So, I am back at the Sonnenalp's library to work. I like it here. The lighting is nice and the music is ok and it is rather quiet. This morning Jeff and I went for a bike ride up through East Vail. We started climbing a big hill and I was paid. It was too much for me. I thought I had been acclimated, but apparently not. I got a slight headache from acute altitude sickness, so we turned around and rode home. I will have to make it farther next time!
Anyway... here is a little lesson on CVS through an SSH tunnel through a firewall. I need to run CVS to a machine at my company which has our CVS server on it. I will use some fake names to spare the innocent computers.
The configuration is my local machine, Vail, needs to connect to the cvs server on Sheep which is behind a firewall, Aotearoa. The cvsroot is /sheep/cvsroot on Sheep. The username on all the machine will be avanti and the company name is etech.
1. First make a public/private key pair on Vail. If you want a passphrase go ahead, but I recommend not having one so that you can log in without typing anything password.
$ ssh-keygen -t dsa
2. Copy this public key to Aotearoa and then add it to the authorized keys on that machine.
$ scp .ssh/id_dsa.pub avanti@aotearoa.etech.com:.
$ ssh avanti@aotearoa.etech.com
$ cat id_dsa.pub >> .ssh/authorized_keys
3. Still logged into Aotearoa, copy it to Sheep, and add it to the authorized keys.
$ scp ~/id_dsa.pub avanti@sheep:.
$ ssh avanti@sheep
$ cat id_dsa.pub >> .ssh/authorized_keys
4. Logout of Sheep and Aotearoa. All the rest of the configuration will be done on Vail.
5. Now we will add an SSH host to make this a little easier. Open ~/.ssh/config in your favorite editor and add this to the file:
Host etechcvs
User avanti
HostName localhost
Port 2222
6. Now comes the actual forwarding. Open ~/.bashrc in your favorite editor and add some aliases so the typing doesn't suck as much:
alias startcvs="ssh avanti@aotearoa.etech.com -L 2222:sheep:22 -f sleep 28800"
7. Add a few environment variables so that CVS knows what the heck is going on. CVS_RSH is the program to use and CVSROOT is where the cvsroot exists.
export CVS_RSH=ssh
export CVSROOT=:ext:etechcvs:/sheep/cvsroot
Now you should have it all set up so that port 2222 on Vail is forwarded to port 22 (SSH) on Sheep and you are tunnelling right through Aotearoa. You just have to run it.
$ startcvs
After running that you will have a tunnel set up for the next 8 hours. It forked as a new process so you can even log out of your current shell if you desire. Running CVS should be normal now, so to checkout a module named src:
$ cvs co src
Good luck!
No comments:
Post a Comment