close
How to use CVS without typing password each time?
【RSA authentication for CVS】
Once your account has been set up, do the following:
1. Create ~/.ssh/id_rsa.pub on the local machine: If ~/.ssh/id_rsa.pub does not exist, on your local machine, then create it by running
$ ssh-keygen -t rsa
When prompted for a passphrase, hit return. If you type in a passphrase here, you will be prompted for that passphrase each time.
Running ssh-keygen will generate the files ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub, which are your private and public encryption keys respectively.
2. Create ~/.ssh/authorized_keys2 on gigasource: Set the permission of ~/.ssh/id_rsa.pub to 0644 and then copy ~/.ssh/id_rsa.pub over to ~/.ssh/authorized_keys2 with the scp -p flag to preserve permissions.
$ chmod 0644 ~/.ssh/id_rsa.pub
$ cat .ssh/id_rsa.pub | ssh user1@remote \
"cat - >>.ssh/authorized_keys"
where yourgigasourcelogin is the your CVS login on gigasource.
3. From the local machine, test ssh with:
$ ssh yourgigasourcelogin@gigasource cvs
to check the set up.
Below is my sample run
To type following commands in your machine.
1. login with 'root' account in local machine. (change directory to "/root") and type following commands from below steps.
2. # ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
09:e6:2c:d0:6e:93:29:14:cc:0a
# chmod 0644 ~/.ssh/id_rsa.pub
3. # ssh root@192.168.3.200 "cd /home/jackie;rm -fr .ssh;mkdir .ssh;chown -R jackie:jackie .ssh"
# cat .ssh/id_rsa.pub | ssh jackie@192.168.3.200 "cat - >>.ssh/authorized_keys2"
4. # ssh jackie@192.168.3.200 cvs
Usage: cvs [cvs-options] command [command-options-and-arguments]
where cvs-options are -q, -n, etc.
(specify --help-options for a list of options)
where command is add, admin, etc.
(specify --help-commands for a list of commands
or --help-synonyms for a list of command synonyms)
where command-options-and-arguments depend on the specific command
(specify -H followed by a command name for command-specific help)
Specify --help to receive this message
The Concurrent Versions System (CVS) is a tool for version control.
For CVS updates and additional information, see
the CVS home page at http://www.cvshome.org/ or
Pascal Molli's CVS site at http://www.loria.fr/~molli/cvs
【Remote sshd_config】
# $OpenBSD: sshd_config,v 1.72 2005/07/25 11:59:40 markus Exp $
# $FreeBSD: src/crypto/openssh/sshd_config
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
# Note that some of FreeBSD's defaults differ from OpenBSD's, and
# FreeBSD has a few additional options.
#VersionAddendum FreeBSD-20050903
#Port 22
#Protocol 2
#Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys2
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication yes
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# Change to yes to enable built-in password authentication.
#PasswordAuthentication no
PasswordAuthentication yes
PermitEmptyPasswords yes
# Change to no to disable PAM authentication
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
# Set this to 'no' to disable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication
UsePAM no
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
# no default banner path
#Banner /some/path
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
【RSA authentication for CVS】
Once your account has been set up, do the following:
1. Create ~/.ssh/id_rsa.pub on the local machine: If ~/.ssh/id_rsa.pub does not exist, on your local machine, then create it by running
$ ssh-keygen -t rsa
When prompted for a passphrase, hit return. If you type in a passphrase here, you will be prompted for that passphrase each time.
Running ssh-keygen will generate the files ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub, which are your private and public encryption keys respectively.
2. Create ~/.ssh/authorized_keys2 on gigasource: Set the permission of ~/.ssh/id_rsa.pub to 0644 and then copy ~/.ssh/id_rsa.pub over to ~/.ssh/authorized_keys2 with the scp -p flag to preserve permissions.
$ chmod 0644 ~/.ssh/id_rsa.pub
$ cat .ssh/id_rsa.pub | ssh user1@remote \
"cat - >>.ssh/authorized_keys"
where yourgigasourcelogin is the your CVS login on gigasource.
3. From the local machine, test ssh with:
$ ssh yourgigasourcelogin@gigasource cvs
to check the set up.
Below is my sample run
To type following commands in your machine.
1. login with 'root' account in local machine. (change directory to "/root") and type following commands from below steps.
2. # ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
09:e6:2c:d0:6e:93:29:14:cc:0a
# chmod 0644 ~/.ssh/id_rsa.pub
3. # ssh root@192.168.3.200 "cd /home/jackie;rm -fr .ssh;mkdir .ssh;chown -R jackie:jackie .ssh"
# cat .ssh/id_rsa.pub | ssh jackie@192.168.3.200 "cat - >>.ssh/authorized_keys2"
4. # ssh jackie@192.168.3.200 cvs
Usage: cvs [cvs-options] command [command-options-and-arguments]
where cvs-options are -q, -n, etc.
(specify --help-options for a list of options)
where command is add, admin, etc.
(specify --help-commands for a list of commands
or --help-synonyms for a list of command synonyms)
where command-options-and-arguments depend on the specific command
(specify -H followed by a command name for command-specific help)
Specify --help to receive this message
The Concurrent Versions System (CVS) is a tool for version control.
For CVS updates and additional information, see
the CVS home page at http://www.cvshome.org/ or
Pascal Molli's CVS site at http://www.loria.fr/~molli/cvs
【Remote sshd_config】
# $OpenBSD: sshd_config,v 1.72 2005/07/25 11:59:40 markus Exp $
# $FreeBSD: src/crypto/openssh/sshd_config
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
# Note that some of FreeBSD's defaults differ from OpenBSD's, and
# FreeBSD has a few additional options.
#VersionAddendum FreeBSD-20050903
#Port 22
#Protocol 2
#Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys2
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication yes
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# Change to yes to enable built-in password authentication.
#PasswordAuthentication no
PasswordAuthentication yes
PermitEmptyPasswords yes
# Change to no to disable PAM authentication
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
# Set this to 'no' to disable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication
UsePAM no
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
# no default banner path
#Banner /some/path
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
全站熱搜
留言列表