[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVS and SSH - $LOGNAME environment variable
From: |
Steven Queen |
Subject: |
CVS and SSH - $LOGNAME environment variable |
Date: |
Wed, 13 Aug 2003 15:35:33 -0400 |
User-agent: |
Mozilla/5.0 (X11; U; IRIX64 IP30; en-US; rv:1.3) Gecko/20030327 |
I have been using CVS in conjunction with an anonymous SSH account for
about 6 month's now in a configuration that requires a small
modification to the source code. Specifically, I wanted a single account
on the CVS server through which all of the developers could access the
repository -- but using SSH for maximum security.
The technique I used is described in detail in the O'Reilly book,
"SSH The Secure Shell: The Definitive Guide" by Barrett and Silverman,
on p. 309, section 8.2.6.1. The method establishes a single public CVS
login account with a restricted login shell that can only run CVS. The
only method of login into this account is via SSH, and it uses the
ability of OpenSSH to set a users environment variables (e.g. $LOGNAME)
based on the specific public key the use to gain access to the account.
The reason for setting the LOGNAME of the user is so that CVS submittals
are attributed to the correct developer, not solely with the public
access account. This scheme is straight out of the SSH text mentioned --
only it didn't work with CVS 1.1.14, when I tried it.
The solution was a modification of the source code file subr.c. I have
attached the (not very elegant) patch I applied to that file.
If this is something that should be incorporated into CVS, perhaps as a
build option, please let me know and I can provide more details.
Thanks for a wonderful produce.
--
_______________________________________________
Steven.Z.Queen@nasa.gov
NASA, Goddard Space Flight Center
Flight Dynamics Analysis Branch, Code 572
V:(301) 286-0988 F:(301) 286-0369
_______________________________________________
368a369,383
>
> /* I added the following bogus if-structure for the *
> * public server/ssh name resolution - S.Queen 4/3/03 *
> * ----------------------------------------------------*/
> if (1) {
>
> char *name;
>
> name = getenv("LOGNAME");
> cache = xstrdup (name);
> fprintf(stderr,"New code!\n");
> return cache;
> }
> /* ----------------------------------------------------*/
>
- CVS and SSH - $LOGNAME environment variable,
Steven Queen <=