%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %% This default.mgp is "TrueType fonts" oriented. %% First, you should create "~/.mgprc" whose contents are: %% tfdir "/path/to/truetype/fonts" %% %% To visualize English, install "times.ttf", "arial.ttf", and "cour.ttf" %% into the "tfdir" directory above: %% http://microsoft.com/typography/fontpack/default.htm %% %% To visualize Japanese, install "MSMINCHO.ttf" and %% "watanabenabe-mincho.ttf" into the "tfdir" directory above: %% http://www.mew.org/mgp/xtt-fonts_0.19981020-3.tar.gz %% %deffont "standard" xfont "helvetica-medium-r", tfont "standard.ttf", tmfont "hoso6.ttf" %deffont "thick" xfont "helvetica-bold-r", tfont "thick.ttf", tmfont "hoso6.ttf" %deffont "typewriter" xfont "courier-medium-r", tfont "typewriter.ttf", tmfont "hoso6.ttf" %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %% Default settings per each line numbers. %% %default 1 area 90 90, leftfill, size 2, fore "gray20",bgrad 0 0 256 0 0 "white" "blue", font "standard", hgap 0 %default 2 size 7, vgap 10, prefix " ", ccolor "black" %default 3 size 2, bar "gray70", vgap 10 %default 4 size 5, fore "gray20", vgap 30, prefix " ", font "standard" %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %% Default settings that are applied to TAB-indented lines. %% %tab 1 size 5, vgap 40, prefix " ", icon box "green" 50 %tab 2 size 4, vgap 40, prefix " ", icon arc "yellow" 50 %tab 3 size 3, vgap 40, prefix " ", icon delta3 "white" 40 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %page %size 6.5, font "standard", ccolor "black" %center, fore "Blue", font "standard", hgap 60, size 6.5 SSH and CVS %bar "skyblue" 6 15 70 %font "standard", hgap 0 %size 5, fore "darkblue" Jason Straw %size 4.5 http://www.misato.us %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %page What IS SSH SSH, or Secure SHell, is a replacement protocol, It Replaces something called RSH or Remote SHell. It is encrpyted about much stronger then the connection to a website. \ (note: https is 128bit encryption at best. SSH defaults to 1024bits) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %page Why use SSH instead of telnet? Security -- most users ignore this, password security is the first thing someone will go after on a system, telnet sends passwords through clear text... that means that if I am running a packet sniffer I'll see your username and password. Now I can be you and do lots of fun stuff :) Features -- ssh has the ability to create tunnels, meaning that you can route your ftp sessions securely between your machine and another machine. \ (something like that) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %page SSH: The Basics To Login from the linux distro of your choice ssh wopn.org -- jstraw@wopn.org's password: Note: in linux ssh assumes that unless you give it a \ login account to use that you are using whatever the \ current username is. to get around that use ssh @wopn.org -- jstraw@marconi:~$ Now you can use this exactly like you would use telnet. To Login from a windows box first, go to google.com and type PuTTY in the search box and click on "I'm Feeling Lucky" download putty and pscp to somewhere. now load up putty and type wopn.org in it will then ask for a username and then a password and present you with a prompt -- jstraw@marconi:~$ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %page Secure Copy unix copy is a fairly simple command %font "typewriter", size 3 cp filetobecopied [file2tobecopied... fileNtobecopied] fileordirectory %font "standard", size 5 scp (SSH's copy command) works similarly it just adds a notation to allow \ remote computers to be used. %font "typewriter", size 3 scp localfile1 [localfile2 ... localfileN] host.to.copy.to.highpoint.edu:remotefileordirectory %font "standard", size 5 OR %font "typewriter", size 3 scp host.to.copy.from:remotefile [host2.to.copy.from:remotefile ... hostN.to.copy.from.remotefile] localfileordirectory %font "standard", size 5 Note: anything after the : is related to the home directory, SO %font "typewriter", size 3 jstraw@linus.highpoint.edu:huug --> /home/students/jstraw/huug/ (dir) OR /home/students/jstraw/huug (file) jstraw@linus.highpoint.edu:/usr/local/bin/bouncies -> /usr/local/bin/bouncies (file) OR /usr/local/bin/bouncies/ (dir) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %PAGE Key Authentication To do Key Authentication, first you have to have keys to authenticate with. \ To create your "Key Pair" you need to use ssh-keygen for linux or PuTTYgen for windows. in windows: follow directions given on screen. Linux you will want to choose ssh2 key either RSA or DSA key length of 1024bits the command to use is "ssh-keygen -t DSA -b 1024" %font "thick" IMPORTANT: you need to move the mouse around in some fashion for a decent key to be created. In Fact the generators will not work otherwise. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %page Key Authentication (Continued) Now that you have created the key, now we need to setup the key to be used. first you need to unix copy the private identity (identity, id_dsa) to .ssh/identity next you will need to secure copy the identity.pub or id_dsa.pub to the remote host Then ssh to that host and cat identity.pub >> .ssh/authorized_keys This will create and/or append your key to the list of keys that are allowed for use. Note: identity.pub and id_dsa.pub are the same in this case... You can now do ssh host and login. with or without password, depending on what you set in key generation. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %page What you can DO with all of that! Nothing? Actually there is alot that you can do... You can: Secure Logins for keeping your password safe from intruders Securly copy data from server to server run commands on a remote machine like it is local to do that just type (ssh remoteserver "command to run") allow multiple logins on one account you can put as many lines into an authorized_keys file as you wish to do remote cvs securely %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %PAGE Concurrent Versioning System (CVS) CVS is a way to manage projects in a way that saves every change you commit to it. \ It is derided for not being the best tool in the world, but for storing and keeping \ versions of data, CVS is about as good as it gets. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %PAGE Creating a CVSroot ok... so first thing is. if this is a server used by many... get the an admin to do this \ and set it up for all the users of the server To setup a cvsroot make the directory that you want the cvsroot to be for this presentation the cvsroot will be /cvsroot chown it to who should own it run "cvs init" in the dir that should be the cvsroot This will create a CVSROOT dir and you will be all setup... %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %PAGE Adding a project to your new CVSroot get all project files needed into a single directory export your CVSROOT environment variable export CVSROOT=/cvsroot run cvs import projectname vendor-tag release-tag Vendor Tag is to tell what person/group wrote this project Release Tag is to describe what version type the project is headed to for this a vendor-tag of straw and a release tag of alpha should work fine cvs import huugweb kirby betaone %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %PAGE Getting your source from CVS Here is where the fun begins! to get your information out of cvs, you need to use the checkout command, "cvs co packagename" or "cvs checkout packagename" you either need the CVSROOT environment variable OR to specify the CVSROOT with -d /cvsroot in the command cvs -d /cvsroot co huugweb This will create a new folder called huugweb and put all the source imported into it. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %PAGE Editing with CVS You Edit with whatever your favorite editor is! occasionally you should run "cvs up" inside the source dir to make sure that the source has not been changed on the cvs repository. jstraw@marconi:~huug/ $ cvs up when you have edited everything that you will that day/time period you want to make sure that you commit all the updates back to cvs. You do "cvs up" first, followed by "cvs commit" cvs commit will open up vim for you to type a log entry in, this is to allow you to see what changes were made on each commit and is invalueable for when something stops working and you need to go back. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %PAGE Using remote CVS you need to export the environment variable CVSRSH export CVSRSH=ssh the CVSROOT becomes the scp call to the the CVSROOT on the remote machine so if the CVSROOT is /cvsroot on the server linus.highpoint.edu the CVSROOT is linus.highpoint.edu:/cvsroot %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%