[cvsnt] pserver works, can't get sserver or sspi going from instructions in linux wiki
Steve Franks
stevefranks at ieee.org
Sun Jan 21 18:49:44 GMT 2007
>
>
> > I'm actually on FreeBSD 6.1, but the linux stuff all seems to apply,
> > however, sspi and sserver don't work, and I'd like to put something with
> a
> > modicum of security out my firewall. I see no further info on sserver
> or
> > sspi on cvsnt.org or in the freebsd mailing list archives. I did do
> > cvspasswd sucessfully via pserver for the repository in question, and it
> > didn't seem to make a difference.
> >
> > I have openssl installed, and I have samba installed and working.
> >
> > I get the following errors:
> > <cvsnt at cvsnt.org>
> > <cvsnt at cvsnt.org>>cvsnt -d:sspi:steve at localhost/fd login
> > CVS Password: *******
> > cvsnt [login aborted]: unrecognzed auth response from localhost:
> > Authentication protocol rejected acces
>
> Did you configure winbind in /etc/cvsnt/PServer to talk to ntlm_auth?
> Is winbindd running?
yes.
Does winbindd work with your AD? use wbinfo to check.
I am not using a domain, domain controller, or active directory that I am
aware of. I didn't see an obvious "is it working or not" option for wbinfo.
winbind -i steve says there is no user steve, but steve is correctly in my
smbpasswd file, and I can see samba shares from localhost an my xp system as
steve.
>>cvsnt -d:sserver:steve at localhost/fd login
> > CVS Password: *******
> > SSL connection failed(0): error:00000000:lib(0):func(0):reason(0)
> > cvsnt [login aborted]: connection to server failed
>
> Did you specify the certificates to use (CertificateFile and
> PrivateKeyFile
> in /etc/cvsnt/Pserver)?
yes. I notice my hostname resolves to the outside end of the firewall, not
the local ip - could this be causing issues in the certificate files?
> My win32 boxes all use sspi currently; If I have to go to sserver, anyone
> > have a windows script for traversing a tree (a rally big one) and
> > replacing all the root files that specify sspi with sserver?
>
> WinCVS has a script to do this... and within the last few weeks on this
> list
> a couple of scripts appeared to do something similar... you'll have to dig
> through the list archive to locate it ... or you could just checkout into
> a
> new sandbox :-)
>
> --
> David Somers - typographer/programmer/whatever
> Random (and sometimes useful) stuff blogged at http://www.omz13.com
> _______________________________________________
> cvsnt mailing list
> cvsnt at cvsnt.org
> http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
>
--
Steve Franks, KE7BTE
Staff Engineer
La Palma Devices, LLC
http://www.lapalmadevices.com
(520) 312-0089
More information about the cvsnt
mailing list