Annotation of www/anoncvs.html, Revision 1.93
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
1.93 ! deraadt 4: <title>OpenBSD AnonCVS</title>
! 5: <link rev=made href=mailto:www@openbsd.org>
! 6: <meta name="resource-type" content="document">
! 7: <meta name="description" content="How to get OpenBSD updates via Internet using Anonymous CVS">
! 8: <meta name="keywords" content="openbsd,anoncvs,updates">
! 9: <meta name="distribution" content="global">
! 10: <meta name="copyright" content="This document copyright 1996-1998 by OpenBSD.">
1.1 deraadt 11: </head>
12:
1.14 downsj 13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
1.1 deraadt 14:
1.58 pauls 15: <img alt="[OpenBSD]" height=30 width=141 SRC="images/smalltitle.gif">
1.93 ! deraadt 16: <p>
! 17: <h2><font color=#e00000>Anonymous CVS</font><hr></h2>
1.14 downsj 18:
1.93 ! deraadt 19: <h3><font color=#0000e0>What is it?</font></h3>
1.15 grr 20: <p>
21: Anonymous CVS is a method of keeping your local copy of the OpenBSD source
22: tree up to date with respect to changes made to current OpenBSD sources.
1.14 downsj 23: <p>
1.15 grr 24: The major advantage of Anonymous CVS over other source code update
25: techniques is that it works directly against a central source code
26: repository or mirror. This means that you have the full set of CVS
27: commands available to control merging and updating your changes with
28: other source changes and for performing diff's, change histories
29: and other queries against the central repository.
1.36 deraadt 30: <p>
31: You can use anoncvs to access our three main source repositories:
32: <strong>src</strong>, <strong>ports</strong>, and <strong>www</strong>.
33: <p>
1.43 deraadt 34: <h3><font color=#0000e0>CVS:</font></h3>
1.36 deraadt 35: <a href=why-cvs.html>
36: CVS is the source code control system used to manage the OpenBSD source tree.</a>
1.16 deraadt 37: It implements a central repository for all officially released source code
1.15 grr 38: and changes, while permitting developers to maintain local copies of the
39: source code with their working changes. Developers with "write access"
40: can commit changes directly to the OpenBSD source tree, while "Anonymous
41: CVS" users have "read access" and can keep their local copies of the source
42: up to date and issue queries against the central depository.
43: <p>
1.22 niklas 44: The major strength of CVS is that it has the ability to perform intelligent
1.15 grr 45: merges of changes to the central repository with changes that you make to
46: your local copy. This means that if you make a change to a module and
47: perform an update, your changes are not "blown away", rather CVS makes
48: best efforts to merge the changes made to the central sources with changes
49: you've made to your local copy.
50: <p>
51: In the event that the changes can't be completely merged, CVS provides a
52: "soft fallback", in terms of providing you with annotated changes to your
1.39 todd 53: local copy, preserving an unmodified copy of your version and continuing
1.15 grr 54: to update any other source modules you requested.
1.22 niklas 55: <p>
1.23 mickey 56: People who own an OpenBSD CD may have seen the CVS/ dirs on it.
1.22 niklas 57: Actually there is a reason, the CD has a checkout of the OpenBSD src/ module
1.23 mickey 58: usable to continue updating from. Using this tree will results in a much
59: faster initial CVS update than a fresh checkout of the full OpenBSD
60: source tree. There are two ways of using the CD:
61: <ul>
62: <li>copy the tree off it, (assuming the CD is mounted on /mnt):
1.22 niklas 63: <pre>
1.23 mickey 64: <b>#</b> cd /mnt; cp -Rp CVS Makefile bin distrib etc games gnu \
65: <b>></b> include kerberosIV lib libexec lkm regress sbin share \
66: <b>></b> sys usr.bin usr.sbin /usr/src
1.22 niklas 67: </pre>
1.23 mickey 68: <li>use a union mount with the CD below a writable directory.
