wincvs/ssh

Intro

Most of the guides I found whilst trying to do this task were aimed at older SSH v1 clients, and a lot of the setup involved custom builds of SSH, which wasn’t really what I was after. I wanted a simple guide that would work for common downloads of free software so my friends could access a remote CVS repository from Windows – this is the result.

Before starting, you need to have SSH (Protocol 2) access to a server that contains the CVS repository, and know the correct path to CVSROOT along with your login username and password.

Note that text <like this> indicates a value that you need to supply, and it will vary depending upon your situation. Text [like this] indicates a comment to aid the filling in of a section (no need to load images). For those using a browser that can cope with fonts, typed commands look like this.

Cygwin setup

Get the installer from http://www.cygwin.com – click on the ‘Install Cygwin now’ link and run the setup.exe that is downloaded. Once in the installer, it is best to allow the default options right up until the package list is presented.

You can of course grab everything, but all you absolutely have to have is the following (click on View to see the list called ‘full’):

cygwin
bash
ash
openssh
rsync
textutils

If the item has a version number in the New column then that item will be installed, and if the entry says Skip, then it won’t be included. Change the status of an entry by clicking in that column.

Allow the install to complete and run the clearup scripts.

OpenSSH setup

To setup passwordless authentication, start up Cygwin, and at the prompt type:

ssh-keygen -t dsa -P ""

If asked for any file locations, just hit Enter and leave them all as defaults.

Copy the file from the local machine to a temporary one on the remote host:

scp .ssh/id_dsa.pub <user>@<remote_host>:~/

Now log into the remote machine, and add this ID to the trusted hosts file [1]:

ssh -l <user> <remote_host>
cat id_dsa.pub >> .ssh/authorized_keys
rm id_dsa.pub

If the SSH server has been set up with the option StrictModes yes in the sshd_config file, then care needs to be taken to ensure that the home directory, .ssh directory and the files within .ssh all have the correct permissions. If you are in any doubt, use the following commands to ensure things are ok for the server – note that this may break filesharing between groups on the server, in which case you need to alter the SSH server config file, and set StrictModes no.

chmod g-w ~
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Logout of that session on the remote machine, and then try:

ssh -l <user> <remote_host>

This should get you back to the prompt without asking for a password.

NB: Care should be taken in the spelling of the filename
authorized_keys
[1], and in no circumstances should a UK spelling be inadvertantly
used…
Not that I’ve been caught out.
Ahem.

WinCVS setup

For those who don’t wish to/can’t see the images, read the values between the -> below as meaning clicks on menus or tabbed dialogue box entries. I tested this setup on WinCVS 1.3.8.1 beta8 build1, where Ctrl+F1 would print up the Admin->Preferences box.

Admin->Preferences->General:

Authentication: ssh
Path:           <remote CVSROOT>
Host address:   <remote host>
User name:      <user>
Admin->Preferences->General screenshot
Admin->Preferences->General->Authentication Settings:

If ssh is not in the PATH
[check this box]
C:cygwinbinssh.exe
[if the default Cygwin install is used]
Admin->Preferences->General>Authentication Settings screenshot
Admin->Preferences->Globals:

TCP/IP compression
[use if possible -
a higher value means more CPU time
but less network traffic]
Admin->Preferences->Globals screenshot
Admin->Preferences->WinCVS:

HOME (passwords and ~/.cvs files)
C:cygwinhome<user>
Admin->Preferences->WinCVS screenshot

Links

Cygwin homepage
WinCVS homepage
CVS homepage
OpenSSH homepage

Footnotes

[1] Skip Coombe has suggested that instead of authorized_keys, the filename should be authorized_keys2. I don’t have the systems available to me to test this and my setup works fine with the filename as is, but if you are having trouble getting things working then do try the alternative filename.

8 Comments

  1. Alan Ho September 12, 2005

    Nice Instruction Page 🙂

  2. Roger Carns April 24, 2006

    :sad:everything was OK until the verbage on the Wincvs. After that it does not match the application

  3. ian April 24, 2006

    Ah: if the screen grabs are not what you’re viewing now then I’m not 100% surprised as this guide is now 3 years and 8 months old !

    I also no longer have access to a PC to rewrite this guide, but I’ll leave the page up in case anyone decides that running Windows 95 is the right thing for them to do…

  4. lees October 13, 2006

    No? Really …?

  5. Disabled April 20, 2007

    🙂 I agree with Roger Carns

  6. Greg Ims January 9, 2008

    A very handy tutorial. I have always had difficulties with mastering linux-like commands, but this helped me to overcome it. Thanks a lot.

    Regards
    Greg

  7. Grezor March 12, 2008

    One question.. What if the SSH server does not allow a key-based authorization? I heard about that somewhere and I am not sure how deal with this in the example provided here.

  8. ian March 12, 2008

    Well, you don’t have to have key based auth, but every CVS action will prompt you for your password: at least it does when doing Unix command line CVS stuff… I’m not sure what WinCVS will do – it will either prompt for a password (annoying) or fail without asking (not useful). I no longer have access to any Windows machines to test this.

    As an alternative, you could always alter the ssh server setup (often in /etc/ssh/sshd_config) to allow key based authentication although this may be problematic if you don’t admin the server.

    HTH

Comments are Disabled