Re: ssh authentication; readers/writers/passwd

[Noel Yap]

--- Chris Palmer <address@hidden> wrote:
> Before I knew much of anything about CVS, I setup a
> testing
> repository on one of my machines, just to start
> tinkering.
> After reading a few things about pserver, I
> immediately 
> decided to not use pserver and use ssh for access.

I prefer SSH myself since it affords real security.

> Under this model, is all access controlled solely
> via the
> unix system permissions, or can I also control
> things with
> the CVSHOME/readers, writers, passwd files?  I am
> hoping
> that these are still used by CVS even if I'm not
> using
> the pserver authentication system.  Is this the
> case?

When using SSH, SSH keys are used for the
authentication and file system permissions are used
for authorisation.

Why would you hope that readers, writers, and passwd
is still used?

> I'd like to use the passwd file to setup aliases for
> project access with project-based system users.  Or
> should
> I just do this using unix group permissions?

You can either use canonical unix group permissions or
POSIX file system ACLs if your system supports them
(man setfacl for more info).  There should be a FAQ
regarding using file system ACLs.

HTH,
Noel


__________________________________________________
Do You Yahoo!?
Sign up for SBC Yahoo! Dial - First Month Free
http://sbc.yahoo.com