[WLUG] cvs via ssh : preserve content authorship

Carl T. Miller carl at carltm.com
Fri Jan 6 18:16:31 EST 2017 

Jim, as I recall, the best way to do this is to
remove the keys for the cvs account and then
create an account for each user.  You would then
require each user to provide you with a public
key, and you would restrict the usage of the key.

Aside from distinguishing user accounts within
the repo, this method also allows you to remove
a single user's access without creating a new
set of keys for the cvs user account.

c


Jim Irrer wrote:
> I've been tasked with moving our CVS repository to a new host, and for
> security reasons
> want to change from using pserver to using ssh.
>
> It's mostly working, except that when a client checks something in, the
> history indicates that
> the change was made by user cvs instead of the the actual user (eg irrer).
> There is a cvs user set up on
> the server machine receiving all requests.
>
> The .ssh/authorized_keys file has entries of the form (all on one line):
>
> command="/usr/bin/cvs server",no-port-forwarding,no-
> pty,no-X11-forwarding,no-agent-forwarding ssh-rsa
> AAAAB3NzaC1yc2EAAAADAQABAAABAQCofHvy3hg3+JoC1htSaIAaftCC/
> Ud0NY003pu7xxR+WFLIHSwj+ITOVUXJqZ1faqsf1NvPGDAqpOGibxd5PNX1RBa/
> 5iztxCuc1SgjNgbkf6jKbE+cu+WW9JhQoFdTOxnOa7j/eJi4eoDW44O2MJkVtZV9vuId6BmByP
> OCUfli0STq8Jv/vCVEKettw25TqAj+VkRyQlixhSs1I8tIFSCbT6syanzoXJOvlbbFWKIhCi+
> Un069y8Ikj8ehOK0NTpfcq/zThXOkqP52ycLTv8OTrxX8qoi/
> f6ACFx2hIm8yGlXrPzVusnrWHriVFMZV7z8uw26y99znRiEzQ8K4t+eN irrer at WSRO1014
>
> The CVSROOT environment values are:
>
> CVSROOT=:ext:cvs at CVS.HOST.MACHINE:/data/CVSBASE/research
> CVS_RSH=ssh
>
> I was thinking maybe that there would be a command line option to add to
> the "/usr/bin/cvs server" to specify the author but can not find anything.
>
> Thanks for any advice,
>
> - Jim
>
> Jim Irrer     irrer at umich.edu       (734) 647-4409
> University of Michigan Hospital Radiation Oncology
> 519 W. William St.             Ann Arbor, MI 48103-4943
> ______________________________________________________
> washlug mailing list    washlug web site
> washlug at washlug.org     www.washlug.org
> http://linux.marcdatabase.com/mailman/listinfo/washlug
>

More information about the washlug mailing list