1.22 niklas 69: <pre>
1.23 mickey 70: <b>#</b> mount -t union -o -b /mnt /usr/src
1.22 niklas 71: </pre>
1.23 mickey 72: </ul>
1.22 niklas 73: After this, /usr/src will be a nice checkout area where all cvs(1) commands
74: will work OK.
1.15 grr 75: <h4>CVS COMMAND SUMMARY</h4>
1.27 todd 76: <dt> cvs [cvs args] [cvs command] [cvs command args]
77: <dd> below is a listing of commonly used cvs commands.
1.15 grr 78: <dl>
79: <DT>add
80: <dd>Add a new file or directory to the repository.
81: <dt>get
82: <dd>Make a working directory of source files for editing.
83: <dt>commit
84: <dd>Apply changes to the source repository (write access)
85: <dt>diff
86: <dd>Show differences between local files and the source repository.
87: <dt>history
88: <dd>Show reports on cvs commands against the source repository.
89: <dt>log
90: <dd>Display CVS log information.
91: <dt>rdiff
92: <dd>Prepare a collection of diffs reflecting changes between release.
93: <dt>status
94: <dd>Show current status of files in the repository and local copies.
95: <dt>update
96: <DD>Bring your working directory up to date with the repository.
97: </dl>
1.1 deraadt 98: <p>
1.39 todd 99: To summarize, the real strength of using Anonymous CVS is that it is
1.15 grr 100: a "tolerant" source code control system - it <strong>respects</strong>
101: changes that you have made to your local sources and makes <strong>
102: "best efforts"</strong> to update your entire source tree, rather than
103: leaving you a list of arcane problems that have to be resolved before
104: continuing.
1.1 deraadt 105:
1.43 deraadt 106: <h3><font color=#0000e0>Using Anonymous CVS:</font></h3>
1.1 deraadt 107: <p>
108: The latest version of CVS is available at
1.47 pauls 109: <a href=http://download.cyclic.com/pub/>Cyclic</a>.
1.1 deraadt 110: Versions earlier than 1.6 are not recommended, and may not work.
111: If you already have OpenBSD installed, CVS is included.
112:
113: <p>
114: There are two levels of source tree access:
115:
116: <dl>
117: <dt><strong>Read-write access for developers:</strong>
118: <dd>Developers who need to commit changes to the source tree must have
119: an account on the OpenBSD machines. Getting this access will be a
120: natural result of working on the sources with other OpenBSD developers.
121: If someone does some good work and shows they can work with the team,
122: they will get an account.
123: </dl>
124:
125: <dl>
126: <dt><strong>Read-only access for everyone:</strong>
127: <dd>Anyone can access the read-only CVS repositories. These copies
128: of the read-write CVS repository are mirrored often. To use one,
129: set your <strong>CVSROOT</strong> environment variable to one of
130: the following values:
1.12 grr 131: <p>
132: <strong>Please see the note about using ssh vs. rsh below!</strong>
133: <p>
1.1 deraadt 134: <ul>
135: <p>
1.83 millert 136: <li><strong>CVSROOT=anoncvs@anoncvs1.usa.openbsd.org:/cvs</strong><br>
137: Host also known as <strong>anoncvs@anoncvs4.usa.openbsd.org</strong>.<br>
