[cvsnt] Re: Sserver and client certs
Tony Hoyle
tony.hoyle at march-hare.com
Wed Oct 12 17:29:02 BST 2005
Jonathan Gilligan wrote:
> Can someone either explain using sserver with client certs or point me
> to info on doing so? I've googled and searched the wiki without success.
>
> How would one set up to use them (assume both server and client are
> using current cvsnt versions, running in Win 2K).
>
> I like certs with ssh because I can carry them around with me on a USB
> dongle and they free me from trying to remember a zillion passwords. I'd
> like to do the same with sserver if I can.
>
First get it working with normal passwords... much simpler config to
debug if something goes wrong at this stage.
Set the sserver module in the control panel to 'certificates only' or
'certificate + password'.
Then connect using :sserver;key='path_to_keyfile':user at host:/repository
The client cert must be valid on the server, and cannot be selfsign, so
normally you'd have some kind of local CA generating both the server &
client certificates, and the CA public key in the ca.pem files on the
client and server.
Tony
More information about the cvsnt
mailing list