Hi Claudio,
Please check file "cvsnt" in /etc/xinet.d/cvsnt and "xinetd.conf" or
"inetd.conf" on the server.
Example :
CVSNT file:
-----------
service cvspserver
{
socket_type = stream
wait = no
server = /usr/bin/cvsnt
server_args = --allow-root=/demo -f pserver
env = 'HOME=/demo'
log_type = FILE /var/log/cvspserver
groups = yes
log_on_failure += USERID
flags = REUSE IPv6
mdns = no
disable = no
user = root
}
NOTE : Note especially the "server" and "server_args". Wrong information
here will result in "connection actively refused" when trying to
authenticate. If you're using normal inetd, not xinetd, read the section
following this.
xinetd.conf or inetd.conf file :
-------------
cvspserver stream tcp nowait root /usr/bin/cvs
cvs --allow-root=/demo authserver
Check login : telnet 192.168.24.105 2401
With pserver and sserver, the passwords are stored on the client side in
a trivial encoding of the cleartext and in the pserver case transmitted
in the same encoding. The encoding is done only to prevent inadvertent
password compromises (i.e., a system administrator accidentally looking
at the file), and will not prevent even a naive attacker from gaining the
password. With Sserver, the client/server connection is encrypted using
SSL, and the risk of the password being sniffed on the wire is very
low.Do you have created a certificate for cvsnt?
Claudio Guzman wrote:
other question, for cvs access to the user also has to take into
account the debian. and as if the protocol is running sserver?
Example:
Client:
$ cvs -d :sserver:demo:[email protected]:/demo login
Logging in to :sserver:[email protected]:2401:/demo
connect to 192.168.24.105:2401 failed:
Server log auth.log
Feb 23 16:06:04 desarrollo sshd[2898]: Failed password for invalid
user demo from 192.168.24.107 port 58961 ssh2
2009/2/21 <[email protected]>:
Hi Claudio,
On Server:
PServer and Plugin
Vi /etc/cvsnt/Plugins
#EnumProtocol=1 # Remote enumeration (info -r)
#GserverProtocol=1 # GSSAPI
PserverProtocol=1 # Original pserver
SserverProtocol=1 # SSL encrypted pserver
#SspiProtocol=1 # SSPI (via Winbind, if configured)
#SyncProtocol=1 # Server sync
#AuditTrigger=0 # Audit events to database
#EmailTrigger=0 # Send emails
#CheckoutTrigger=0 # Enable CVSROOT/shadow
- Vi /etc/cvsnt/PServer and change:
#
AuditLogSessions=1 # All server connections/commands
#AuditLogCommits=0 # Log changes due to commits
#AuditLogDiffs=0 # Store diffs in commit log
#AuditLogTags=0 # Log tagging operations
AuditLogHistory=1 # Log cvs history
#
You will create a key PEM
CertificateFile=/etc/cvsnt/cert.pem
PrivateKeyFile=/etc/cvsnt/key.pem
And change :
#CertificatesOnly=0
Repository0=/home/database
Repository0Name=/database >> Repository0Name=/database
On Client :
You install cvsnt and cvsnt-protocol-sserver on CVS Client.
Claudio Guzman wrote:
please PServer settings and Plugin, I can not make the client connects
to the server remotely by :sserver:
Thanks.
_______________________________________________
cvsnt mailing list
[email protected]
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
Upgrade to CVS Suite for more features and support:
http://march-hare.com/cvsnt/
_______________________________________________
cvsnt mailing list
[email protected]
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
Upgrade to CVS Suite for more features and support: http://march-hare.com/cvsnt/
