On Tue, 2003-08-12 at 04:21, Lia Lia wrote: > Hi! > I am new in Linux and CVS and I could use some advise... > I recently installed Red Hat 9 to use as a server for CVS. The clients are > Windows 2000 and I have WinCvs as a client. My first problem is that the > telnet deamon is not running (acording to my netstat the port is > listening--and a connection is established for authentication. I just keep > getting a "connection to host lost" after i enter the password). Second
First, I would like to dissuade you from using telnet at all. SSH (as you mention further on down) is a much better alternative, providing encryption and, alternatively, compression. If it doesn't appear to be listening on port 22, make sure it is running with "service sshd status". See my next answer for possible issues with your firewall. > problem I cannot open the port for the cvs pserver (i have created the > cvspserver in xinetd directory, I use lokkit to open the port but the port Whenever you make changes to a service controlled via xinetd, you'll need to restart the xinetd daemon: "service xinetd restart". You should now see the system listening on port 2401. If not, make sure your cvspserver config file has "disable = no" (and restart if necessary). That said, heed my warning about lokkit and its "write-only" mode: http://marc.theaimsgroup.com/?l=redhat-list&m=106061367803184&w=2 If you're having problems with your firewall, post your /etc/sysconfig/iptables script, and we can help you edit it manually to suit your needs. > does not open according to the netstat). Third, I would like to configure my > sshd to use only keys and no passwords to authenticate, so I can connect the > cvs client via ssh without constantly entering password. could anyone help?? sshd uses asymmetric keys (private for decryption, public for encryption) for authentication and encryption. The first thing you'll need to do is create your own keys. Make *ABSOLUTELY CERTAIN* that your private keys never get compromised. Keep them in your ~/.ssh directory. Never send them across the wire, never share them, nothing. ssh-keygen -tdsa -b1024 -N '' It will ask you to name the files, I usually accept the default of ~/.ssh/id_dsa for my private key and ~/.ssh/id_dsa.pub for my public key. Note that the "-t" (key type) and "-b" (number of bits) settings are your choice. I recommend dsa key types and at least 1024 bits... you might want to use 2048, depending on a) how paranoid you are, and b) how much of your system resources you want tied up de/encrypting your data. Now, you'll want to copy your public key over to any servers you wish to setup logins for. In short, you'll want to concatenate the key into your remote ~/.ssh/authorized_keys file. If this file doesn't exist, you can simply do: cp id_dsa.pub ~/.ssh/authorized_keys Otherwise, you'll want to first append a newline to the existing file, *THEN* add your key: echo >> ~/.ssh/authorized_keys cat id_dsa.pub >> ~/.ssh/authorized_keys Logout, and then log back in. It should work without a password prompt. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
