[cvsnt] Add User

Bo Berglund Bo.Berglund at system3r.se
Mon Nov 7 10:35:37 GMT 2005


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


If you work over the Internet you really have two options:

1. Use a VPN tunnel from the developer into the network hosting
   the CVS server.
   If you do this then you can consider the system a local network
   and you are protected from the Internet by the VPN encryption.

   This is what we use at my companies.

2. Publish your CVS server on the Internet
   In this case you must limit the acceptable protocols to the secure
   ones and your developers must use encrypted versions of the protocols.
   For example I have used this type for my private test CVS server in
   addition to the VPN solution. I use SSPI with port forwarding from
   the router to the internal CVS server and SSPI is set up to use the
   syntax :sspi:user at server:/repo and I use the encryption flag


HTH

/Bo

-----Original Message-----
From: Remo Liechti [mailto:remo.liechti at swisslog.com]
Sent: den 7 november 2005 09:43
To: Bo Berglund
Subject: RE: [cvsnt] Add User


Bo,
We use the CVS to develop wide world within our companys network. But
this traffic goes anytime over the internet. So you think it would make
sense to switch to another protocol?

Remo
 

> -----Original Message-----
> From: Bo Berglund [mailto:Bo.Berglund at system3r.se] 
> Sent: Montag, 7. November 2005 09:41
> To: Remo Liechti; cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook
> Subject: RE: [cvsnt] Add User
> 
> The :pserver: protocol is considered insecure because it has 
> no method for encryption of the communication. And the 
> password is sent nearly in cleartext (very light encryption).
> 
> So someone using a packet sniffer on the network should eb 
> able to decode your CVS communications.
> If you are in a closed environment and are not exposing the 
> CVS system on the Internet then pserver is probably OK, but 
> otherwise you should consider SSPI or something else.
> 
> /Bo
> 
> -----Original Message-----
> From: Remo Liechti [mailto:remo.liechti at swisslog.com]
> Sent: den 7 november 2005 09:23
> To: Bo Berglund; cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook
> Subject: RE: [cvsnt] Add User
> 
> 
> Thanks Bo
> Well, we are using pserver protocol. You wrote it is 
> insecure? Why? Do you have any information about that?Would be great! 
> 
> Adding user: Thanks I understood what I have to do now:)
> 
> Remo
> 
> 
> > -----Original Message-----
> > From: Bo Berglund [mailto:Bo.Berglund at system3r.se]
> > Sent: Montag, 7. November 2005 09:17
> > To: Remo Liechti; cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook
> > Subject: RE: [cvsnt] Add User
> > 
> > You don't add users to CVS.
> > You add files and folders to CVS....
> > 
> > What you possibly refer to is using the cvs passwd command to add a 
> > user *login* to cvs. This is described in the CVSNT 
> documentation (the 
> > helpfile).
> > 
> > This will add user logins to CVS, but only for the (insecure)
> > :pserver:
> > connection protocol. With this you can set a different cvs password 
> > for the pserver users compared to their domain login password.
> > You can also alias a CVS login to a single real user account on the 
> > domain using cvs passwd command.
> > But still all of this is *only* for the :pserver: protocol.
> > All other protocols use the existing user accounts.
> > 
> > CVS users are just ordinary system users, so these are added by the 
> > system administrators (IT department) in the normal user 
> > administration ways used by your company.
> > 
> > Note:
> > By managing the CVSROOT/readers and CVSROOT/writers files 
> in CVS you 
> > are able to define which system accounts will be given 
> access to the 
> > CVS system and also define these accounts for readonly or 
> full access.
> > 
> > And you can use the cvs chacl command to fine grain the user access 
> > down to individual branches in single files. The cvs chacl 
> command can 
> > use account names and also group names as arguments.
> > 
> > /Bo
> > 
> > -----Original Message-----
> > From: cvsnt-bounces at cvsnt.org
> > [mailto:cvsnt-bounces at cvsnt.org]On Behalf Of Remo Liechti
> > Sent: den 7 november 2005 08:42
> > To: cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook
> > Subject: [cvsnt] Add User
> > 
> > 
> > Hi there
> > It's a trivial question. I did not find anything in the 
> > documentation(but I think there should be somethingin there but I 
> > missed
> > it):
> > How do I add a new user with the rights of another user?
> > 
> > Example: Add User "New User" to the CVS with the right of user 
> > "defaultUser"
> > 
> > Thanks
> > Remo
> > 
> > ____________________________________________________________
> > This message may contain legally privileged or confidential 
> > information and is therefore addressed to the named persons only.
> > The recipient should inform the sender and delete this message, if 
> > he/she is not named as addressee.
> > The sender disclaims any and all liability for the integrity and 
> > punctuality of this message.
> > The sender has activated an automatic virus scanning by 
> Messagelabs, 
> > but does not guarantee the virus free transmission of this message.
> > _______________________________________________
> > cvsnt mailing list
> > cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook
> > http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt https://www.march-hare.com/cvspro/en.asp#downcvs
> > 
> > ____________________________________________________________
> > This message has been checked for all known viruses by Messagelabs.
> > 
> 
> ____________________________________________________________
> This message may contain legally privileged or confidential 
> information and is therefore addressed to the named persons only. 
> The recipient should inform the sender and delete this 
> message, if he/she is not named as addressee. 
> The sender disclaims any and all liability for the integrity 
> and punctuality of this message. 
> The sender has activated an automatic virus scanning by 
> Messagelabs, but does not guarantee the virus free 
> transmission of this message.
> 
> ____________________________________________________________
> This message has been checked for all known viruses by Messagelabs.
> 

____________________________________________________________
This message may contain legally privileged or confidential 
information and is therefore addressed to the named persons only. 
The recipient should inform the sender and delete this message, 
if he/she is not named as addressee. 
The sender disclaims any and all liability for the integrity 
and punctuality of this message. 
The sender has activated an automatic virus scanning by 
Messagelabs, but does not guarantee the virus free 
transmission of this message.



More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook