Daniel Carrera writes: > Ethan Blanton wrote: >> Then, to connect to the server, run something like the following on >> your workstation: >> >> ssh -L4691:localhost:4691 <server> > > Could you clarify this command? My reading of it is: > > ssh -L4691:localhost:4691 [EMAIL PROTECTED] > > > Which would require me to have SSH login ("daniel"). What am I missing?
You are correct but the [EMAIL PROTECTED] account may be unprivileged (running a restricted shell) and shared with other developers. You might as well call it after the project the developers work on, e.g. [EMAIL PROTECTED] The monotone server itself, and the database, belong to and run as a different user, e.g. [EMAIL PROTECTED] I run a public monotone server on www.ada-france.org; see http://www.ada-france.org/article131.html for explanations. The security model is simple: everyone has read access, and only a few trusted developers have write access to the entire database (they can create branches at will). Because this is a netsync server running as a "monotone" user that has /bin/false as its shell, only sysadmins with root access to the machine can delete from this database. -- Ludovic Brenta. _______________________________________________ Monotone-devel mailing list Monotone-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/monotone-devel