[cvsnt] Re: CVSNT/WinCVS/SSPI/SSH problems

Thomas Muller ttm at online.no
Wed Mar 10 13:06:15 GMT 2004 

| Thomas Muller wrote:
| > Hi,
| > 
| > I just configured CVS-NT and WinCVS, but have some problems 
| with SSPI 
| > authentication (pserver works fine). For SSPI the server 
| response with
| > 
| > CVSROOT: ttm at gollum:C:/BaseCamp/VersionControl (sspi 
| authentication) 
| > cvs -q checkout OnRelay (in directory C:\BaseCamp\Temp) cvs 
| [checkout 
| > aborted]: Authentication protocol rejected access
| > 
| > ***** CVS exited normally with code 1 *****
| > 
| > The server runs CVS-NT 2.0.34 on Win2k Pro SP4. The CVS passwd file 
| > contains one line:
| > 
| > ttm:
| 
| Try removing the passwd file.  You don't need it with SSPI 
| (or pserver 
| for that matter) for accounts in the system.

I tried this. Same error applies. Any other suggestions?
 
| > I have another question related to SSH as well. I tried to 
| use pserver 
| > via an SSH server on a third box (on the open Net), i.e. the client 
| > connects to localhost (port 2401 and 2402), the ssh client 
| forwards to 
| > two designated ports on the remote ssh server, the remote 
| ssh server 
| > forwards the ports  to the host running cvsnt. This didn't work, 
| > however, the connection attempts were immediately rejected, even 
| > through telnet. Any ideas why?
| 
| Sounds like the remote host doesn't have the CVS port open.  It also 
| sounds like you're tunneling through SSH (I don't know much 
| about that, 
| just that it's possible).  Typically you'll have CVS do the SSH work 
| with the :ssh: or :ext: protocols to the server (port 2401 again).

It actually works fine now: I just needed set up local tunneling
directly to the "internal" CVS server and not "double" forwarding as I
originally configured. I can't use the SSH protocol directly from the
client, since I don't have direct access to the CVS-NT server from the
outside world (it runs on an internal 10.* LAN). I connect via a box
with two separate NICs protected by different firewalls

| Port 2402 is only used by CVS server-side.  You can telnet 
| into it, but 
| the CVSNT client never uses port 2402 directly.

OK, good to know. Thanks.

--

Thomas

More information about the cvsnt mailing list