raven ioctl

CVS client configuration.

ioctl.org : unix bits and pieces : CVS stuff : CVS and SSH (Unix client)

Setting up a Unix client for using CVS via ssh

Prerequisites

These instructions assume that you already have installed the CVS software and the OpenSSH client. They make no attempt to tell you how to go about this; contact your local technical support for details, or chase down instructions on the appropriate website.

We also assume a reasonable familiarity with the Unix user environment; you should be able to ensure that environment variables are set to appropriate values and be able to edit a file, change file permissions, and so on.

Presumably, you will have just been contacted by the CVS administrator giving you a some information that you'll need to use their CVS repository, and asking you for a DSA public key file. This is what you need to do.

Creating an SSH identity

This is simplicity itself. At the shell prompt, issue the following command:

$ ssh-keygen -d
Generating DSA parameter and key.
Enter file in which to save the key (/home/joeb/.ssh/id_dsa):
Created directory '/home/joeb/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/joeb/.ssh/id_dsa.
Your public key has been saved in /home/joeb/.ssh/id_dsa.pub.
The key fingerprint is:
ab:ab:ab:ab:ab:ab:ab:ab:ab:ab:ab:ab:ab:ab:ab:ab joeb@your.host
$

Obviously, some of those details (such as your username and the "fingerprint") will be slightly different. When asked for a filename, just press return to accept the default. Similarly, just hit return when asked for a passphrase to encrypt your private key.

This is not particularly secure; ssh permits you to encrypt your private key with a passphrase. This will prevent anyone who has access to your computer from using your private key to masquerade as you. However, each time you use ssh, you'll be prompted to enter your passphrase. You can avoid this (see the documentation for ssh-agent for details) but this is beyond the scope of the current document.

The result of this operation will be two files in the .ssh directory under your home directory. One will be called id_dsa; this contains your private key. The other, id_dsa.pub, is your public key; you should email this file to the CVS administrator to enable them to complete the configuration of your account on their server.

Configuring CVS to use SSH for connection

This is also pretty simple. You will need to set up two environment variables as follows:

CVSROOT=:ext:jbloggs@cvs.server.name:/abs/path/to/cvs/cvsrep
CVS_RSH=ssh

You can ensure that these variables are always set when you log in by adding the following to your .profile script:

CVSROOT=:ext:jbloggs@cvs.server.name:/abs/path/to/cvs/cvsrep
CVS_RSH=ssh
export CVSROOT CVS_RSH

If you use a csh-derived shell (ask someone if you're not sure), you'll need to append the following lines to your .cshrc file:

setenv CVSROOT :ext:jbloggs@cvs.server.name:/abs/path/to/cvs/cvsrep
setenv CVS_RSH ssh

Replace jbloggs with the remote username that you've been provided with by the CVS administrator. Similarly, cvs.server.name and /abs/path/to/cvs/cvsrep should be replaced with the names of the remote CVS server and the repository path. The CVS administrator should have provided you with those values.

You're ready to go

Once you've sent your public key to the CVS administrator, you should wait until you get a response indicating that he has completed the remote configuration.

At that point, you're ready to go! - you can check out modules by issuing commands such as:

$ cvs co project1

The CVS administrator will provide you with a list of the projects you have access to.

Day-to-day CVS operation is the subject of a number of tutorials; if you're unfamiliar with CVS now would be a good time to read them.