Using CVS pserver over an SSH tunnel through an intermediate server

This is an article that I had posted in my livejournal on 27th-Apr-2006 12:11 pm. I’m trying to migrate the most valuable stuff to wordpress.

Today I had to access a public cvs repository from my computer in the office. Unfortunately it seemed that the company firewall disallows any cvs :pserver: connections due to security reasons. I had to find a way to checkout a module from the repository. Then I noticed an article about ssh tunnelling in the internet and quickly found my solution. I’m describing it below:

There are presently two computers in our picture. One is my system (localhost) and the other is ecos.sourceware.org. I wanted to access the repository in /cvs/ecos of the sourceware.org server. The proper way of doing it is:

cvs -z3 -d :pserver:anoncvs@ecos.sourceware.org:/cvs/ecos checkout ecos

But, it seemed that my company firewall won’t allow it to proceed since its trying to use the pserver protocol. Then, I thought of making an ssh tunnel to the sourceware.org server as a work around. But, for that I need to have an ssh account on the server itself.

Now, its here that my sourceforge.net shell account helped me. I created an ssh tunnel from my system to the sourceforge.net system and forwarded all packets at port 2401 to it. The command to create the tunnel and port forwarding looked like this:

ssh -L localhost:2401:ecos.sourceware.org:2401 jineshkj@shell.sf.net

It says that, ssh should login to shell.sf.net with as jineshkj while forwarding the localhost:2401 to ecos.sourceware.org:2401 through it. So, now I’ve added another computer to the picture, which is the shell.sf.net.

Now, in order to access the ecos.sourceware.org:2401, I only need to connect to localhost:2401. The cvs command should thus be modified as given below:

cvs -z3 -d :pserver:anoncvs@localhost:/cvs/ecos checkout ecos

What happens now is that, I’ll try to access the localhost:2401 using the pserver protocol, which actually gets forwarded to ecos.sourceware.org:2401 through the ssh tunnel. In the local system you can use custom port number other than the standard one as shown below:

ssh -L localhost:8000:ecos.sourceware.org:2401 jineshkj@shell.sf.net

cvs -z3 -d :pserver:anoncvs@localhost:8000:/cvs/ecos checkout ecos

Note that the cvs command has to be executed in your local shell and not in the ssh shell.

Best of luck.

Possibly related posts: (automatically generated)

~ by jineshkj on 23 December, 2006.

Posted in System Administration

Leave a Reply