] ports were not possible until late 1996, when Mark 
Solinski <markso@mcs.com> wrote a fix to Win95's defective GetFileType 
function, which balked on sockets:  http://www.mcs.net/~markso/cvs/cvs95.html

Win32:
-----
ftp://bmrc.berkeley.edu/pub/winnt/util/cvs.exe and
http://bmrc.berkeley.edu/people/chaffee/patches/patch-cvs-1.9.10
                                              Gordon Chaffee's patched CVS 
                                              1.9.10 utility, capable of using 
                                              SSH transport.  You must set the
                                              CVS_RSH environment variable to
                                              the pathname of ssh.exe.  Source 
                                              patch & binary.  Licence unstated.


I hope some of those links help.

-- 
Cheers,                                Before enlightenment, caffeine.
Rick Moen                              After enlightenment, caffeine.
rick@linuxmafia.com




More information about the linux-elitists mailing list