The Linux Development Platform

200Chapter6 • Introduction to CVS

Have a shell account on the CVS server.

Create a public/private key pair on the client.

Transfer the public portion of the key to the CVS server.

Set up the CVS client to use this new method.

Depending on how the CVS server is configured, it may be possible to set up ssh to bypass

the requirement of typing in your password every time that you interact with the CVS repository.

Assuming that the accounts have already been set up on the CVS server, the next step is to

generate the public/private key pair. This is accomplished by using the ssh-keygen program.

To generate the key pair, issue the following command (this may result in a DSA key with

openssh3.):

# ssh-keygen –N “”

Generating public/private rsa1 key pair.

Enter file in which to save the key (/root/.ssh/identity):

Your identification has been saved in /root/.ssh/identity.

Your public key has been saved in /root/.ssh/identity.pub.

The key fingerprint is:

32:66:ea:74:4a:7d:23:78:57:bc:90:12:a3:da:78:20 lcp@client

The –

N “”

option tells the program to uses a null passphrase to protect the keys.

As indicated by the program messages, this creates two files in the user’s

$HOME/.ssh

directory. The first one,

identity

, is your private key. This should be kept secure and should

not be shared. The second,

identity.pub

, as you may have guessed, is the public key. The

contents of this file need to be distributed to every machine that you wish to log into and access

via ssh.

To accomplish this, you can use ssh itself to copy the file between machines as follows:

# cd ~/.ssh

# scp identity.pub user@cvsserver:.ssh/`hostname`.pub

Replace

user@cvsserver

with your username on the CVS server. For example if your

username were

jon

and the CVS server was named

dev

, you would replace this with

jon@dev

. You could also use the FQDN or IP Address in place of

cvsserver

. Also note that

the punctuation marks surrounding the

hostname

are backticks.

N O T E The key to logging in without having to type in the

passphrase each time is to specify a blank password during the

key generation process. While this does permit you to log into the

server without supplying a passphrase, anyone who has access

to your account will be able to do the same. Make sure never to

leave your workstation unlocked and unattended.

Next Page >>

<< Previous Page

Back to the Table of Contents