1.10 millert 138: located in California, western USA.<br>
1.46 millert 139: maintained by <a href=mailto:millert@openbsd.org>Todd Miller</a>.<br>
1.83 millert 140: protocols: pserver only.<br>
1.1 deraadt 141: updated every 4 hours.<br>
142: <p>
1.83 millert 143: <li><strong>CVSROOT=anoncvs@anoncvs.usa.openbsd.org:/cvs</strong><br>
144: Host also known as <strong>anoncvs3.usa.openbsd.org</strong>.<br>
1.1 deraadt 145: located at the University of Colorado, Boulder, western USA.<br>
146: maintained by <a href=mailto:Todd.Miller@cs.colorado.edu>Todd Miller</a>.<br>
1.71 millert 147: protocols: ssh, ssh port 2022, pserver.<br>
1.1 deraadt 148: updated every 6 hours.<br>
149: <p>
1.76 deraadt 150: <li><strong>CVSROOT=anoncvs@anoncvs5.usa.openbsd.org:/cvs</strong><br>
151: Host also known as <strong>squid.nas.nasa.gov</strong>.<br>
152: located at Ames Research Center, Moffett Field, California, USA.<br>
1.78 deraadt 153: maintained by <a href=mailto:allison@mail.arc.nasa.gov>Tyler Allison</a>.<br>
1.77 deraadt 154: protocols: ssh only.<br>
155: updated every 3 hours.<br>
1.84 beck 156: <li><strong>CVSROOT=anoncvs@mirror.arc.nasa.gov:/cvs</strong><br>
157: located at Ames Research Center, Moffett Field, California, USA.<br>
158: maintained by <a href=mailto:allison@mail.arc.nasa.gov>Tyler Allison</a>.<br>
159: protocols: ssh only.<br>
160: updated every 3 hours.<br>
1.76 deraadt 161: <p>
1.31 deraadt 162: <li><strong>CVSROOT=anoncvs@anoncvs6.usa.openbsd.org:/cvs</strong><br>
163: Host also known as <strong>openbsd.citi.umich.edu</strong>.<br>
164: located at the University of Michigan, central USA.<br>
165: maintained by <a href=mailto:rees@umich.edu>Jim Rees</a>.<br>
166: protocols: ssh, ssh port 2022.<br>
167: updated every 12 hours.<br>
168: <p>
1.24 deraadt 169: <li><strong>CVSROOT=anoncvs@anoncvs1.ca.openbsd.org:/cvs</strong><br>
1.40 beck 170: Host also known as <strong>anoncvs.ca.openbsd.org</strong>,
1.74 beck 171: <strong>openbsd.sunsite.ualberta.ca</strong><br>
1.24 deraadt 172: located in Edmonton, Alberta, Canada.<br>
1.80 beck 173: maintained by <A HREF="mailto:beck@ualberta.ca">Bob Beck</A><br>
1.53 beck 174: protocols: ssh, rsh, ssh port 2022, pserver<br>
1.45 beck 175: updated every 2 hours.<br>
1.24 deraadt 176: <p>
1.1 deraadt 177: <li><strong>CVSROOT=anoncvs@anoncvs.uk.openbsd.org:/cvs</strong><br>
178: Host also known as <strong>dumpty.wonderland.org</strong>.<br>
179: located in London, UK.<br>
180: maintained by <a href=mailto:peter@wonderland.org>Peter Galbavy</a>.<br>
181: protocols: rsh.<br>
182: updated every 12 hours.<br>
183: <p>
184: <li><strong>CVSROOT=anoncvs@anoncvs.tw.openbsd.org:/cvs</strong><br>
1.64 deraadt 185: Host also known as <strong>OpenBSD.csie.NCTU.edu.tw</strong>.<br>
1.1 deraadt 186: located in Taipei, Taiwan.<br>
1.63 deraadt 187: maintained by <a href=mailto:lkchu@OpenBSD.csie.NCTU.edu.tw>Liang-Kai Chu</a>.<br>
1.1 deraadt 188: protocols: rsh, ssh, ssh port 2022.<br>
189: updated every 12 hours.<br>
