See 'anoncvssh', from the OpenBSD project:

http://openbsd.sunsite.ualberta.ca/papers/anoncvs-paper.ps

Then grab the distribution:

http://www.openbsd.org/anoncvs.shar

Then follow the instructions in the README. Since this isn't
a real CVS tree that you're granting access to (i.e. not one
that you're making commits to yourself), the setup is really
quite straightforward. Works well, is a CPU and disk bandwidth/seek
hog, but it's super convenient for local access.
(These are features of using CVS instead of CVSup, NOT features
of anoncvssh. anoncvssh just gives you a more secure way of
doing the ssh).

If you're super paranoid, you can mount large parts of the
CVS repository read-only.

  -Dave

Lo and behold, Eugene Grosbein once said:
>
> Hi!
>
> I run local cvsup-mirror of FreeBSD CVS Repository. It runs just fine.
> I would like to provide read-only anoncvs access to the Repo and wonder
> how to make it secure. E.g. I do not want users to:
>
> - make brute-force attacks to /etc/master.passwd
> - touch the Repo in any way, no commits, no tags, no
> val-tags nor history nor any other file modifications.
>
> Is it possible?
>
> Eugene Grosbein
>
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>

-- 
work: dgalcs.mit.edu                          me:  dgapobox.com
      MIT Laboratory for Computer Science           http://www.angio.net/
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]