On Fri, 10 Feb 2012, Satish Balay wrote: > > With Bitbucket, GitHub, and all the others, the web account is *not* a unix > > account. It's just a way to manage identity/keys. Everyone using ssh has > > hg at bitbucket.org (and git at github.com, etc). > > sure the implemtation details are different - but I mean - the top > level models as I described are equivalent - and can be implemented > equivallly. > > Yesh all users go though a single unix account [for ssh] - and a > [thats implementation detail - and it shouldnm't matter].
Ok - I'll agree the account management at Bitbucket is better than what we have at petsc.cs.iit.edu [esp when one is involved in multiple projects hosted at bitbucket]. wrt the other 2 issues yo've raised: 1. fail2ban blocking on messages of the following type: Oct 24 14:48:15 petsc sshd[1782]: Address 71.74.181.122 maps to cpe-71-74-181-122.mi.res.rr.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! fixed fail2ban to ignore these messages. 2: ssh not working from crappy networks [aka istanbul airport] - so https is preferable. Here - I'll say its more about port 22 being blocked - and port 443 beeing open. So I'm having ssh listen on port 443 aswell. [there are multiple ways of doing this. I'm currently using ipatbles for this. Will see how stable the current approach is]. from ~/.ssh/config host petsc-ssh-over-https.cs.iit.edu HostName petsc.cs.iit.edu Port 443 asterix:/home/balay/spetsc>hg pull ssh://petsc at petsc-ssh-over-https.cs.iit.edu://hg/petsc/petsc-dev running ssh petsc at petsc-ssh-over-https.cs.iit.edu 'hg -R /hg/petsc/petsc-dev serve --stdio' pulling from ssh://petsc at petsc-ssh-over-https.cs.iit.edu//hg/petsc/petsc-dev searching for changes no changes found asterix:/home/balay/spetsc> Some migh prefer https [esp windows] - becase its easier to completely avoid dealing with ssh. This can also be fixed on petsc.cs.iit - but since this is not elegant - I'll avoid that. You guys can still decide on moving over to bitbucket though.. Satish
