[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-cvs] [811] move general notes up, fix heading hierarchy
From: |
ineiev |
Subject: |
[Savannah-cvs] [811] move general notes up, fix heading hierarchy |
Date: |
Tue, 15 Oct 2024 14:15:45 -0400 (EDT) |
Revision: 811
http://svn.savannah.gnu.org/viewvc/?view=rev&root=administration&revision=811
Author: ineiev
Date: 2024-10-15 14:15:44 -0400 (Tue, 15 Oct 2024)
Log Message:
-----------
move general notes up, fix heading hierarchy
Modified Paths:
--------------
trunk/sviki/SshAccess.mdwn
Modified: trunk/sviki/SshAccess.mdwn
===================================================================
--- trunk/sviki/SshAccess.mdwn 2024-10-15 18:06:48 UTC (rev 810)
+++ trunk/sviki/SshAccess.mdwn 2024-10-15 18:15:44 UTC (rev 811)
@@ -1,9 +1,17 @@
-SSH and Savannah
-================
+# SSH and Savannah
-OpenSSH 8.8 SHA-1 Deprecation October 2021
-------------------------------------------
+SSH access is allowed for registered users who are a member of at least
+one active Savannah group. If you are not a member of any group, then you
+can use anonymous https access.
+The registered GPG keys are not used by Savannah for SSH operations,
+even when they include authentication-capable subkeys.
+We suggest you upload a GPG key because it is used by the FSF for file
+uploads elsewhere. But for version control repository access you have
+register an SSH key.
+
+## OpenSSH 8.8 SHA-1 Deprecation October 2021
+
OpenSSH 8.8 was released on September 26, 2021 and subsequently has
been upgraded to by users of Savannah that are also following the
development of OpenSSH. Most users of Stable OS software
@@ -61,8 +69,8 @@
The above is up top in this document because it is a current problem.
Below here continues with the previous more general documentation.
-Short version
--------------
+## Short version
+
Set up your ssh key by typing in a terminal window on your local machine:
ssh-keygen -t ed25519
@@ -71,19 +79,9 @@
the form at <https://savannah.gnu.org/my/admin/editsshkeys.php>
(after logging in to the savannah web interface).
-Debugging
----------
+### Debugging
-GPG keys are not used for Savannah operations. We suggest you upload
-a GPG key because it is used by the FSF for file uploads elsewhere.
-But for version control repository access you have to create and
-register an SSH key.
-
-SSH access is allowed for registered members who are a member of at
-least one project. If you are not a member of any project then you
-will need to use anonymous https access.
-
-Third: you can test whether the problem is with your ssh setup or
+You can test whether the problem is with your SSH setup or
something on Savannah by running:
ssh yourlogin@download.savannah.gnu.org
@@ -132,17 +130,17 @@
minutes to rate limit hostile attacks. Wait ten minutes and try
again.
-Detailed version
-----------------
+## Detailed version
+
Usually, if you can't access your version control (= VC, that is, cvs,
svn, git, etc.) trees or your download area, it means your ssh access is
not correctly configured. The remedy is to create a ssh key and/or
register it properly.
-If you're not member of any project, no account will created
+If you're not member of any Savannah group, no account will be created
on the system - you will have your web account, but not system access. A
system account will be created after you become a member of at least one
-project.
+active group.
First, you need to create the ssh key. Typically, this is done by
running the terminal command:
@@ -169,8 +167,8 @@
connect to Savannah from different computers. You can delete them when
you do not use that key pair anymore.
-Q: RSA or DSA?
---------------
+### Q: RSA or DSA?
+
We recommend against using DSA keys. We recommend using ED25519
keys.
@@ -192,8 +190,8 @@
`#DISABLED ON ALIOTH, use RSA keys instead#`). Not sure about other
Debian official services.
-Remembering your passphrase
----------------------------
+### Remembering your passphrase
+
The `ssh-agent` program can remember your passphrase during your
graphical X session (e.g., during your Gnome or KDE session).
@@ -222,9 +220,8 @@
After that, `ssh` will not ask for your passphrase anymore.
+### Verifying host fingerprints
-Verifying host fingerprints
----------------------------
If you get a warning about a fingerprint change, you can check the host
fingerprint you have stored with for example:
@@ -264,8 +261,8 @@
root@vcs-noshell:/# ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
1024 80:5a:b0:0c:ec:93:66:29:49:7e:04:2b:fd:ba:2c:d5
/etc/ssh/ssh_host_rsa_key.pub
-Detailed troubleshooting
-------------------------
+### Detailed troubleshooting
+
Lots more details of above and other less usual cases follow.
This following section is mostly about using ssh for cvs access and
@@ -287,7 +284,7 @@
ssh -v yourlogin@cvs.savannah.gnu.org # ssh connection
ssh-keygen -lf ~/.ssh/id_rsa.pub # your key fingerprint
- cvs -t -d:ext:yourlogin@cvs.savannah.gnu.org/cvsroot/yourproject co
yourproject
+ cvs -t -d:ext:yourlogin@cvs.savannah.gnu.org/cvsroot/yourgroup co
yourgroup
(Or whatever VC command, if you're not using cvs.)
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-cvs] [811] move general notes up, fix heading hierarchy,
ineiev <=