[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVS over SSH on different port
From: |
Gaurav Vaish |
Subject: |
Re: CVS over SSH on different port |
Date: |
Wed, 27 Oct 2004 09:44:32 +0530 |
Thanks!
It works... :-)
I have one more query... on branching. Check the new thread.
Cheers,
Gaurav Vaish
http://gallery.mastergaurav.org
----------------------------------------
On Tue, 26 Oct 2004 08:58:00 -0700, Mark D. Baushke <address@hidden> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Gaurav Vaish <address@hidden> writes:
>
> > > The host firewall.network.net is the external firewall and
> > > allows me to establish port forwarding to internal hosts
> > > via an SSH connection.
> >
> > No. It does not allow right now. But I want it do so. But it also
> > has sshd running on itself, listening on 22 and I don't want to shut
> > it down.
>
> You are still confused.
>
> The :pserver: is the one that listens and talks on a particular port.
> The :ext: runs a copy of cvs in server mode over ssh and does not
> actually consume any ports of its own. It is even possible to run :ext:
> over kermit (or so I have been told). All you need is an eight-bit clean
> cahnnel to pass the bits.
>
> So, you need port 22 to continue to run SSHD. You also need to be
> setting things up so that you are port forwarding the ability to login
> via ssh to the system on which the cvs server is to be run locally.
>
> > >
> > > Problem: How do I configure things with my CVSROOT and SSH
> > >
> > > configuration to allow me to checkout and commit to
> > > foo.my.network.net from my.laptop.somewhere.com that must
> > > go thru an SSH tunnel on the firewall.network.net in order
> > > to get to the cvs.my.network.net host.
> >
> > Well, I can get to it if I had only this as the problem. Since the
> > firewall is under my control, I can enable portforwarding (Linux,
> > iptables -- not an issue).
> >
> > The problem:
> >
> > -> Firewall.network.net already has a sshd running on 22.
> > I cannot use 22 for forwarding, since sshd is listening.
> > I cannot use another port, because "ext protocol" does not
> > allow me to use any port other than 22.
> >
> > export address@hidden:/cvs/root/path
> >
> > cannot be changed to
> >
> > export address@hidden:111111:/cvs/root/path
>
> The :ext: protocol does not allow you to specify port numbers because
> the transport of $CVS_RSH may or may not allow you to move to a separate
> port number in any kind of a portable manner.
>
> What is happening is that cvs will be running a command like:
>
> "${CVS_RSH:-rsh} mycvsserver -l user ${CVS_SERVER} server"
>
> given the environment
>
> CVSROOT=:ext:address@hidden:/cvs/root/path
>
> and the cvs protocol across the connection will be where it communicates
> 'Root /cvs/root/path' for you.
>
> So, for setting up a cvs connection of :ext: you will want to make sure that
> the command:
>
> ssh mycvsserver -l user uname -a
>
> works first and prints out the name of the remote host you are
> attempting to use. If it does, then you can be fairly sure that the cvs
> connection will also work.
>
> Let us look at what the previous post I sent does...
>
> | Suggested workaround:
> |
> | Created a $HOME/.ssh/config entry something like this:
> |
> | Host cvsserver
> | HostKeyAlias cvs.my.network.net
> | Hostname cvs.my.network.net
> | ProxyCommand ssh firewall.network.net nc %h 22
>
> The above ssh configuration means that whenever you do a connection to
> the 'cvsserver' name it will open an ssh connection on cvs.my.network.net
> transparently.
>
> ssh cvsserver
>
> will get you a login shell on cvs.my.network.net directly.
>
> |
> | You could do something like the following:
> |
> | export CVS_RSH=ssh
> | export CVSROOT=:ext:cvsserver/path/to/cvsroot
> | cvs checkout module
> |
> | This assumes that you have the 'nc' program
> | (http://www.atstake.com/research/tools/network_utilities/)
> |
> | If you are not able to use nc, then something like the following might
> | work for you...
> |
> | In your $HOME/.ssh/config file put something like this:
> |
> | Host cvsserver2
> | HostKeyAlias cvs.my.network.net
> | Hostname localhost
> | Port 8822
> |
> | Then, in one window do a command like this:
> |
> | ssh -L 8822:cvs.my.network.net:22 firewall.network.net
>
> The above command establishes that connections to the localhost port
> 8822 will be forwarded to cvs.my.network.net port 22. So, the command
>
> ssh -p 8822 localhost
>
> will get you a login prompt from the cvs.my.network.net host.
>
> |
> | and in another window
> |
> | export CVS_RSH=ssh
> | export CVSROOT=:ext:cvsserver2/path/to/cvsroot
> | cvs checkout module
> |
> | There are probably other ways to address the above solutions, but this
> | may be a reasonable place to start.
>
> I hope this helps.
>
> Good luck,
> -- Mark
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (FreeBSD)
>
> iD8DBQFBfnQI3x41pRYZE/gRAoCcAJ9bVHKZNPqNrDwHEK1TuL6QaT8epACfbRMv
> Yd6q2BSVEMOSQcsm70VO+yU=
> =8Q8B
> -----END PGP SIGNATURE-----
>