??changed: - - You can simply setup your SSH key by typing in a terminal:: - - ssh-keygen -t dsa - - Then copy '~/.ssh/id_dsa.pub' at https://savannah.gnu.org/my/admin/editsshkeys.php (once logged in). -------------
You can simply setup your SSH key by typing in a terminal:: ssh-keygen -t dsa Then copy ``~/.ssh/id_dsa.pub`` at https://savannah.gnu.org/my/admin/editsshkeys.php (once logged in). ??changed: - - Generally, if you can't access to your CVS trees or your download area, it means that your SSH access is not correctly configured. The only thing to do is to create a ssh-key and register it. - - Note that if you're not member of any project, no account will created on the system - you will have your web account, but not system access. A system account will be created after you become a member of at least one project. - - First, you need to create the ssh-key. In general, this is done by using:: - - ssh-keygen -t dsa - - It will ask you for a passphrase. Only this passphrase will be accepted for CVS or scp authentification, not the Savannah password. The public key will be placed at '~/.ssh/id_dsa.pub'. - - You must register your public key in the Account Maintenance page (http://savannah.gnu.org/my/admin/editsshkeys.php). Make sure there are no line breaks except between keys - more information in the Account Maintenance page. After submitting, verify that the number of keys in your file is what you expected. - - You can publish several public keys, which is often needed when you connect to Savannah from different computers. You can delete them when you do not use that key pair anymore. - - Wait for the next cron job (in the worst case, 1 hour). - - Try to download your CVS tree (take a look at your CVS project page - or read *How do I import my project into the CVS?*) - -[18 more lines...] ---------------- Generally, if you can't access your CVS trees or your download area, it means your SSH access is not correctly configured. The only thing to do is to create a ssh-key and register it. Note that if you're not member of any project, no account will created on the system - you will have your web account, but not system access. A system account will be created after you become a member of at least one project. First, you need to create the ssh-key. In general, this is done by using:: ssh-keygen -t dsa It will ask you for a passphrase. Only this passphrase will be accepted for CVS or scp authentication, not the Savannah password. The public key will be placed at '~/.ssh/id_dsa.pub'. You must register your public key in the Account Maintenance page (http://savannah.gnu.org/my/admin/editsshkeys.php). Make sure there are no line breaks except between keys - more information in the Account Maintenance page. After submitting, verify that the number of keys in your file is what you expected. You can publish several public keys, which is often needed when you connect to Savannah from different computers. You can delete them when you do not use that key pair anymore. Wait for the next cron job (in the worst case, 1 hour). Try to download your CVS tree (take a look at your CVS project page - or read CvsImportExistingProject) Remembering your passphrase --------------------------- ``ssh-agent`` may be already started for you (that's the case for most distros). Check its present using:: $ ps ax | grep ssh-agent 3535 ? Ss 0:00 /usr/bin/ssh-agent /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/gnome-session 3536 ? Ss 0:01 /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/gnome-session 24672 pts/2 S+ 0:00 grep ssh-agent # or: $ echo $SSH_AGENT_PID - $SSH_AUTH_SOCK 3536 - /tmp/keyring-6Q9l0p/ssh Once ``ssh-agent`` is started, you need to register your password using ``ssh-add``:: $ ssh-add Enter passphrase for /home/me/.ssh/id_dsa: # or: $ ssh-add ~/.ssh/myotherkey This will last for the duration of the X session. After that, 'ssh' will not ask you your passphrase anymore. Troubleshooting --------------- * If, when (for example) you try to use CVS, you're rejected with 'Permission denied (publickey).', that means that your key is not recognized. It could be a matter of time (cron job) or, generally, it means that your key is not a correct SSH2 DSA key (the key registration page contains a sample key for you to compare). If you think you have done everything correctly, use the support manager (https://savannah.gnu.org/support/?group=administration) or write to [EMAIL PROTECTED] explaining your problem, providing copy/paste from the errors messages. It would also be good to provide the output from the following commands:: cvs -t -d:ext:[EMAIL PROTECTED]/cvsroot/yourproject co yourproject ssh -v [EMAIL PROTECTED] * I have several SSH keys, how do I get the SSH client to select the appropriate one? * You can use 'ssh-agent' and 'ssh-add' to remember your key and passphrase. Then the SSH client will try all the remembered keys. * You can explicitly specify the key to use in your '~/.ssh/config':: Host cvs.*gnu.org IdentityFile ~/.ssh/id_dsa_savannah * You can also use a wrapper script:: ??changed: - * My key has several lines, how do I enter it? Well, note that we only support free implementations of SSH, such as http://www.openssh.org. If you public key is several-lines-long, and begins with '---- BEGIN SSH2 PUBLIC KEY ----', then you are using a proprietary version that we do not support. - - * When you try to cvs, it will reports the authenticity of host subversions.gnu.org cannot be established, RSA key fingerprint is '80:5a:b0:0c:ec:93:66:29:49:7e:04:2b:fd:ba:2c:d5'. Why RSA here and not DSA? This is the RSA fingerprint of the Savannah site-wide server key. It is used to verify that the site you are connecting to is well GNU Savannah, and not a fake website. It is totally different from your SSH key. - - -From thecarpy Wed Feb 27 09:18:32 +0000 2008 -From: thecarpy -Date: Wed, 27 Feb 2008 09:18:32 +0000 -Subject: typos -Message-ID: <[EMAIL PROTECTED]://savannah.gnu.org/maintenance> - -There are several typos on this page: -Generally, if you can't access to your CVS trees or your download area -should be -Generally, if you can't access your CVS trees or your download area - -then means that your key is not recognized. -should be -that means your key is not recognized. -[3 more lines...] * My key has several lines, how do I enter it? Well, note that we only support free implementations of SSH, such as http://www.openssh.org. If you public key is several-lines-long, and begins with '---- BEGIN SSH2 PUBLIC KEY ----', then you are using a proprietary version that we do not support. * When you try to cvs, it will reports the authenticity of host subversions.gnu.org cannot be established, RSA key fingerprint is ``80:5a:b0:0c:ec:93:66:29:49:7e:04:2b:fd:ba:2c:d5``. Why RSA here and not DSA? This is the RSA fingerprint of the Savannah site-wide server key. It is used to verify that the site you are connecting to is well GNU Savannah, and not a fake website. It is totally different from your SSH key. * What about ``authorized_keys``? ``authorized_keys`` is maintained on the server side, at Savannah. This is done automatically, based on the public keys you uploaded to the web interface. -- forwarded from https://savannah.gnu.org/maintenance/[EMAIL PROTECTED]://savannah.gnu.org/maintenance _______________________________________________ Savannah-cvs mailing list [email protected] http://lists.gnu.org/mailman/listinfo/savannah-cvs
