[cvsnt] getting the connection working

[Tony Hoyle]

Mike Kay wrote:
> Greetings and salutations. Please forgive my lack of knowledge - this is
> the first CVS server I have setup and I definitely have a lot to learn. I
> am in a Windows environment....I hope this is the correct place to post -
> as I am unsure where the problem exists.
> 
> Here's where I am at.
> 
> I have CVSNT installed on a Server 2003 box. Version is 2.5.04(Zen)Build
> 3236.
> 
> I am using WinSSHD for an ssl connection. I have port 22 open on the
> firewall and have port forwarding to the default CVSNT port.

You're running an SSH daemon and forwarding the connection to port 2401? 
It sounds like a *very* unusual configuration - you normally either have 
the ssh server calling cvsnt directly or forward the external port 
directly to cvsnt.

I know of no client that would handle the configuration you're trying 
out of the box... but it may be possible to set something up.

Start by keeping it simple.  Forget WinSSHD for now.  Setup a basic SSPI 
connection between the client and server using default configuration, 
then add elements as required.  If you need to encrypt tell the server 
to require encryption, and that'll give you reasonable security.

It's not uncommon for people to just leave it at that and tunnel their 
connections over VPNs rather than have them over the public internet.

Configuration of WinSSHD I can't help with... however basically you'd 
have to make logins with the particular user allow the execution of the 
cvs server command only (and set the paths/environment to allow that), 
and make sure it's a pure binary connection (no cr/lf fiddling or 
anything similar).

It's far easier to just use sserver or encrypted sspi though... we don't 
generally recommend ssh on Windows as it's complex to setup and the 
security historically hasn't been that great.

Tony