first, thanks everyone who answered my question. second, this works like a charm. and i learned a WHOLE LOT in the process.
On Tue 07 Oct 03, 9:38 AM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> said: > > On Tue, 7 Oct 2003 [EMAIL PROTECTED] wrote: > > > hi all, > > > > i've read about remote cvs access, and there are a LOT of options: ssh, > > rsh, kerberos, pserver, and more. > > > > my needs are simple. i'm writing a latex book with just one other > > person. the repository is sitting on a debian gnu/linux machine that i > > have root access to. > > > > can someone suggest an access method suitable for my needs? > > > > i don't need anything fancy, scalable or even efficient, since there's > > just one other co-author and we're dealing mainly in text with a few > > image files. it just needs to be secure, easy to set up and easy to > > use. > > > Unfortunately, secure and easy to setup often do not mix. > > Your two choices for secure that I am aware of are Kerberos and SSH. > Unless you already have a Kerberos infrastructure in place, you don't want > to go there. A W2K domain does count, but I've never seen any discussion > about how to make CVS Kerberos play in that environment. > > Before a good answer to your inquiry can be provided, we need to know > the platforms you and the other CVS user are using. You say the repository > is on Debian Linux. What platforms will you and the other person be > accessing the repository from? For the purposes of this reply, I'll > assume Linux all around. If Windows is in the picture, what I will be > suggesting will still play fine. > > I am doing exactly what you want with another developer with my repository. > The repository is accessed securely using SSH. The biggest hurdle to > setting up remote access to such a repository is configuring SSH. You > have to decide and configure what authentication methods you want to allow, > then possibly generate certificates. To satisfy your convenience of use > criteria, I suggest use of RSA public key certificates. They are very > secure, and can be set up so you only have to enter a password once. or zero times if i don't encrypt id_rsa or id_dsa... :-) works like a charm, so i'm very happy. thank you! but i am curious about one more thing. this ssh method requires that my co-developer has an account on the system containing the repository. i don't mind that, since he's a friend. but in general, someone who accesses cvs this way has system access. not only can my co-developer do things like "cvs checkout" and "cvs commit", but he can also ssh into the machine and work at a remote shell. is there a way to give co-developers access to cvs WITHOUT giving them system level access? i assume changing the shell to /bin/false in /etc/passwd will break remote cvs access (correct me if that's wrong). thanks guys! pete -- GPG Instructions: http://www.dirac.org/linux/gpg GPG Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs