[cvsnt] Re: Setting up cvsnt server on Windows XP

Bo Berglund bo.berglund at system3r.se
Fri Jul 14 20:19:14 BST 2006


On Fri, 14 Jul 2006 14:37:57 -0400, "Nicholas Duane" <nickdu at msn.com>
wrote:

>If/when I get past my problem with connecting to the server (a different 
>post) I have questions regarding setting up users.  
Unless you are going to have users outside the Windows environment I'd
say that you should stick with SSPI, because this uses the Windows
authentication system, which is pretty stable and secure.

>My initial thinking is 
>that I would like to authenticate via keys or certificates (not an expert on 
>authentication).  From the reading that I've done it sounds like there is 
>some sort of authentication using keys.  It was unclear to me how to set 
>this up.  Maybe because I'm not that familiar with unix and its utilities 
>(like ssh, putty, etc.).  

There is ssh (for cross-platform use) and there is sserver (can be
used in the Windows environment).

>Also, it sounded like I would have to add the 
>users to a passwd file and include their host names.  
What do you mean here? The passwd file is managed by CVSNT and you do
never ever edit it yourself, it is handled by CVSNT. What you can do
is use protocols like pserver or sserver, both of which will use the
passwd file to check the users.

>I'm hoping this is not 
>the case as I don't want to have to add their host name.  I'm hoping they 
>should be able to connect from any machine as long as they have their 
>key/certificate installed on that machine.
>
>Can I have authentication working something like this?

Again, why? SSPI should suffice if you have a Windows shop.

>
>I don't know much, really nothing, about ssh.  But it would be nice to be 
>able to encrypt the data so that in the case where the data is traveling 
>over the internet we're somewhat secure.  What do I need to enable this?  I 
>read somewhere that :ssh: is a protocol that's include with the cvsnt client 
>which is provided by a built-in putty client (or something like that).  If 
>so, do I need anything else on the client?  What do I need on the server?  
>OpenSsh?

SSH on Windows is not really a good option cause SSH is not part of
the operating system like it is on *ix.
sserver is as good but much simpler.
SSPI can be set to use encryption too. And this can be enforced from
the server itself.

Look here:
http://web.telia.com/~u86216177/InstallCVSNT25.html




/Bo Berglund



More information about the cvsnt mailing list