Thanks! It works... :-)
I have one more query... on branching. Check the new thread. Cheers, Gaurav Vaish http://gallery.mastergaurav.org ---------------------------------------- On Tue, 26 Oct 2004 08:58:00 -0700, Mark D. Baushke <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Gaurav Vaish <[EMAIL PROTECTED]> writes: > > > > The host firewall.network.net is the external firewall and > > > allows me to establish port forwarding to internal hosts > > > via an SSH connection. > > > > No. It does not allow right now. But I want it do so. But it also > > has sshd running on itself, listening on 22 and I don't want to shut > > it down. > > You are still confused. > > The :pserver: is the one that listens and talks on a particular port. > The :ext: runs a copy of cvs in server mode over ssh and does not > actually consume any ports of its own. It is even possible to run :ext: > over kermit (or so I have been told). All you need is an eight-bit clean > cahnnel to pass the bits. > > So, you need port 22 to continue to run SSHD. You also need to be > setting things up so that you are port forwarding the ability to login > via ssh to the system on which the cvs server is to be run locally. > > > > > > > Problem: How do I configure things with my CVSROOT and SSH > > > > > > configuration to allow me to checkout and commit to > > > foo.my.network.net from my.laptop.somewhere.com that must > > > go thru an SSH tunnel on the firewall.network.net in order > > > to get to the cvs.my.network.net host. > > > > Well, I can get to it if I had only this as the problem. Since the > > firewall is under my control, I can enable portforwarding (Linux, > > iptables -- not an issue). > > > > The problem: > > > > -> Firewall.network.net already has a sshd running on 22. > > I cannot use 22 for forwarding, since sshd is listening. > > I cannot use another port, because "ext protocol" does not > > allow me to use any port other than 22. > > > > export [EMAIL PROTECTED]:/cvs/root/path > > > > cannot be changed to > > > > export [EMAIL PROTECTED]:111111:/cvs/root/path > > The :ext: protocol does not allow you to specify port numbers because > the transport of $CVS_RSH may or may not allow you to move to a separate > port number in any kind of a portable manner. > > What is happening is that cvs will be running a command like: > > "${CVS_RSH:-rsh} mycvsserver -l user ${CVS_SERVER} server" > > given the environment > > CVSROOT=:ext:[EMAIL PROTECTED]:/cvs/root/path > > and the cvs protocol across the connection will be where it communicates > 'Root /cvs/root/path' for you. > > So, for setting up a cvs connection of :ext: you will want to make sure that > the command: > > ssh mycvsserver -l user uname -a > > works first and prints out the name of the remote host you are > attempting to use. If it does, then you can be fairly sure that the cvs > connection will also work. > > Let us look at what the previous post I sent does... > > | Suggested workaround: > | > | Created a $HOME/.ssh/config entry something like this: > | > | Host cvsserver > | HostKeyAlias cvs.my.network.net > | Hostname cvs.my.network.net > | ProxyCommand ssh firewall.network.net nc %h 22 > > The above ssh configuration means that whenever you do a connection to > the 'cvsserver' name it will open an ssh connection on cvs.my.network.net > transparently. > > ssh cvsserver > > will get you a login shell on cvs.my.network.net directly. > > | > | You could do something like the following: > | > | export CVS_RSH=ssh > | export CVSROOT=:ext:cvsserver/path/to/cvsroot > | cvs checkout module > | > | This assumes that you have the 'nc' program > | (http://www.atstake.com/research/tools/network_utilities/) > | > | If you are not able to use nc, then something like the following might > | work for you... > | > | In your $HOME/.ssh/config file put something like this: > | > | Host cvsserver2 > | HostKeyAlias cvs.my.network.net > | Hostname localhost > | Port 8822 > | > | Then, in one window do a command like this: > | > | ssh -L 8822:cvs.my.network.net:22 firewall.network.net > > The above command establishes that connections to the localhost port > 8822 will be forwarded to cvs.my.network.net port 22. So, the command > > ssh -p 8822 localhost > > will get you a login prompt from the cvs.my.network.net host. > > | > | and in another window > | > | export CVS_RSH=ssh > | export CVSROOT=:ext:cvsserver2/path/to/cvsroot > | cvs checkout module > | > | There are probably other ways to address the above solutions, but this > | may be a reasonable place to start. > > I hope this helps. > > Good luck, > -- Mark > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.3 (FreeBSD) > > iD8DBQFBfnQI3x41pRYZE/gRAoCcAJ9bVHKZNPqNrDwHEK1TuL6QaT8epACfbRMv > Yd6q2BSVEMOSQcsm70VO+yU= > =8Q8B > -----END PGP SIGNATURE----- > _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://lists.gnu.org/mailman/listinfo/info-cvs