OX maintains a series of web pages describing its activities. You may wish to help host them. All that is required is some disk space, and the ability to get a directory added at the top of your web server. No virtual hosting, CGIs, etc.. are required. You will have to install two pieces of software, but you may find them both useful for other work.
The same two pieces of software can give you access to edit the repository. We'll describe the software later, since some people will already have things installed. Here is how to configure things
#!/bin/sh ssh -x -a -l id $@
This tells ssh not to forward X11, not to forward the authentication agent connection, and to login with your OX id instead of your unix user id. The OX id will have to be assigned to you.
Once you have checked out the CVS repository, a simple CRON can run a script such as the following:
#!/bin/tcsh umask 002 setenv CVS_RSH /home/fox/myssh setenv CVSROOT cvs.ox.ottawa.on.ca:/ox/master echo "Update OX Web Pages" cd /home/fox/data cvs update -d
In the above, the repository had been checked out using:
Change the above /home/fox/data to the location of the repository on your own system.cvs -d cvs.ox.ottawa.on.ca:/ox/master checkout -d /home/fox/data docs/ox
When this is done by whomever you are dealing with (currently mcr) they will create an account with the appropriate permissions on their machine and fill in SSH's authorized_keys file.
There aren't really any special things you need to do to SSH. In particular, you need not install the server component, so you don't need root. You may want to consider whether or not you want to use your SSH identity or a new fictional identity. In any case, the admin of the site that you are connecting to will need a copy of your identity.pub file. It would be best if you sent the public key in a PGP signed message.
The choice of identity to use depends on what you plan on doing
If your activities are restricted to having a copy of the OX community web pages online, then we suggest that you create an unpriveledged userid with an unprotected identity file (no passphrase). Use this identity only for this use. This allows you to run the update script in a cron job.
You will need SSH 1.2.20 or newer. If you already have SSH 1.2.17, then you can use that for this project, but it is recommended that you move to SSH 1.2.20 for general use.
SSH is a replacement for RSH, only it uses encrypts the data stream and uses public/private (RSA) keys for authentication. The OX web page repository is only reachable with SSH due to security considerations. You are unlikely to find the encryption CPU intensive. If you notice a long delay in startup, it is because the RSA private key operations take several seconds on slower equipment. MCR uses 20Mhz Sun3 equipment on his desktop, so you have his sympathy.
SSH is sold commercially by DataFellows of Espoo,Finland. However, there is a Unix version which is usable free of charge to non-profit organizations. OX qualifies as a non-profit for this purpose. There is a registration form which DataFellows would appreciate you filling out. There is also a local (to IStar customers) mirror site at Achilles Networking.
There are also Linux RPMs available for SSH. Most of them seem old. I suggest building it yourself.
CVS stands for Concurrent Revision System. It is a source code revision system. It is like RCS (Revision Control System) and SCCS (Source Code Control System), but manages entire hierarchies of files. It was first put together by Brian Berliner in 1989, and now has an extensive following, including at least one commercial version of it.
CVS is available under GNU Public License (GPL). You can get it from any of the GNU archives. Two suggestions are:
The complete list of official GNU sites is at http://www.fsf.org/order/ftp.htmlThere are Linux RPM's available for CVS in many places, including ftp://ftp.redhat.com/pub/contrib/i386/cvs-1.9-2.i386.rpm
You need at least CVS version 1.8.1 to have the remove capability. The server runs 1.8.1, but will be upgraded to the 1.9 series as soon as certain projects at Sandelman Software Works are over.
% zcat cvs-1.9.2.tar.gz | tar xvf -The SSH at Sandelman Software Works is built with:
% zcat ssh-1.2.20.tar.gz. | tar xvf -
% cd cvs-1.9.2; ./configure; make; make install
% cd ssh-1.2.20; ./configure; make; make install
./configure --with-libwrap --without-rsaref --without-rsh --prefix=/sandel --with-idea --with-arcfour --with-blowfish --disable-suid-ssh
IDEA encryption is included because certain public keys are encrypted with IDEA already and there isn't an easy way to change this. Arcfour is very weak, but is fast (for backups) and BlowFish is both strong and somewhat fast, but is not well analysed.
<VirtualHost www.ox.org>
ServerName www.ox.org
RewriteEngine on
# If it does not start /ox, then add a prefix, and REFER
RewriteCond %{REQUEST_URI} !^/ox
RewriteRule ^(.*)$ /ox$1 [R,L]
ServerAlias www.ox.org www.ox.ottawa.on.ca
ErrorLog /var/log/httpd/ox-error_log
TransferLog /var/log/httpd/ox-access_log
</VirtualHost>