RE: CVS authentication using LDAP.

[Arthur Barrett]

Mark,
 
If you configure your unix/linux server to perform 'normal' ssh
authentication with LDAP then a cvs client using ssh will also use LDAP
and the SSH protocol is fairly secure.  Refer to your operating system
documentation or vendor technical support for instructions on how to
configure ssh to perform LDAP authentication.  
 
Once you have that working, if you are using a CVSNT client on Windows
(like WinCVS or TortoiseCVS) then you can use the CVSROOT connection
string :ssh:server:/repo, otherwise (non CVSNT clients, or CVSNT on
non-Windows) you use :ext:server:/repo
 
Alternatively if you rely heavily on 'pserver' type 'alias' users and
want to keep them then CVSNT Server is free/GPL and runs on linux/unix
and supports PAM for all protocols including SSERVER (which is a
'secure' pserver).
 
Regards,
 
 
Arthur Barrett
 

        -----Original Message-----
        From: info-cvs-bounces+arthur.barrett=march-hare....@nongnu.org
[mailto:info-cvs-bounces+arthur.barrett=march-hare....@nongnu.org] On
Behalf Of Risman, Mark
        Sent: Tuesday, 12 May 2009 1:41 AM
        To: info-cvs@nongnu.org
        Subject: RE: CVS authentication using LDAP.
        
        

        Hi, 

                Similar to this request, does anyone have any wisdom on
a good way to set up CVS authentication via LDAP, but in a manner which
allows the password to be secured as it travels across the network?

                Currently we already have LDAP up and running, and we
use CVS version 1.11.17. I could upgrade this to a 1.12 version with PAM
support, but I'm not inclined to bother doing that until I have a
solution to the authentication issue.

                In my research I came across one possibility which uses
"stunnel", which is SSL tunneling software I'm not familiar with, but
I'm wondering if anyone has had experience using this or any similar
method for CVS user authentication.

                I understand this is all probably a familiar question to
everyone, but if someone could point me toward some basic information
that would help me to implement this, I would appreciate it.

        Thank you, 
        - Mark 


        From:   cvs admin        
        Subject:        CVS authentication using LDAP.   
        Date:   Wed, 29 Mar 2006 12:17:23 +0530  

          _____  
        

        Hi , 
          
        In the present scenario, we have usernames/passwords stored for
each repository on the CVS system itself. We would like to use the LDAP
server for CVS authentication which stores all the Network login IDs and
passwords. This way we wouldn't have to store passwords on the server
and users will have to remember only their network/windows login
password. 

        For this, we might have to install some system level packages
related to PAM (which supports LDAP authentication). 
          
        So anybody have any links or docs to configure the LDAP on Red
Hat Enterprise Linux AS release 4 (Nahant Update 2) 


        Thanks for help in advance. 
          
        cheers 
        Om 


        
        
        
        
        **********************************************************
        
        MLB.com: Where Baseball is Always On