Re: Secure remote CVS

[Louis D. Zirkel III]

On Mon, 5 Feb 2001, David H. Thornley wrote:

> Now we'd like to be able to use CVS over considerably longer
> distances, securely.
>
> I recommended setting CVS_RSH=ssh, and was told that the users
> then had to type in their password for every file being transferred,
> and that is more typing than they're willing to put up with.

I don't believe you're prompted after every file.  It's been awhile since
I've used not used ssh-agent to rid myself entirely of having to enter
passwords, but back when I did I think I typed it in once and then the
whole session was one connection.  On the other hand... (read below)

> We're not about to use straight pserver, for security reasons.
>
> There has got to be a way to log into a remote server securely,
> but I don't know enough about the networking involved.
>
> Any pointers?

I personally use the ssh-agent that comes with most command line ssh
clients (I know PuTTY has a version as well although I've not tried it
yet).  Basically once you have it running you use ssh-add to add your
private key that SSH has created for you (it'll prompt you for the
passphrase) and then by placing your public key on the server you're
logging into it can negotiate the connection using the halves of the key.
The process is a bit more involved than that, but if this sounds feasible
I'd be more than happy to help you out with the particulars.  Let me know.

-- 
 Louis Zirkel III (address@hidden)             System Admin/Programmer
 "We're living on the Edge of the Century"                           -- Styx