Subject: cvs and ssh
To: None <>
From: David Forbes <>
List: netbsd-users
Date: 08/04/2001 19:40:59
Dear all,

I have a machine with a cvs repository on it, behind a firewall and a
demand dialled modem.  I have another machine out on the internet, to
which I connect with ssh.

machine A  ----- machine B ---modem---internet ----- machine C
 cvs repo        firewall

I would like to be able to do cvs co/update etc on machine C during a ssh
session from A.  I'm thinking that I can do this with a ssh tunnel of some
sort, but as machine C is on the open internet, I don't want to leave any
trace of what/where machine A is or any passwords.  Nor do I want to have
to use su in order to achieve it.

The ways I can see of doing are:

1) Set CVS_RSH=ssh and get machine C to connect back.  This has two
problems: a) I'd need to have the user on machine C's keys in an
authorized_keys file on A and, b) it won't get through the firewall.

2) Setup a ssh to forward the pserver port.  However, I'd need to put a
password on machine C in order to get access to A.

3) Setup ssh to forward rsh.  I feel this is worse than 2.

Is it possible to set CVS_RSH to some devious value, so that it uses the
basic ssh connection backwards?