CVS---Concurrent Versions System. Node: Password authentication client

PREVPassword authentication server UPPassword authenticated NEXTPassword authentication security

2.9.3.2: Using the client with password authentication

Before connecting to the server, the client must log in with the command cvs login. Logging in verifies a password with the server, and also records the password for later transactions with the server. The cvs login command needs to know the username, server hostname, and full repository path, and it gets this information from the repository argument or the CVSROOT environment variable.

cvs login is interactive --- it prompts for a password:

cvs -d :pserver:bach@chainsaw.yard.com:/usr/local/cvsroot login
CVS password:

The password is checked with the server; if it is correct, the login succeeds, else it fails, complaining that the password was incorrect.

Once you have logged in, you can force CVS to connect directly to the server and authenticate with the stored password:

cvs -d :pserver:bach@chainsaw.yard.com:/usr/local/cvsroot checkout foo

The `:pserver:' is necessary because without it, CVS will assume it should use rsh to connect with the server (see Connecting via rsh). (Once you have a working copy checked out and are running CVS commands from within it, there is no longer any need to specify the repository explicitly, because CVS records it in the working copy's `CVS' subdirectory.)

Passwords are stored by default in the file `$HOME/.cvspass'. Its format is human-readable, but don't edit it unless you know what you are doing. The passwords are not stored in cleartext, but are trivially encoded to protect them from "innocent" compromise (i.e., inadvertently being seen by a system administrator who happens to look at that file).

The password for the currently choosen remote repository can be removed from the CVS_PASSFILE by using the cvs logout command.

The CVS_PASSFILE environment variable overrides this default. If you use this variable, make sure you set it before cvs login is run. If you were to set it after running cvs login, then later CVS commands would be unable to look up the password for transmission to the server.

PREVPassword authentication server UPPassword authenticated NEXTPassword authentication security