Subject: Re: CVSsing methodology
To: Andrew Gillham <firstname.lastname@example.org>
From: Laine Stump <email@example.com>
Date: 09/28/1999 00:34:48
>Laine Stump writes:
>> I don't know what the right command is, but this isn't it.
At 09:44 PM 9/27/99 -0400, Andrew Gillham wrote:
>Hmm, this command works(*) as I just ran it:
>rsync -z -r -v --stats --progress rsync://sup.netbsd.org/anoncvs NetBSD-cvs
I figured out my problem - the machine I tried that command on (and where I
looked in the manpage) had rsync 2.1.0, which doesn't support the
"rsync://..." notation., giving an error message instead. Now that I've
tried it on something more up to date, it works. Sorry for the confusion.
>> CVS_RSH=ssh; export CVS_RSH
>> cd /usr/src
>> cvs update -d -P
>Why is 'ssh' being used for this? Is it more efficient/reliable than pserver
>mode here? Unless anoncvs.netbsd.org supports ssh with the 'no cypher'
>isn't ssh just wasting cpu cycles on both ends?
Good point. But I was accustommed to the OpenBSD anoncvs service, which
only worked with ssh (except for one mirror which seemed to constantly be
down anyway), and since that was the first option given in the entry on the
webpage (and I usually stop reading as soon as I get to *anything* that
works, especially if it looks familiar), that's what I used.
One question that remains - is pserver mode secure enough? (Obviously we're
not concerned about other people seeing the data that's transferred, but
are there any possible security vulnerabilities to pserver mode that might
preclude having it turned on?) If it is secure enough, then that should be
the first recommendation, with an indication to use ssh only if pserver
doesn't work for you for some reason (eg, local firewall policy).
Otherwise, maybe it would be good to use ssh with "no cypher".
(I wonder how much of the load on anoncvs.netbsd.org is caused by
thoughtless people like me using ssh... Anyway, that's why it's important
to have a set of instructions somewhere.)
> CVS_RSH has no effect when you use pserver mode
> (-d :pserver:you@foobaa), so I believe you can omit CVS_RSH part.