Daniel Carrera writes:
> Ethan Blanton wrote:
>> Then, to connect to the server, run something like the following on
>> your workstation:
>>
>> ssh -L4691:localhost:4691 <server>
>
> Could you clarify this command? My reading of it is:
>
> ssh -L4691:localhost:4691 [EMAIL PROTECTED]
>
>
> Which would require me to have SSH login ("daniel"). What am I missing?
You are correct but the [EMAIL PROTECTED] account may be
unprivileged (running a restricted shell) and shared with other
developers. You might as well call it after the project the
developers work on, e.g. [EMAIL PROTECTED] The monotone
server itself, and the database, belong to and run as a different
user, e.g. [EMAIL PROTECTED]
I run a public monotone server on www.ada-france.org; see
http://www.ada-france.org/article131.html for explanations. The
security model is simple: everyone has read access, and only a few
trusted developers have write access to the entire database (they can
create branches at will). Because this is a netsync server running as
a "monotone" user that has /bin/false as its shell, only sysadmins
with root access to the machine can delete from this database.
--
Ludovic Brenta.
_______________________________________________
Monotone-devel mailing list
Monotone-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/monotone-devel
