[cvsnt] Re: Where to read on ssh and ssh1 used by cvsnt?

Siegfried Heintze siegfried at heintze.com
Wed Oct 6 19:22:15 BST 2004


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


>I have not seen that query.
>But then again I am not maintaining that instruction anymore. Too much
>happening with CVSNT development nowadays so I cannot keep up with it
>and most people seem to get the install working anyways now.
>Should I take it off-line?

Bo,
For some strange reason, the email server rejected my post and put it in
purgatory and deleted it. It said it was too big. I don't know why it was
too big, it was just an ordinary reply like this one.

So that explains why you did not see it.

Tony sent me a link to http://www.chiark.greenend.org.uk/~sgtatham/putty/
and I'm reading up on that presently.

So I'm reading your installation tips and where it documents SSPI and
PSERVER at
http://www.cvsnt.org/wiki/InstallationTips#head-9a9b2e84d99633cf792ad00c1100
0d88f2e31127 

It says: "todo - needs explanation of external programs, how to set CVS_EXT
(or CVS_RSH if we want legacy support)"

So does this mean I have to download the source code to learn how to
establish a secure connection or are these documented somewhere else? It
looks like the one protocol that is secure is the one that is not
documented.

Also, I'm confused about the list box in Eclipse that allows me to use
"extssh" and "ssh". Is "extssh" the same as ssh1? Is ssh1 different from
ssh? What is the relationshiop between ext and ssh? In addition to the
protocols listed on at
http://www.cvsnt.org/wiki/InstallationTips#head-9a9b2e84d99633cf792ad00c1100
0d88f2e31127 are ext and extssh also protocols that we can specify in our
CVSROOT?

I did a google for "ssh1 security cracked" (as recommended by an earlier
response -- see below.) and I'm not having much luck. Can I correctly infer
that ssh1 is cracked but not ssh so I should be using ssh?

Thanks,
   Siegfried


>>>pserver: flawed w.r.t. security
>>>extssh: flawed w.r.t. use of ssh1 mechanism
>>>
>>>apparently leaving only ssh as desirable mechanism.
>>>
>>>so, can someone tell me how to accomplish "ext" style access to cvsnt 
>>>via eclipse?
>>>
>> 
>> 
>> This is all news to me! what is w.r.t.? Are these flaws discussed in 
>> greater detail somewhere? I'm hoping to find a discussion of all the 
>> different protocols. Apparently there is another protocol Rolf did not 
>> mention,  is it sspi? Are these all supported by CVSNT? How do you 
>> configure them in the server?
>>   Thanks,
>>       Siegfried
>> 
>
>w.r.t. == With Respect To
>
>These items have been discussed here previously.  Tony K had done some
research in the archives and found those items.  Google for "pserver
security" and "ssh1 security cracked" you'll likely find a wealth of
information.
>                    
>




More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook