info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Chrooted SSH CVS server HOW-TO - DRAFT version - R20010423


From: Olivier Berger
Subject: Chrooted SSH CVS server HOW-TO - DRAFT version - R20010423
Date: Mon, 30 Apr 2001 14:37:47 +0200

Hello, fellow CVS administrators.

I'd like to announce the availability (first public release, on
http://www.idealx.org) of a new HOW-TO published under the GNU FDL.

This document describes the steps necessary to setup a very
network-secure CVS server, allowing SSH access to chrooted CVS
repositories. 

Using this strategy, it is possible to have multiple repositories on the
same server, each one in its own protected directory tree (chrooted),
and with respective access privileges thanks to SSH. 

The use of SSH (with CVS_RSH) as a transport mechanism for CVS (instead
of having a CVS pserver and SSH tunneling between client and server)
allows much more secure and flexible use on the client side (provided
SSH is installed, of course). 
The shell accounts necessary for SSH to run are disabled in order to
allow only remote access to CVS. 
Both read-only (and even anonymous, i.e. with a known password or even
no password at all) and read-write access can be granted, depending on
the user accounts.


The HOWTO's package, release R20010423 (including DocBook source for the
HOWTO, small scripts (alpha stage) and necessary source code) can be
found from http://www.idealx.org/prj/idx-chrooted-ssh-cvs/index.en.html

For those wishing to consult the howto in HTML form, please go to :
http://www.idealx.org/prj/idx-chrooted-ssh-cvs/dist/chrooted-ssh-cvs-server.html


Standard disclaimer :
The elements described in this HOW-TO have been tested in order to
ensure maximum safety. But as usual, we cannot guaranty that every
aspects were sufficiently examined or tested. YOU MAY FOLLOW THE
GUIDELINES AND USE THE TOOLS DESCRIBED HERE ONLY AT YOUR OWN RISK.
Neither the authors nor their company should be liaible for any loss of
data or other potential damage resulting from using the methods or tools
described here. Due to the risks of misconfiguration resulting from the
various manuel configuration steps necessary to setup such a server, we
recommand that you carefully test your installation before connecting
the server to the Internet and let user store their data in the CVS
repositories.


I welcome any comments regarding this Document and associate tools, and
would be happy to get feedback if you found it useful in order to setup
your own CVS server.

Best regards.

-- 
Olivier BERGER                          IDEALX S.A.S.
Développeur senior                      15-17, av. de Ségur
01.44.42.00.00                          F-75007 PARIS
06.81.27.86.79                          http://IDEALX.com/



reply via email to

[Prev in Thread] Current Thread [Next in Thread]