[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-cvs] administration/content/gnu-content/faq Account_...
|
From: |
Sylvain Beucler |
|
Subject: |
[Savannah-cvs] administration/content/gnu-content/faq Account_... |
|
Date: |
Mon, 28 Mar 2005 12:44:52 -0500 |
CVSROOT: /cvsroot/administration
Module name: administration
Branch:
Changes by: Sylvain Beucler <address@hidden> 05/03/28 17:44:51
Modified files:
content/gnu-content/faq:
Account_-_How_do_I_configure_my_SSH_access.txt
Log message:
Cleaned-up, and completed using questions from users.
CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/administration/administration/content/gnu-content/faq/Account_-_How_do_I_configure_my_SSH_access.txt.diff?tr1=1.1&tr2=1.2&r1=text&r2=text
Patches:
Index:
administration/content/gnu-content/faq/Account_-_How_do_I_configure_my_SSH_access.txt
diff -u
administration/content/gnu-content/faq/Account_-_How_do_I_configure_my_SSH_access.txt:1.1
administration/content/gnu-content/faq/Account_-_How_do_I_configure_my_SSH_access.txt:1.2
---
administration/content/gnu-content/faq/Account_-_How_do_I_configure_my_SSH_access.txt:1.1
Mon Feb 21 14:07:42 2005
+++
administration/content/gnu-content/faq/Account_-_How_do_I_configure_my_SSH_access.txt
Mon Mar 28 17:44:51 2005
@@ -1,43 +1,84 @@
+<h3>Short version</h3>
+
+<p>You can simply setup your SSH key by typing in a terminal:
+<pre>ssh-keygen -t dsa</pre> Then copy <code>~/.ssh/id_dsa.pub</code>
+at http://savannah.gnu.org/account/editsshkeys.php (once logged
+in).</p>
+
+
+<h3>Detailed version</h3>
+
<p>Generally, if you can't access to your CVS trees or your download
area, it means that your SSH access is not correctly configured. The
*only* thing to do is to create a ssh-key and register it.</p>
<p>First, you should know that here, on Savannah, we use SSH version
-2, with DSA. Add <b>Protocol 2</b> in the ~/.ssh/config file, if you
-think that your SSH will switch to protocol 1 automatically. This
-should be done <b>before</b> creating your ssh-key.
+2.</p>
+
+<p>It is usually not needed to precise it in the SSH client
+configuration file (<code>~/.ssh/config</code>). You can add
+
+<pre>
+Host cvs.savannah.gnu.org
+ Protocol 2
+</pre>
+
+in that file when you think your SSH client will try to make a SSHv1
+connection by default (you can incidentally do that as well to avoid a
+man-in-the-middle attack that tries to move the connection from
+protocol 2 to protocol 1 during its establishment, since v1 has some
+flaws and is more easily crackable).</p>
<p>After this, you must create the ssh-key. In general, it is done
-using `ssh-keygen -t dsa`. It will ask you for a passphrase. Only this
-passphrase will be accepted for CVS or scp authentification, <b
-class="error">not the Savannah password</b>. The public key will be
-placed at ~/.ssh/id_dsa.pub.
-
-<p>You must register your public key in the Account Maintenance page [
-http://savannah.gnu.org/account/editsshkeys.php ]<br> Make sure there
-are no line breaks except between keys. After submitting, verify that
-the number of keys in your file is what you expected.
+using <pre>ssh-keygen -t dsa</pre> It will ask you for a
+passphrase. Only this passphrase will be accepted for CVS or scp
+authentification, <b class="error">not the Savannah password</b>. The
+public key will be placed at <code>~/.ssh/id_dsa.pub</code>.</p>
+
+<p>You must register your public key in the Account Maintenance page
+(http://savannah.gnu.org/account/editsshkeys.php). Make sure there are
+no line breaks except between keys - more information in the Account
+Maintenance page. After submitting, verify that the number of keys in
+your file is what you expected.</p>
+
+<p>You can publish several public keys, which is often needed when you
+connect to Savannah from different computers. You can delete them when
+you do not use that key pair anymore.</p>
<p>Wait for the next cron job (in the worst case, 30 minutes).
<p>Try to download your CVS tree (take a look at your CVS project page
-- or read *How do I import my project into the CVS?*)
+- or read *How do I import my project into the CVS?*)</p>
+
+<h3>Common troubles:</h3>
+
+<ul><li><p>If, when (for example) you try to write on your download
+area, it asks you for a password and not a passphrase, then means that
+your key is not recognized. It could be a matter of time (the cron
+job...) or, generally, it means that your key is not a correct SSH2
+DSA key. If you think you have done everything correctly, use the
+support manager
+(https://savannah.gnu.org/support/?group=administration) or write to
address@hidden explaining your problem, providing
+copy/paste from the errors messages. It would also be good to provide
+the output from
+
+<pre>cvs -t
-d:ext:<i>yourlogin</i>@cvs.savannah.gnu.org/cvsroot/<i>yourproject</i> co
<i>yourproject</i></pre>
+
+and the output from:
+
+<pre>ssh -v <i>yourlogin</i>@cvs.savannah.gnu.org</pre>
+
+</p></li>
+
+<li><p>When you try to cvs, it will reports <code>the authenticity of
+host subversions.gnu.org cannot be established, RSA key fingerprint is
+80:5a:b0:0c:ec:93:66:29:49:7e:04:2b:fd:ba:2c:d5</code>.
-<p><b class="error">So...</b><br>
-In fact, you can simply do this by typing:<br>
-echo "Protocol 2" > ~/.ssh/config<br>
-ssh-keygen<br>
-[ http://savannah.gnu.org/account/editsshkeys.php ] Change Authorized Keys
page (logged in)
-
-<p><b class="error">Common troubles:</b><br> If, when (for example)
-you try to write on your download area, it asks you for a password and
-not a passphrase, then means that your key is not recognized. It could
-be a matter of time (the cron job...) or, generally, it means that
-your key is not a correct SSH2 DSA key. If you think you have done
-everything correctly, use the support manager [
-https://savannah.gnu.org/support/?group=administration ] or write to
address@hidden (public list) explaining your problem,
-providing copy/paste from the errors messages.<br><br>
+Why RSA here and not DSA? This is the RSA fingerprint of the Savannah
+site-wide server key. It is used to verify that the site you are
+connecting to is well GNU Savannah, and not a fake website. It is
+totally different from your SSH key.</p></li></ol>
-<P><font size="-1">Updated $Date: 2005/02/21 14:07:42 $</font>
+<p style="font-size: smaller;">Updated $Date: 2005/03/28 17:44:51 $</p>