190: <p>
191: <li><strong>CVSROOT=anoncvs@anoncvs.no.openbsd.org:/cvs</strong><br>
1.64 deraadt 192: Host also known as <strong>cvs.inet.no</strong>.<br>
1.1 deraadt 193: located in Norway.<br>
1.64 deraadt 194: maintained by <a href=mailto:cvsadmin@inet.no>Michael Shuldman</a>.<br>
1.1 deraadt 195: protocols: rsh, ssh, ssh port 2022.<br>
196: updated every 4 hours.<br>
197: <p>
1.33 deraadt 198: <li><strong>CVSROOT=anoncvs@anoncvs.se.openbsd.org:/cvs</strong><br>
1.54 art 199: Host also known as <strong>anoncvs.stacken.kth.se</strong>.<br>
1.33 deraadt 200: located in Sweden.<br>
201: maintained by <a href=mailto:anoncvs@stacken.kth.se>Magnus Holmberg</a>.<br>
202: protocols: rsh, ssh, ssh port 2022.<br>
1.57 art 203: updated every 3 hours.<br>
1.68 wvdputte 204: <p>
205: <li><strong>CVSROOT=anoncvs@anoncvs.be.openbsd.org:/cvs</strong><br>
206: Host also known as <strong>badlands.rug.ac.be</strong>.<br>
207: located in Belgium.<br>
208: maintained by <a href=mailto:wvdputte@reptile.rug.ac.be>Wim Vandeputte</a>.<br>
209: protocols: ssh, ssh port 2022.<br>
210: updated every 3 hours.<br>
1.69 deraadt 211: <p>
212: <li><strong>CVSROOT=anoncvs@anoncvs.jp.openbsd.org:/cvs</strong><br>
213: Host also known as <strong>kankoromochi.econ.nagasaki-u.ac.jp</strong>.<br>
214: located at Nagasaki Univ. Faculty of Economics, JAPAN.<br>
215: maintained by <a href=mailto:sigh@net.nagasaki-u.ac.jp>SUZUKI Hitoshi</a>.<br>
1.79 deraadt 216: protocols: ssh, pserver.<br>
217: updated every 3 hours.<br>
1.73 deraadt 218: <li><strong>CVSROOT=anoncvs@anoncvs.cz.openbsd.org:/cvs</strong><br>
219: Host also known as <strong>com-os2.ms.mff.cuni.cz</strong>.<br>
220: located at Faculty Math & Physics, Charles University, Prague, Czech republic.<br>
221: maintained by <a href=mailto:galambos@com-os2.ms.mff.cuni.cz>Leo Galambos</a>.<br>
222: protocols: ssh, ssh port 2022.<br>
223: updated every 3 hours.<br>
1.84 beck 224: <li><strong>CVSROOT=anoncvs@anoncvs1.au.openbsd.org:/cvs</strong><br>
225: Host also known as <strong>anoncvs.au.openbsd.org</strong>,
226: <strong>anoncvs.openbsd.aba.net.au</strong><br>
227: located in Carlton, Victoria, Australia.<br>
228: maintained by <A HREF="mailto:mwp@aba.net.au">Micheal Paddon</A><br>
229: protocols: ssh<br>
230: updated every 4 hours.<br>
1.88 beck 231: <li><strong>CVSROOT=anoncvs@dolphin.mtmc.ru:/cvs</strong><br>
232: located in Moscow, Russia<br>
233: maintained by <A HREF="mailto:jc@mtmc.ru">John Chertihin</A><br>
234: protocols: rsh, ssh<br>
1.89 beck 235: updated every 24 hours (at 1 AM Moscow time)<br>
1.86 beck 236: <li><strong>CVSROOT :pserver:anoncvs@gloup.linuxfr.org:/cvs</strong><br>
1.87 beck 237: Host also known as <strong>gloup.linuxfr.org</strong><br>
238: located at University of Angers, FRANCE<br>
239: maintained by: <A HREF=mailto:seisen@linuxfr.org>Fabien Seisen</A><br>
240: protocols: pserver<br>
1.86 beck 241: updated every 24h ( at 2h GMT )<br>
1.80 beck 242: <li><strong>CVSROOT=anoncvs@exokernel.lcs.mit.edu:/cvs</strong><br>
