RE: passwd

[Zhao, Jing]

Arthur, 

Thank you very much for your detailed info. I use CVS1.11.21. We cannot use 
gserver, sspi or ssh for authentication with a lots of reasons I don't want to 
explain it in details.  

CVSROOT/passwd is fine for us. Just want to simplify our process and eliminate 
'step 5' or replace 'step 5' with some kind of cvs command.   

BTW, CVS1.11.21 works very well. 

Really appreciated your help.  

Jing  

-----Original Message-----
From: Arthur Barrett [mailto:address@hidden 
Sent: Friday, June 29, 2012 11:21 PM
To: Zhao, Jing; address@hidden
Subject: RE: passwd

Hi Jing,

Your question is more complex that it first appears.

i) the answer depends on which version of CVS server and client you are using, 
and potentially the operating system of each.  Eg: CVSNT 2.8.01 on Red Hat 
Linux server is different to CVS 1.11.

ii) there are several different authentication protocols - the most secure do 
not use any passwords sent in clear text like passwd/pserver does.  Eg: 
gserver, sspi, ssh (with keys), sserver (with keys) etc.  For 'native' 
authentication you don't 'add users' to cvs, you add them to the host operating 
system.  Depending on the version of CVS you may be able to use CVSROOT/passwd 
to 'restrict' access to CVS to some host users.

iii) the passwd file is primarily used by pserver protocol.  Generally as a 
rule of thumb, the pserver protocol is insecure and rarely recommended.

iv) if you are using pserver, you can use 'native' authentication (again no 
need to add anything to CVSROOT/passwd) using SystemAuth=yes in CVSROOT/config 
or you can use non-native authentication using CVSROOT/passwd

v) if you are user pserver, with non-native authentication and CVS 1.11 then 
you can either add passwd directly to the CVSROOT directory in the server, or 
you can 'checkout' CVSROOT and add passwd to 'checkoutlist'
and the CVSROOT directory and 'commit' it.   To generate the passwords
you'll need some tool that generates linux passwords.

vi) if you are user pserver, with non-native authentication and CVSNT
2.5 or later on linux or windows then you can use 'cvs passwd' from the client 
or the server.


Implementing CVS well takes some work - I recommend you get a good book on the 
subject from Amazon or your favourite technical books seller.  I had a hand in 
writing 'All About CVS' or there is the ever popular 'Essential CVS' or many 
many others.

Regards,


Arthur Barrett
 

> -----Original Message-----
> From: 
> address@hidden
> [mailto:address@hidden
> org] On Behalf Of Zhao, Jing
> Sent: Saturday, 30 June 2012 1:23 AM
> To: 'address@hidden'
> Subject: passwd
> 
> 
> Could you shed some light on how to add new user to cvs repository? 
> This is what I do as follows:
> 
> 1.  cvs co CVSROOT
> 2.  cd CVSROOT
> 3.  vi passwd # add new users
> 4.  cvs ci -m "adding xxxx"
> 5.  I have to physically login to CVS repository server, go to CVSROOT 
> directory, then drop this latest passwd file over there, otherwise, it 
> would not work.
> 
> Is there any command to eliminate step 5?  I checked 'cvs admin' 
> command, I did not see how to do that.
> Appreciate you any help.
> 
> Jing
> ----------
> Learn more about Chase Paymentech Solutions,LLC payment processing 
> services at www.chasepaymentech.com.
> 
> THIS MESSAGE IS CONFIDENTIAL.  This e-mail message and any attachments 
> are proprietary and confidential information intended only for the use 
> of the recipient(s) named above.
> If you are not the intended recipient, you may not print, distribute, 
> or copy this message or any attachments.  If you have received this 
> communication in error, please notify the sender by return e-mail and 
> delete this message and any attachments from your computer.
> 
> 
> 
> 
----------
Learn more about Chase Paymentech Solutions,LLC payment processing services at 
www.chasepaymentech.com.

THIS MESSAGE IS CONFIDENTIAL.  This e-mail message and any attachments are 
proprietary and confidential information intended only for the use of the 
recipient(s) named above.  If you are not the intended recipient, you may not 
print, distribute, or copy this message or any attachments.  If you have 
received this communication in error, please notify the sender by return e-mail 
and delete this message and any attachments from your computer.