Using SSH with WinCVS

Introduction

This document describes how to access CVS repositories via SSH using WinCVS 1.2 and Cygwin or Putty, two free SSH clients. It is based on documentation written by Will Holcomb for Cygwin and modified to address the unique needs of CollabNet platform users. To use this document you will need the following software:

Install and Configure Software

WinCVS 1.2

Download and install WinCvs 1.2. Once WinCVS 1.2 is installed you will need to set up your preferences and make sure the client is working.

  1. Go to Admin → Preferences and type in the CVSROOT or cut and paste the CVSROOT from the WinCvs instructions.
  2. Set Authentication to "passwd" file on the CVS server, and leave all other settings at the defaults.

  3. From Admin → Preferences select Login. Enter your domain wide password.

  4. Select Checkout Module from the Create menu and enter the module name and path on the server you would like to create. Each project in a domain is its own module, so that the project name is the module name, and the directories and file structures within that project are paths. To download the complete CVS repository for a given project simply enter the project name.

  5. Choose a local folder to checkout the module and click OK.
  6. Once you see that this folder has been checked out successfully to the local folder than you can logout.

Cygwin and related programs

Create a cygwin directory and download Cygwin setup.exe.

  1. Double-click on the cygwin icon this will launch the Cygwin Net Release Setup Program. Click Next.

  2. Select Install from Internet, and click Next.

  3. Choose the cygwin directory you created as the "Root Directory" while setting up WinCvs. Under Install For select Just Me and DOS under the Default Text File Type. Click Next.

  4. Select the directory for installation of the files; again choose the cygwin directory and click Next.

  5. Choose your connection type and click Next.

  6. Choose a download site. We recommend choosing an http mirror. This will speed up the transfer. Click Next.

  7. Select the packages to install. First expand the view of the available patches by clicking the View button. Then install the binary files of the following applications by clicking on the icon under the New column. To deselect files that were chosen by default click on the icon under the New column until Skip appears. The applications to install are:
    1. Bash
    2. Cygwin
    3. OpenSSH
    4. OpenSSL
    5. Zlib
  8. Click Next and a status box for the download and installation will pop up and display the progress of your installation.

  9. You will be given the option of displaying an icon on the desktop or adding a shortcut to your start menu. Select your preference and then Finish.
  10. You now have all the necessary software installed but still must add the location of the programs in your path to get it to work together. Add the directory where Cygwin stores its programs (c:\cygwin\bin) to your path. Windows 95/98:
    1. Edit the file: c:\autoexec.bat
    2. Add the line: SET PATH=%PATH%;C:\cygwin\bin;
    Windows NT:
    1. Open the Control Panel
    2. Select the System properties
    3. Select the Environment tab
    4. Find path entry in the System Variables list
    5. Add ;c:\cygwin\bin; to the end
    6. Click set
    Windows 2000:
    1. Open the Control Panel
    2. Select the System properties
    3. Select the Advanced tab
    4. Click Environment Variables
    5. Find path entry in the System Variables list
    6. Click Edit
    7. Add ;c:\cygwin\bin; to the end
    8. Click OK
  11. If you are using Windows 95/98 you will need to restart for your changes to take effect. Changes will take place immediately in Windows NT and 2000.

Establishing the SSH Tunnel

To gain access to CVS via a secure tunnel you will use the port forwarding feature of OpenSSH to create the tunnel from your computer (the localhost) to the server hosting the project repository. Port forwarding, or tunneling, is a way to forward otherwise insecure TCP traffic through SSH Secure Shell. For example, you can secure POP3, SMTP and in this case CVS connections that would otherwise be insecure. To secure the CVS port traffic (Port 2401) use the following steps.

  1. Open a command UNIX-type command prompt and change to the cygwin directory.

  2. To connect CVS traffic on Port 2401 on the local computer to Port 2401 on the remote server, type: ssh -x -2 -L 2401:localhost:2401 tunnel@[your_server].com.
  3. All CVS traffic will then pass securely from the local machine to the remote host.

  4. If this is the first time your are connecting you should get a message saying "Host key not found, are you sure you want to continue". Type "yes". Note: you must type the whole word, not just the letter "y". If you have connected to this machine before you will be prompted for the password.

  5. Type in the password: tunnel and press enter. You will see a welcome screen.

  6. Keep the connection running in the background throughout your session. The tunnel will continue running as long as this window is running, except in cases of network error or other connectivity issues. To stop the tunnel, press ctrl-break.
  7. You can now use WinCVS or any other CVS client. As long as the tunnel is running all traffic between the CVS client will be piped through the tunnel and be secure.
Note:- When using ssh tunneling, please remember to change the CVSROOT setting on your cvs client to :pserver:<username>@localhost:/cvs instead of :pserver:<username>@cvs.yourdomain.com:/cvs

Using Putty for SSH operations

Another free SSH client is Putty. Install Putty and use this to establish the SSH tunnel using the following steps:

  1. Open a putty session and type in the host name www.sitename.com. Click the SSH radio button.

  2. From the Category menu chose Connection → SSH → Tunnels

  3. Under Port forwardingAdd new forwarded port enter the following values:
    1. Source port type: 2401
    2. Destination: localhost: 2401
  4. Click Add
  5. Forwarded ports section will now have the appropriate ssh command to forward port 2401 on the localhost to 2401 on the remotehost.
  6. Return to the Session window and type in a name for the session under Saved Sessions. Click Save.

  7. Click Open. This will open a command line window and prompt you for a username.

  8. Type in username tunnel and press Enter.

  9. You will be prompted for tunnel's password. Type tunnel and Enter.

  10. You will see the welcome screen. You are now logged in via SSH. You can minimize this window but must keep it open.

  11. Open and use WinCVS for all CVS operations.
Using either SSH client, OpenSSH via Cygwin or Putty, as described above will secure all CVS transactions. Remember to keep the tunnels open while working with your CVS client.