243: located at M.I.T, Eastern USA.<br>
244: maintained by ????<br>
245: protocols: ssh, ???<br>
246: updated every ? hours.<br>
247: <li><strong>CVSROOT=anoncvs@xyzzy.gsnig.net:/cvs</strong><br>
248: Located in Goteborg, Sweden<br>
249: maintained by martin@openbsd.org<br>
250: protocols: ssh, ???<br>
251: updated every ? hours.<br>
252: <li><strong>CVSROOT=anoncvs@stl-isaas.ey.com:/cvs</strong><br>
1.90 beck 253: Located in St. Louis, MO, Eastern USA<br>
1.81 beck 254: maintained by <A HREF="mailto:aaron11@sprynet.com">Aaron Miller</A><br>
255: protocols: ssh, ssh port 2022, pserver<br>
256: updated every 3 hours.<br>
1.91 beck 257: <li><strong>CVSROOT=anoncvs@openbsd.groupbsd.org:/cvs</strong><br>
1.92 jason 258: Located in Hillsborough NC, Eastern USA<br>
259: maintained by <A HREF="mailto:jason@openbsd.org">Jason Wright</A><br>
1.91 beck 260: protocols: ssh<br>
261: updated every 4 hours.<br>
1.80 beck 262: <li><strong>CVSROOT=anoncvs@headend-vlan1-cm19.fibertel.com.ar:/cvs</strong><br>
263: Located in Buenos Aires, Argentina<br>
264: maintained by ????<br>
265: protocols: ssh?, ???<br>
266: updated every ? hours.<br>
1.73 deraadt 267: </ul>
1.84 beck 268:
269:
1.73 deraadt 270: <p>
1.80 beck 271: <EM>Note:</EM>, If your server is listed on here with inaccurate or
272: unknown information, please contact <A
1.85 espie 273: HREF="mailto:beck@openbsd.org"><tt>beck@openbsd.org</tt></A>
1.80 beck 274: <p>
1.1 deraadt 275: You may want to use `traceroute' to find out which server is nearest you.
1.11 michaels 276: Problems with a server should be reported to the <b>maintainer</b> of the
277: server in question.
1.1 deraadt 278: </dl>
279: <p>
280: <strong>IMPORTANT NOTE:</strong>
281: There are a few issues relating to cryptographic software that everyone
282: should be aware of:
283: <ul>
284: <li>The OpenBSD sources are from Canada.
1.9 deraadt 285: As
286: <a href=http://insight.mcmaster.ca/org/efc/pages/doc/crypto-export.html>
287: researched by a Canadian individual</a>
288: and as
289: <a href=http://axion.physics.ubc.ca/ECL.html>
290: described in the Export Control list of Canada</a>
291: is legal to export crypto software from Canada to the world.
1.1 deraadt 292: <p>
293: <li>However, if you are outside the USA or Canada, you should not
294: fetch the cryptographic sections of the OpenBSD sources from an
295: anoncvs server located in the USA. The files in question are...
296: <ul>
297: <li>src/kerberosIV/*
1.57 art 298: <li>src/lib/libdes/*
1.1 deraadt 299: <li>src/lib/libc/crypt/crypt.c
300: <li>src/lib/libc/crypt/morecrypt.c
1.36 deraadt 301: <li>src/sys/netinet
1.67 art 302: <li>src/usr.sbin/afs/src/rxkad/*
1.56 matthieu 303: <li>X11/xc/lib/Xdmcp/Wraphelp.c
1.1 deraadt 304: </ul>
305: Because of the USA ITAR munitions list,
306: crypto software may only be exported to Canada from the USA.
307: <p>
308: <li>The OpenBSD project is looking for more anoncvs servers -- read
309: on to find out how you can help.
