* Craig Dickson ([EMAIL PROTECTED]) spake thusly: > begin Ben Collins quotation: > > > I strongly suggest using CVS over SSH. It's easy to setup. Just make > > sure the server that your CVS repo is on has sshd installed. Then on the > > client do: > > > > export CVS_RSH=ssh > > > > cvs -d :ext:<username>@cvs.server.com:/repo co myproj > > Yes, I use cvs with ssh this way. Works fine. > > > Then, you can work as you normally would, had you used pserver. If you > > want to avoid having to type your SSH passphrase for every access to the > > server, then I suggest using ssh-agent. > > How is ssh-agent different from just running ssh-keygen to create a > key pair with an empty passphrase and putting the public key into > ~/.ssh./authorized_keys on the cvs machine?
If you're creating a dedicated user for CVS access, run CVS updates form a cron job etc., it's easier to use empty passphrase. If you're setting it up for your regular account and interactive use, you'd protect your keys with a passphrase anyway. If you use ssh-agent with non-login accounts/cron, you'll have to leave it running all the time. It will keep [unencrypted] keys in memory, available more or less to anyone who can access the machine. So it's no more secure than storing keys unencrypted. Dima -- Backwards compatibility is either a pun or an oxymoron. -- PGN
