info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS over SSH on different port


From: Gaurav Vaish
Subject: Re: CVS over SSH on different port
Date: Wed, 27 Oct 2004 09:44:32 +0530

Thanks!

  It works... :-)

  I have one more query... on branching. Check the new thread.

Cheers,
Gaurav Vaish
http://gallery.mastergaurav.org
----------------------------------------



On Tue, 26 Oct 2004 08:58:00 -0700, Mark D. Baushke <address@hidden> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Gaurav Vaish <address@hidden> writes:
> 
> > >              The host firewall.network.net is the external firewall and
> > >              allows me to establish port forwarding to internal hosts
> > >              via an SSH connection.
> >
> >    No. It does not allow right now. But I want it do so. But it also
> > has sshd running on itself, listening on 22 and I don't want to shut
> > it down.
> 
> You are still confused.
> 
> The :pserver: is the one that listens and talks on a particular port.
> The :ext: runs a copy of cvs in server mode over ssh and does not
> actually consume any ports of its own. It is even possible to run :ext:
> over kermit (or so I have been told). All you need is an eight-bit clean
> cahnnel to pass the bits.
> 
> So, you need port 22 to continue to run SSHD. You also need to be
> setting things up so that you are port forwarding the ability to login
> via ssh to the system on which the cvs server is to be run locally.
> 
> > >
> > >  Problem:    How do I configure things with my CVSROOT and SSH
> > >
> > >              configuration to allow me to checkout and commit to
> > >              foo.my.network.net from my.laptop.somewhere.com that must
> > >              go thru an SSH tunnel on the firewall.network.net in order
> > >              to get to the cvs.my.network.net host.
> >
> >    Well, I can get to it if I had only this as the problem. Since the
> > firewall is under my control, I can enable portforwarding (Linux,
> > iptables -- not an issue).
> >
> >    The problem:
> >
> >    -> Firewall.network.net already has a sshd running on 22.
> >        I cannot use 22 for forwarding, since sshd is listening.
> >        I cannot use another port, because "ext protocol" does not
> > allow me to use any port other than 22.
> >
> >    export address@hidden:/cvs/root/path
> >
> > cannot be changed to
> >
> >     export address@hidden:111111:/cvs/root/path
> 
> The :ext: protocol does not allow you to specify port numbers because
> the transport of $CVS_RSH may or may not allow you to move to a separate
> port number in any kind of a portable manner.
> 
> What is happening is that cvs will be running a command like:
> 
>     "${CVS_RSH:-rsh} mycvsserver -l user ${CVS_SERVER} server"
> 
> given the environment
> 
>      CVSROOT=:ext:address@hidden:/cvs/root/path
> 
> and the cvs protocol across the connection will be where it communicates
> 'Root /cvs/root/path' for you.
> 
> So, for setting up a cvs connection of :ext: you will want to make sure that
> the command:
> 
>        ssh mycvsserver -l user uname -a
> 
> works first and prints out the name of the remote host you are
> attempting to use. If it does, then you can be fairly sure that the cvs
> connection will also work.
> 
> Let us look at what the previous post I sent does...
> 
> | Suggested workaround:
> |
> | Created a $HOME/.ssh/config entry something like this:
> |
> | Host cvsserver
> |   HostKeyAlias cvs.my.network.net
> |   Hostname cvs.my.network.net
> |   ProxyCommand ssh firewall.network.net nc %h 22
> 
> The above ssh configuration means that whenever you do a connection to
> the 'cvsserver' name it will open an ssh connection on cvs.my.network.net
> transparently.
> 
>        ssh cvsserver
> 
> will get you a login shell on cvs.my.network.net directly.
> 
> |
> | You could do something like the following:
> |
> |    export CVS_RSH=ssh
> |    export CVSROOT=:ext:cvsserver/path/to/cvsroot
> |    cvs checkout module
> |
> | This assumes that you have the 'nc' program
> | (http://www.atstake.com/research/tools/network_utilities/)
> |
> | If you are not able to use nc, then something like the following might
> | work for you...
> |
> | In your $HOME/.ssh/config file put something like this:
> |
> | Host cvsserver2
> |   HostKeyAlias cvs.my.network.net
> |   Hostname localhost
> |   Port 8822
> |
> | Then, in one window do a command like this:
> |
> |      ssh -L 8822:cvs.my.network.net:22 firewall.network.net
> 
> The above command establishes that connections to the localhost port
> 8822 will be forwarded to cvs.my.network.net port 22. So, the command
> 
>     ssh -p 8822 localhost
> 
> will get you a login prompt from the cvs.my.network.net host.
> 
> |
> | and in another window
> |
> |    export CVS_RSH=ssh
> |    export CVSROOT=:ext:cvsserver2/path/to/cvsroot
> |    cvs checkout module
> |
> | There are probably other ways to address the above solutions, but this
> | may be a reasonable place to start.
> 
> I hope this helps.
> 
>        Good luck,
>        -- Mark
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (FreeBSD)
> 
> iD8DBQFBfnQI3x41pRYZE/gRAoCcAJ9bVHKZNPqNrDwHEK1TuL6QaT8epACfbRMv
> Yd6q2BSVEMOSQcsm70VO+yU=
> =8Q8B
> -----END PGP SIGNATURE-----
>




reply via email to

[Prev in Thread] Current Thread [Next in Thread]