310: </ul>
311:
312: <p>
313: A sample use of an anoncvs CVS server would be:
1.27 todd 314: <ul>
1.1 deraadt 315: <pre>
1.59 beck 316: % setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs
1.1 deraadt 317: % cd /tmp
318: % cvs get src/sys/arch/sparc
1.12 grr 319: [copies the files from the repository to your machine]
1.1 deraadt 320: % cvs log src/sys/arch/sparc/sparc/locore.s
1.12 grr 321: [shows the commit log for the chosen file ]
1.1 deraadt 322: % cvs diff -bc -r1.1 -r1.5 src/sys/arch/sparc/sparc/locore.s
1.12 grr 323: [shows the changes between revisions 1.1 and rev 1.5]
1.1 deraadt 324: </pre>
1.27 todd 325: </ul>
1.1 deraadt 326:
327: <p>
1.18 todd 328: <a name=pserver>In order to use a cvs ``pserver'' (a direct tcp connection instead of using ssh or rsh) you must login once:</a>
329: <pre>
330: [ *NOTE* You must be using cvs version 1.8 or higher to do this ]
1.59 beck 331: % setenv CVSROOT :pserver:anoncvs@anoncvs.ca.openbsd.org:/cvs
1.18 todd 332: % cvs login
1.59 beck 333: (Logging in to anoncvs@anoncvs1.ca.openbsd.org)
1.71 millert 334: CVS password: anoncvs
1.18 todd 335: [this writes a line to ~/.cvspass (filename over-ridden by CVS_PASSFILE).]
336: [An example line from my ~/.cvspass after typing 'blah' for the above ]
337: [password is: ]
338: [:pserver:anoncvs@anoncvs5.usa.openbsd.org:/cvs Au'yc ]
339: [...after logging in ONCE every other use of the above CVSROOT will work ]
340: % cvs -z9 get ksrc-i386 ksrc-common
341: [allows you to retrieve ONLY that necessary to rebuild an i386 kernel ]
342: [ -z9 allows gzip -9 compression, GOOD medicine for slow links ]
343: </pre>
344:
345: <p>
1.39 todd 346: Here is how someone using anoncvs regularly would update his
1.1 deraadt 347: source tree:
1.60 millert 348: <ul><li>First, start out by `get'-ing an initial tree:
1.27 todd 349:
1.1 deraadt 350: <pre>
1.59 beck 351: # setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs
1.1 deraadt 352: # cd /usr
353: # cvs -q get -PA src
354: </pre>
1.27 todd 355: </li>
1.37 todd 356:
1.27 todd 357: <li> Anytime afterwards, to `update' this tree:
1.1 deraadt 358: <pre>
1.41 deraadt 359: # cd /usr/src
360: # cvs -q up -PAd
1.1 deraadt 361: </pre>
1.27 todd 362:
1.39 todd 363: Everytime you ran this it would synchronize your /usr/src tree. It would
1.1 deraadt 364: not destroy any of your local changes, rather it would attempt to merge
365: changes in. If you use obj directories (not obj symbolic links) you may
366: wish to append "-I obj" to the cvs command line, this will keep cvs from
367: spitting out a warning about all the obj directories it is going to
368: encounter which are not in the repository.
1.72 millert 369:
370: <p>
371: <li> NOTE: if you are updating a source tree that you initially fetched
372: from a different server, or from a CD, you <strong>must</strong>
373: add the <em>-d $CVSROOT</em> options to cvs. You must also set the
374: <em>CVS_IGNORE_REMOTE_ROOT</em> environment variable.
375:
376: <pre>
377: # cd /usr/src
378: # cvs -d $CVSROOT -q up -PAd
379: </pre>
380:
1.27 todd 381: </li>
382: </ul>
383:
1.37 todd 384: <p>
385: To <a name=ports>use</a> <a href=ports.html>ports</a>, it is similar to src:
386: <ul><li>
387: <pre>
1.59 beck 388: # setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs
1.37 todd 389: # cd /usr
390: # cvs -q get -PA ports
1.38 deraadt 391: </pre>
1.37 todd 392: </li>
393: <li> Anytime afterwards, to `update' this tree:
394: <pre>
395: # cd /usr
396: # cvs -q up -PAd ports
397: </pre>
398: </li>
399: </p>
400: </ul>
401:
1.27 todd 402: In the above example, '-q' is optional, only intended to minimize
403: cvs's output. For those who like to see screenfulls of output, it
404: can be omitted.
