Re: remote cvs access - recommendations

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: remote cvs access - recommendations

From:	Ludger Fiege
Subject:	Re: remote cvs access - recommendations
Date:	Fri, 10 Oct 2003 09:00:34 +0200
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; ; MultiZilla v1.5.0.2f) Gecko/20030827

Eric Siegerman wrote:

On Wed, Oct 08, 2003 at 10:59:37AM -0700, address@hidden wrote:

but in general, someone who accesses cvs [via SSH] has system access.
not only can my co-developer do things like "cvs checkout" and "cvs
commit", but he can also ssh into the machine and work at a remote
shell.

is there a way to give co-developers access to cvs WITHOUT giving them
system level access?



You can configure sshd to only allow one command, "cvs".  I'm not
sure how to do that, but it's been discussed here in the last few
days, so check the list archives.

prepend the following commands to the respective entry in theauthorized_key[2] file of the account on your cvs box (typically in~/.ssh/):

no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command="/usr/bin/cvsserver" ssh-rsa YOUR_KEY_HERE


bye
Ludger

[Prev in Thread]

Current Thread

[Next in Thread]

remote cvs access - recommendations, p, 2003/10/07
- Re: remote cvs access - recommendations, Geoff Beier, 2003/10/07
- RE: remote cvs access - recommendations, Neil Aggarwal, 2003/10/07
- Re: remote cvs access - recommendations, Larry Jones, 2003/10/07
- Message not available
  - Re: remote cvs access - recommendations, p, 2003/10/08
    - Re: remote cvs access - recommendations, Rob Helmer, 2003/10/08
    - Re: remote cvs access - recommendations, Eric Siegerman, 2003/10/08
    - Re: remote cvs access - recommendations, Ludger Fiege <=

Prev by Date: RE: help on pserver connection
Next by Date: RE: improper behavior or improper usage?
Previous by thread: Re: remote cvs access - recommendations
Next by thread: Revision Numbers
Index(es):
- Date
- Thread