|
|
Boost : |
From: Angus Leeming (angus.leeming_at_[hidden])
Date: 2004-01-06 11:09:10
David Abrahams wrote:
>> Yes, but they are no longer using pserver access. Even anoncvs is
>> using ssh.
>
> Can you point us at some info about how to get anonymous access via
> ssh?
My information comes from here:
http://tinyurl.co.uk/eor9
Specifically, point (2) which I quote verbatim below.
HTH,
Angus
2) Anonymous CVS access will continue, but pserver access has been
discontinued. We realize that many have become accustomed to this
form of anonymous access, but we found many security problems in
pserver and we must avoid it. Anonymous access can now occur via
SSHv2. To do so, use the following CVSROOT:
:ext:<anoncvs_at_[hidden]:/cvsroot/PROJECT>
or
:ext:<anoncvs_at_[hidden]:/cvsroot/PROJECT>
So, for example, to get an anonymous checkout of the GNU Emacs
sources, you would run the following on the bash command line:
export CVS_RSH="ssh"
cvs -d :ext:<anoncvs_at_[hidden]:/cvsroot/emacs> co emacs
The first time you do this, you will be prompted by SSH to
authenticate the server's key fingerprint. See (3) below for
details.
Note that since only SSHv2 is accepted, you must be sure that your
~/.ssh/config does indicate use of "Protocol 1" with
savannah.gnu.org and savannah.nongnu.org.
If you are absolutely unable to use this method for anonymous
access, and you rely on anonymous access, please contact
<<savannah-compromise_at_[hidden]>>. Since SSH is now ubiquitously
available on Free Software systems, we believe that requiring SSH
to be installed locally to gain anonymous access from savannah is
not burdensome. If it turns out to burden you, please contact us.
In fact, this new method authenticates and secures all anonymous
access, and anonymous users are now safe from person-in-the-middle
attacks when they verify the SSH host keys.
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk