So I get volunteered to keep an eye on some code and having spent a good deal of time going in circles of varying sizes, it appears that the docs for setting up eclipse (which I was told to follow) tell you to create a key for sourceforge and to add it via your sourceforge account which is a fool's errand.
[rant deleted]
and the fool has now added an appropriate comment to the documentation...
Thanks Marc. I further fixed the URL there to http://moodle.org/cvs
The main docs on CVS access are here: http://docs.moodle.org/en/CVS_for_Developers
The main docs on CVS access are here: http://docs.moodle.org/en/CVS_for_Developers
Thanks for refining my language ;=}
I think there should be a documentation page specifically addressing ssh in the moodle docs which would include:
and...
a link to that doc from http://docs.moodle.org/en/CVS_for_Developers as well perhaps as some disambiguity language with respect to tools... For example, inhaving been directed to the eclipse page (i.e. bypassing the tortoisecvs discussion) what am I to make of all this. In other words, if use of various clients to manage cvs will be addressed, shouldn't those methods be given similar treatment as far as the documentation so that the docs indicate what must be done versus what may be done. That would argue a section on authentication, which perhaps would reference a page on ssh and a page on not using ssh, a section on using cvs, which perhaps would reference tortoisecvs, etc. (there are *nix CVS gui clients for real operating systems.....)
I am looking at this page as providing an introduction to someone new and would urge that some clueless guinea pig should be sacrificed from time to time to see how effective the info is for the clueless.... otherwise you end up with a situation akin to putting braille room numbers where the blind can't or won't find them....
Am I way off base here?
I think there should be a documentation page specifically addressing ssh in the moodle docs which would include:
- Any limitations as to the format of public key
- Details of the location for providing public key
- A reminder of the obvious; this is copy and paste, not upload
- A caution about where the private key is located and a pointer perhaps to other pages (such as the eclipse page) as far as whether the refernced page provides details as to how the private key is employed
- A list of gotchas that users can post as to exceptions, issues, etc.
and...
a link to that doc from http://docs.moodle.org/en/CVS_for_Developers as well perhaps as some disambiguity language with respect to tools... For example, inhaving been directed to the eclipse page (i.e. bypassing the tortoisecvs discussion) what am I to make of all this. In other words, if use of various clients to manage cvs will be addressed, shouldn't those methods be given similar treatment as far as the documentation so that the docs indicate what must be done versus what may be done. That would argue a section on authentication, which perhaps would reference a page on ssh and a page on not using ssh, a section on using cvs, which perhaps would reference tortoisecvs, etc. (there are *nix CVS gui clients for real operating systems.....)
I am looking at this page as providing an introduction to someone new and would urge that some clueless guinea pig should be sacrificed from time to time to see how effective the info is for the clueless.... otherwise you end up with a situation akin to putting braille room numbers where the blind can't or won't find them....
Am I way off base here?
Marc - Your experience (or lack there of) is actually very valuable since you do not take things for granted or make the same assumptions that those with more experience might make. If you could put together a draft in docs as you described (even leaving areas that you are not sure of as questions in the draft document), I would be happy to go in fill in some details. I am sure that working together we could help others to avoid some of the pitfalls that kept you from racing through the process. Peace - Anthony
Note the key is optional and just for convenience, and many developers will be used to them from other systems ... that's why it hasn't yet got much documentation probably.
But I've started this doc now: http://docs.moodle.org/en/Development:SSH_key and linked to it from a few places (such as the form where you need it) and this Moodle docs page about the whole page: http://docs.moodle.org/en/mod/cvsadmin/view .
Please add to the SSH instructions as necessary and link to it wherever else it's mentioned. Thanks for highlighting the issue!
But I've started this doc now: http://docs.moodle.org/en/Development:SSH_key and linked to it from a few places (such as the form where you need it) and this Moodle docs page about the whole page: http://docs.moodle.org/en/mod/cvsadmin/view .
Please add to the SSH instructions as necessary and link to it wherever else it's mentioned. Thanks for highlighting the issue!
Thanks,
I have come across the following additional issues. I generated an ssh-rsa key-pair, exported the public key in ssh2 format and then copied the public key into the moodle location. As would be expected it starts with: ---- BEGIN SSH2 PUBLIC KEY ----
I fumbled about a bit with eclipse and imported my key pair using eclipse into a location I specified in eclipse, which produced an id_rsa.pub and an id_rsa. Based upon the source it produced a public key that does not have the delimiters before and after and begins: ssh-rsa. The difference I believe is the difference between standard ssh2 format and openssh format (believe the one I pasted into the moodle page is in ssh2 format, the format I think a moodle doc somewhere calls for, while the other format is openssh format, the format expected by sourceforge.
I am sure this is all manageable, but the question is what will the moodle cvs accept, and if it will accept the credential I generated (and I am unfortunately limited to a windows box at the moment) then the docs need to address this so that no one freaks because their key doesn't look like the one in the example.
I also noted that the eclipse ssh set-up is not quite intuitive, especially on the windows platform. I actually imported the keys into eclipse, though there are other options that perhaps are more appropriate, but then ran afoul of the method eclipse uses to interface with ssh. I tried a number of ext variations with my client but could not make the connection seamless no matter what I did as there were apparent inconsistencies with the way the ssh client and eclipse tried to connect and no apparent way to supply the passphrase.
So that folks understand what this means as far as start-up time, I now have some 6 hours minimum invested in this (which I hope will eventually be of benefit to future users)
I have come across the following additional issues. I generated an ssh-rsa key-pair, exported the public key in ssh2 format and then copied the public key into the moodle location. As would be expected it starts with: ---- BEGIN SSH2 PUBLIC KEY ----
I fumbled about a bit with eclipse and imported my key pair using eclipse into a location I specified in eclipse, which produced an id_rsa.pub and an id_rsa. Based upon the source it produced a public key that does not have the delimiters before and after and begins: ssh-rsa. The difference I believe is the difference between standard ssh2 format and openssh format (believe the one I pasted into the moodle page is in ssh2 format, the format I think a moodle doc somewhere calls for, while the other format is openssh format, the format expected by sourceforge.
I am sure this is all manageable, but the question is what will the moodle cvs accept, and if it will accept the credential I generated (and I am unfortunately limited to a windows box at the moment) then the docs need to address this so that no one freaks because their key doesn't look like the one in the example.
I also noted that the eclipse ssh set-up is not quite intuitive, especially on the windows platform. I actually imported the keys into eclipse, though there are other options that perhaps are more appropriate, but then ran afoul of the method eclipse uses to interface with ssh. I tried a number of ext variations with my client but could not make the connection seamless no matter what I did as there were apparent inconsistencies with the way the ssh client and eclipse tried to connect and no apparent way to supply the passphrase.
So that folks understand what this means as far as start-up time, I now have some 6 hours minimum invested in this (which I hope will eventually be of benefit to future users)
Our CVS server uses openssh, but I don't think it matters. Any keys that SSH2 accepts such as RSA keys should work just as well.
As for Eclipse, I have no idea as I never use it.
As for Eclipse, I have no idea as I never use it.
Lost the initial draft of this post so recreated it:
This is what I have discovered thus far..... and what I would place in the ssh docs if there is no suggestion for changes.... (btw, tried to use some formatting via htmlarea to make this a bit more readable and when the changes were saved, they disappeard....)
-----------------------------
Moodle.org employs an OpenSSH server to accomodate use of ssh2 authentication.
Openssh acknowledges the standard ssh2 file format (see
http://www.openssh.org/txt/draft-ietf-secsh-publickeyfile-02.txt)
and that standard ssh2 format looks like this:
though it is possible that in pasting such an key into the window provided for this in the moodle it may appear to take up more than one line.
Note that this key does not start with ssh-dss, but with ssh-rsa. See the PuTTY documentation on this point at:
http://the.earth.li/~sgtatham/putty/0.55/htmldoc/Chapter8.html#S8.2.10
The same reference also contains the following:
Public keys in openssh format using dsa will look like this:
This is what I have discovered thus far..... and what I would place in the ssh docs if there is no suggestion for changes.... (btw, tried to use some formatting via htmlarea to make this a bit more readable and when the changes were saved, they disappeard....)
-----------------------------
Moodle.org employs an OpenSSH server to accomodate use of ssh2 authentication.
Openssh acknowledges the standard ssh2 file format (see
http://www.openssh.org/txt/draft-ietf-secsh-publickeyfile-02.txt)
and that standard ssh2 format looks like this:
---- BEGIN SSH2 PUBLIC KEY ----However, this will NOT work with the moodle server. The moodle server will require the ssh2 public key to be in OpenSSH format, which is intended to be a single line and will look like this:
Comment: "1024-bit DSA, converted from OpenSSH by jtbell@Jon-Bells-Computer.local."
AAAAB3NzaC1kc3MAAACBAPNgmidbM2rhYjUXunpnlXjHWfV+vc8/5YKrn8Y5P0Y6KwmG2G
GMgNBon3LX3iJlBhtuU3FCBj3G1Kdt5vUhQHhUmHVrOasi47vawTrv7ZJCfiaSGwRsiBHt
Jta5CAp7t0EnzX2q6BvPbFBBHNLyy6uNVpL2jOR06Pkx/vaqyScvAAAAFQDHvwmjWYwK9g
K6Sp+pSvI7bwEUtwAAAIANMJDotMpfj89N+7+FJylSS+uFEQSS61PxENl/Mcj1jUREjJg2
eNsJdAB9Ev99hWYS+7lFRtTJ2eh4Y9gpGe7BX3e2YGHOqp8cWCVCIKaMzwk9To+xnfThWq
IfHT8I6CJxp/5ez02m6F2k/5iukvOwbGms6EAZK1DTBhDOHjEQwQAAAIAlz2/qBWkaMP+s
W8FLmGKM+cCw5+asOaJGTwrFVuwJkDMvdEWxmG92A2dxuUske0d/AkN6zJp7HD0wlfesRM
3+c+Res5qun9lFcdM4i03VoV5mXd+T7laS8yku6vZgvZZFnPvr2LOUnc7XThGFwMaQpFEW
U8cvQbttO6QrT2CD2w==
---- END SSH2 PUBLIC KEY ----
ssh-rsa AAAAB3NzaC1yc2...
though it is possible that in pasting such an key into the window provided for this in the moodle it may appear to take up more than one line.
Note that this key does not start with ssh-dss, but with ssh-rsa. See the PuTTY documentation on this point at:
http://the.earth.li/~sgtatham/putty/0.55/htmldoc/Chapter8.html#S8.2.10
The same reference also contains the following:
The PuTTY developers strongly recommend you use RSA. DSA has an intrinsic weakness which makes it very easy to create a signature which contains enough information to give away the private key! This would allow an attacker to pretend to be you for any number of future sessions. PuTTY's implementation has taken very careful precautions to avoid this weakness, but we cannot be 100% certain we have managed it, and if you have the choice we strongly recommend using RSA keys instead.
Public keys in openssh format using dsa will look like this:
ssh-dss AASSBnaCks...
By the way I found some problems when running the most recent TortoiseCVS 1.10.6 on Windows Vista Enterprise, so I updated the moodle docs a little bit to reflect this. Hope this helps...