1.1 deraadt 405:
406: <p>
1.12 grr 407: or to make a diff of a locally patched module (here cd.c) to include with
408: a bug report:
409: <pre>
410: # cd /usr
411: # cvs diff -u src/sys/scsi/cd.c > /tmp/patch
412: </pre>
1.37 todd 413: </p>
1.12 grr 414:
415: <p>
1.1 deraadt 416: The CVS man page (included with the CVS sources) has much more
417: information about how CVS can be used.
418:
419: <p>
1.12 grr 420: <strong>Warning:</strong>
421: When using cvs you should take care that your current directory is either
422: the root of the tree you're referencing or in a separate place such as /tmp.
423: Some commands such as "get" can create an arbitrary sub-tree in the current
424: directory, and a subsequent update will recursively flesh out this sub-tree.
425:
426: <p>
1.1 deraadt 427: The anoncvs service gives fledgling developers a chance to learn CVS
428: operation and get thoroughly involved in the development process
429: before getting "commit" access -- as a result of showing useful
430: skills and high quality results they will naturally later be given
431: developer access. As well, people providing patches can create
432: their "diff"s relative to the CVS tree, which will ease integration.
433:
434: <p>
1.15 grr 435: <strong>Anoncvs: rsh vs. ssh</strong>
1.12 grr 436: <br>
437: By default, the CVS client uses rsh to talk to the CVS server. Many
1.39 todd 438: of the CVS sites no longer support rsh for security reasons or a local
1.12 grr 439: problem like a firewall or imperfect protocol emulator such as slirp
440: may prevent you from using rsh.
441: The alternative is a to use a "secure shell" connection using
1.48 ryker 442: <a href=http://www.cs.hut.fi/ssh/>ssh</a>. This is a commercial product
1.12 grr 443: offered by <a href=http://www.ssh.fi>SSH Communications Security Ltd</a>,
444: however they make a free unix version available that can be easily
1.68 wvdputte 445: installed under OpenBSD. Make sure you read the LICENSING doc! If you have
446: installed the OpenBSD <A HREF="ports.html">ports tree</A> you can download,
447: compile, and install the free UNIX version just by changing directory into the
448: directory /usr/ports/security/ssh and typing <KBD>make install</KBD>.
449: If you installed "ports" from the OpenBSD 2.4 CD-ROM, you get ssh
450: version 1.2.26 and should eventually "cvs update ports" and rebuild it as above
1.49 ian 451: after you get ssh and anoncvs working, to get the latest version.
1.68 wvdputte 452: Alternately, you can manually download the latest 1.2.* Unix version from
453: <a href= "ftp://ftp.funet.fi/pub/unix/security/login/ssh/">
454: ftp://ftp.funet.fi/pub/unix/security/login/ssh/</a> or
455: <a href= "http://www.datafellows.com/f-secure/fnetsys.htm">
456: http://www.datafellows.com/f-secure/fnetsys.htm</a>,
457: compile, and install it yourself.
458:
459: <p>
460: The OpenBSD anoncvs repositries support the SSH1 protocol, not the SSH2 protocol
461: due to the use of a "strict non-commercial use licensing policy".
1.28 beck 462:
1.75 millert 463: <p>
464: Once ssh is installed, one sets the environment variable
1.28 beck 465: <strong>CVS_RSH</strong> to point to ssh (typically
466: <strong>/usr/local/bin/ssh</strong>). If your local site prevents you
467: from connecting out to port 22 (which ssh defaults to using) use port
468: 2022.
1.1 deraadt 469:
470: <p>
471: Do not be tempted to turn on compression since CVS already compresses.
