8.4. The ext and server Access Methods
In my experience, ext is the most commonly used access method, and it is usually used with SSH. ext stands for external, which refers to an external (to CVS) rsh or remote shell program. This method uses a remote shell program to connect the sandbox client computer to the repository server computer. The server method is almost the same as the ext method. The only difference is that server uses a remote shell program that is included with CVS.
To use a program other than rsh with the ext connection method, the CVS_RSH environment variable on the client should be set to the name of the program and the directory containing the program should be in the user's PATH on the client computer. Alternatively, you can set the CVS_RSH environment variable to the absolute path to the program without modifying the PATH variable. You may also use the CVS_RSH method option, described in "Method Options" earlier in this chapter.
ext accepts any command-line-based program that can be called with the following syntax:
program [-b] [-l username] host commands
The program must run the commands in a remote shell and pipe standard input (stdin) and standard output (stdout) without filtering the content. The -b is necessary only if the program is running on OS/2 and is used to force rsh to run in binary mode, without end-of-file conversion. The -l username is used (by CVS) only if there is a username included in the repository path.
For the ext access method, the repository path format is:
The user needs a username on both the client computer and the server computer. If these names are the same, the user@ part of the repository path isn't needed. In versions of CVS prior to 1.11.1, the colon between hostname and path was required.
The user's PATH environment variable on the server must include the directory that contains the cvs executable, the user's CVS_SERVER environment variable on the client must contain the path to the cvs executable on the server, or the CVS_SERVER method option must be set to the path to the cvs executable on the server. If you're using PATH, this variable must be set in a configuration file, such as .cshrc or .bashrc, that is read by nonlogin shells.
The rsh (or rsh-like) program starts the cvs executable on the server computer, using the username and permissions of the user the rsh program has connected as. Any programs CVS calls (such as programs called from a scripting file) run with this username and access privileges.
As a trouble-prevention measure, before trying to use your rsh or rsh-like program with CVS, attempt to log in to the server with it, using the program [-b] [-l username] host commands command format, as shown in Example 8-2.
Example 8-2. Testing SSH for ext
Example 8-3 shows how to check out a sandbox using the ext access method.
Example 8-3. Using the ext access method
rsh is the default program used with the ext method. If no other program is specified in the CVS_RSH environment variable, CVS calls rsh. If rsh is not in the user's PATH on the client or is not available on the server, CVS cannot connect.
On the server, the user's .rhosts file in the user's home directory must have a line in the format client_name username, where client_name is the name of the client computer and username is the user's name on the client computer.
8.4.2. The server Access Method
The server access method uses a version of rsh internal to CVS. The .rhosts file on the server must be set, as described in the preceding section on "rsh".
To determine whether the server access method is available, you can attempt to check out a sandbox with the method, as shown in Example 8-4.
Example 8-4. Testing for server mode
The server method is not available in all operating systems. Both client and server must be able to run the internal rsh program.
Secure Shell (SSH) is an rsh replacement that encrypts the data stream. You can authenticate your SSH connection with a pair of keys (private and public) or with a password.
There are two SSH protocols: SSH1 and SSH2. The server must be running an SSH daemon that understands the protocol the client is using. SSH clients also come with a key-generation program that generates the private and public keys that will be used to encrypt the data stream.
To use SSH with CVS:
Example 8-5 shows a test connection to a server with an SSH client program, as described in step 5.
I recommend http://www.openssh.org and the FAQ file at http://www.openssh.org/faq.html as sources of information on SSH. This site also provides free SSH client and server programs.
8.4.4. Other Connection Programs
The ext method can run with any other program that calls a remote program in the way that rsh and ssh do. The program must not modify data in transit, and it must be called using the format:
program [-b] [-l username] host commands
If you wish to use Kerberos with CVS, you can use the Kerberos version of rsh to connect using the ext method. If you wish to use Kerberos more directly, use the kserver or gserver access methods.
If you need to call rsh or ssh with an option, write a shell script like the one in Example 8-6 and put the path to that shell script in your CVS_RSH variable. CVS invokes the shell script, which in turn invokes rsh or ssh with the options you desire.
Example 8-6. Invoking ssh with command-line options