Remote CVS Over SSH Without pserver

Background

This site is served from a shared server, and I do most of my work on the site directly on the server, using SSH, vi, and other shell tools. A while back, I decided I wanted to have this site under source control using CVS, since I mess up sometimes and the ability to un-mess up would be welcome.

Specifically, I wanted to:

I figured out all the details and got it working. I then documented the process on my host's member forum. (Someone else had been wondering about it too.)

There have been some changes in how WinCVS works in the 1.3 beta. This document was written with WinCVS 1.2 in mind, so it might be out of date. Then again, this might still be useful (and I did spend some time writing it), so I've edited my original document mildly, added some additional information, and put it here as a sacrifice to the gods of Google.

The Setup

Introduction

There was a discussion recently about using CVS to get remote access to files on our hosted accounts. You can actually do this as things are now, with a bit of work.

First, be advised that this is not for the faint of heart.

What's below is not a complete HOWTO, but it's a starting point. Specifically, I'm assuming you already have ssh access to your server, so I'm not going to talk the basics of ssh. I'm also leaving out things like dealing with the Unix shell. I'm not going to discuss how CVS works. This only covers how to use SSH to use CVS remotely without pserver.

I'll assume you're on Windows. (I use Windows 2000, no promises about Win 9x. There are never any promises about Win 9x...but I digress.) You can do all this stuff on Linux, of course, but the programs are obviously different.

Things You'll Need

Let's say your account is user on server blah.com to keep it simple.

Software

Install WinCVS. I already had WinCVS, so I don't have instructions for this, but it's not hard to install.

Put PuTTY, Plink, PuTTYgen and Pageant somewhere in your system path (I have c:\bin in my path for things like this, but I am a Unix dork. I personally wouldn't put them in c:\winnt\system32 like some people would; consider creating a directory and adding it to your %PATH% system variable. Up to you.)

Set Up CVS Repository

Using PuTTY, make a ssh connection to your shell account on your server and set up a new CVS repository with these commands:

mkdir ~/cvs
cvs -d ~/cvs init

Next, start a new module in the repository. A good choice might be your current website. You could do this:

cd ~/public_html
cvs import -m "first import" blahsite blah start

You now have a CVS module called "blahsite" in a local CVS repository within your shell account. It contains everything in your ~/public_html folder.

Configure WinCVS

Next, set up WinCVS to be able to access it. Launch WinCVS and go into the "Admin -> Preferences..." dialog.

Under the General tab

Under the Ports tab

Under the Globals tab

Here's a tricky part if you're used to using WinCVS with pserver-based repositories. Don't use the Admin -> Login... command. Since you're running this over ssh, it's as if you're using the repository as a local user, and you don't have to login to local CVS repositories. So forget about doing a cvs login.

Here's the ugly part if you're not used to dealing with SSH keys. Since you're making a ssh connection, you have to authenticate with the server's sshd. You can either type in your account password every time, or you can use a public/private key setup with an agent to type your passphrase once at the beginning of your work session. I do the latter for work anyway, so it wasn't much for me to set it up. Below is how you do it.

Configure SSH

Use PuTTYgen to generate a private key and save it somewhere on your computer. You should specify a long and annoying-to-type passphrase (note this is not a passWORD; it should be several words, preferably with varied punctuation and non-alphanumeric characters). Copy the public key from the top of the PuTTYgen window to your Clipboard, then open a shell connection to your server and do this:

cd ~/.ssh
{editor} authorized_keys (where {editor} is your preferred shell text editor)
{paste in your public key from your computer's Clipboard}
{save and exit}
chmod 600 authorized_keys

Set up a new connection in PuTTY to connect to blah.com using SSH. In the Connection preferences, put your username in the Auto-login username field, then in Connection -> SSH, browse to your private key file under Private key file for authentication. I like to check Enable compression too. Save the PuTTY connection configuration.

If you open this connection, you'll see that you're asked for the passphrase you provided to PuTTYgen. Since the passphrase is long and annoying-to-type, you would quickly grow tired of typing it. If only there were some way to cache the fact that you provided the passphrase. Luckily, this is what Pageant is for.

Run Pageant, then from your system tray, right click on the Pageant icon and choose Add Key. Add the private key that you created with PuTTYgen and type your passphrase. Pageant will now supply the private key for your subsequent connections with PuTTY and Plink. A little extra clicking when you start a work session, but it saves a lot of time later on.

Give It a Try

Having all that set up, you should be able to check out your CVS module without any trouble. In WinCVS, go to Create -> Checkout module..., then type the name of the module you created (blahsite) in the module name field. You should get a working directory on your computer at the location you configured WinCVS to use.

From here on out, WinCVS acts as if it's dealing with a pserver-based CVS repository. Updates, commits, diffs, etc. all work like you'd expect. (Assuming you know how CVS works.)

Resources

Great, Now What?

This enables remote CVS via SSH, making it possible to do the things I was looking for originally. The details:

Server-Based Version Control

I actually have a checked-out copy of my site in my public web directory, so when I change a file, I can cvs ci file and commit it to the local repository. If I mess up a file I'm editing, I can do a mv file file.bad; cvs update file to pull the last good version from the local CVS. I can reconcile the changes, then remove file.bad when I'm finished.

Maintaining a Local Copy

To pull new changes to my local computer, I do a cvs update (or Modify -> Update... in WinCVS) on my local machine. All the latest revisions from the remote CVS repository are pulled down and my local copy is updated.

Pushing Local Changes

If I change files on my local computer, I just commit them as normal. Then, on the server, I do a cvs update. The new revisions are deployed in the appropriate places.

Has Something Changed?

The CVS repository acts as a baseline for changes. If I think there are changed files in my web directory, I can do a cvs -qn update to see what's changed since my last commit. This is pretty helpful sometimes. Of course, cvs diff provides the details if needed.

Conclusion

Hopefully, if you've read this far, you've found this accurate and helpful. If you have suggestions about how I can improve the accuracy or helpfulness, please let me know.

This document is $Revision: 1.4 $, $Date: 2003/04/21 16:01:32 $.