wincvs/ssh

Intro

Most of the guides I found whilst trying to do this task were aimed at older SSH v1 clients, and a lot of the setup involved custom builds of SSH, which wasn’t really what I was after. I wanted a simple guide that would work for common downloads of free software so my friends could access a remote CVS repository from Windows – this is the result.

Before starting, you need to have SSH (Protocol 2) access to a server that contains the CVS repository, and know the correct path to CVSROOT along with your login username and password.

Note that text <like this> indicates a value that you need to supply, and it will vary depending upon your situation. Text [like this] indicates a comment to aid the filling in of a section (no need to load images). For those using a browser that can cope with fonts, typed commands look like this.

Cygwin setup

Get the installer from http://www.cygwin.com – click on the ‘Install Cygwin now’ link and run the setup.exe that is downloaded. Once in the installer, it is best to allow the default options right up until the package list is presented.

You can of course grab everything, but all you absolutely have to have is the following (click on View to see the list called ‘full’):

cygwin
bash
ash
openssh
rsync
textutils

If the item has a version number in the New column then that item will be installed, and if the entry says Skip, then it won’t be included. Change the status of an entry by clicking in that column.

Allow the install to complete and run the clearup scripts.

OpenSSH setup

To setup passwordless authentication, start up Cygwin, and at the prompt type:

ssh-keygen -t dsa -P ""

If asked for any file locations, just hit Enter and leave them all as defaults.

Copy the file from the local machine to a temporary one on the remote host:

scp .ssh/id_dsa.pub <user>@<remote_host>:~/

Now log into the remote machine, and add this ID to the trusted hosts file ^[1]:

ssh -l <user> <remote_host>
cat id_dsa.pub >> .ssh/authorized_keys
rm id_dsa.pub

If the SSH server has been set up with the option StrictModes yes in the sshd_config file, then care needs to be taken to ensure that the home directory, .ssh directory and the files within .ssh all have the correct permissions. If you are in any doubt, use the following commands to ensure things are ok for the server – note that this may break filesharing between groups on the server, in which case you need to alter the SSH server config file, and set StrictModes no.

chmod g-w ~
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Logout of that session on the remote machine, and then try:

ssh -l <user> <remote_host>

This should get you back to the prompt without asking for a password.

NB: Care should be taken in the spelling of the filename
authorized_keys^[1], and in no circumstances should a UK spelling be inadvertantly
used…
Not that I’ve been caught out.
Ahem.

WinCVS setup

For those who don’t wish to/can’t see the images, read the values between the -> below as meaning clicks on menus or tabbed dialogue box entries. I tested this setup on WinCVS 1.3.8.1 beta8 build1, where Ctrl+F1 would print up the Admin->Preferences box.

Admin->Preferences->General: Authentication: ssh Path: <remote CVSROOT> Host address: <remote host> User name: <user>
Admin->Preferences->General->Authentication Settings: If ssh is not in the PATH [check this box] C:cygwinbinssh.exe [if the default Cygwin install is used]
Admin->Preferences->Globals: TCP/IP compression [use if possible - a higher value means more CPU time but less network traffic]
Admin->Preferences->WinCVS: HOME (passwords and ~/.cvs files) C:cygwinhome<user>

Links

Cygwin homepage
WinCVS homepage
CVS homepage
OpenSSH homepage

Footnotes

[1] Skip Coombe has suggested that instead of authorized_keys, the filename should be authorized_keys2. I don’t have the systems available to me to test this and my setup works fine with the filename as is, but if you are having trouble getting things working then do try the alternative filename.