472: Use something like the following in your <strong>$HOME/.ssh/config</strong>
1.10 millert 473: file. Note that not all anoncvs servers allow ssh connections on
1.21 millert 474: port 2022. Also note that most anoncvs servers no longer accept
475: the <strong>none</strong> cipher as it is disabled in recent
476: versions of ssh for security reasons.
1.1 deraadt 477: <pre>
1.59 beck 478: Host anoncvs.ca.openbsd.org
1.1 deraadt 479: Port 2022
480: </pre>
481:
482: <p>
483: CVS is a little noisy starting up; to quiet it a bit you may want to
484: do this:
485: <pre>
486: setenv CVS_CLIENT_PORT -1
487: </pre>
488:
489: <p>
1.8 deraadt 490: If you wish to change from one CVS server to another (say your normal one is
491: down, or for any other reason), the environment variable which will let you
492: do this is
493: <pre>
494: setenv CVS_IGNORE_REMOTE_ROOT
495: </pre>
1.72 millert 496: Note that you will also need to use the <strong>-d</strong> flag
497: as mentioned above.
1.8 deraadt 498:
1.65 matthieu 499: <p><strong>X11 Source tree</strong>
500: <br>
501: Anoncvs mirrors also carry the OpenBSD X11 source tree. You can adapt
502: the recipe above to update your X11 source tree from the second CD.
503: Either copy or use a union mount to get the X11 sources in /usr/X11:
504: <ul>
505: <li>copy the tree off it (assuming the 2nd CD is mounted on /mnt):
506: <pre>
507: <b>#</b> cd /mnt; cp -Rp X11 /usr
508: </pre>
509: <li>use a union mount with the CD below a writable directory.
510: <pre>
511: <b>#</b> mount -t union -o -b /mnt/X11 /usr/X11
512: </pre>
513: </ul>
514: After this, /usr/X11 will be ready to be used by cvs. You can for
515: example update it to -current source (assuming you've already set
516: the <b>CVSROOT</b> environment variable):
517: <pre>
518: <b>#</b> cd /usr/X11
519: <b>#</b> cvs -q update -PAd
520: </pre>
521:
522: <p><strong>Setting up a new anoncvs mirror</strong>
523: <br>
1.1 deraadt 524: If you wish to be a new anoncvs mirror site, please contact the anoncvs
525: <a href=mailto:deraadt@theos.com>maintainer</a>.
1.30 beck 526: Anoncvs mirrors require about 500MB of disk, and use up to 4MB of swap
1.1 deraadt 527: per anoncvs user (assuming the user does a large operation; while smaller
528: operations use fewer resources, anoncvs still makes much more of an
529: impact than ftp or sup). Such anoncvs machines should have excellent
530: network connectivity for the area they are expected to serve. A
531: <a href=anoncvs.shar>document</a>
532: which describes the setup of anoncvs servers is available.
533:
1.60 millert 534: <h3><font color=#0000e0>Final notes:</font></h3>
535: After upgrading your source tree, you should read the comments
536: at the top of <KBD>/usr/src/Makefile</KBD> before attemping
537: a build. Also, you should build a new kernel <strong>before</strong>
538: doing a <KBD>make build</KBD> if possible. In some cases it make be
539: necessary to rebuild and install the <KBD>config</KBD> utility before
540: you can build the kernel. If <KBD>config GENERIC</KBD> fails this
541: is probably the case.
542: <p>
543: It is important to note that upgrading from a release to the current tree
544: by rebuilding the sources can be rather difficult due to dependencies
545: that are often not obvious. Therefore, it is suggested that you first
546: install the latest snapshot before attemping a tree build from source.
1.1 deraadt 547:
548: <hr>
1.58 pauls 549: <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
1.1 deraadt 550: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
1.93 ! deraadt 551: <br><small>$OpenBSD: anoncvs.html,v 1.92 1999/09/17 17:44:53 jason Exp $</small>
1.1 deraadt 552:
553: </body>
554: </html>