On Mon, Feb 03, 2003 at 09:00:00PM +0100, Garvin Hicking wrote:
Okay, then I'll go that way. It's just you wanted to see different commits for each patch, and I am working on 4-5 items at once, which doesn't make me happy when I spend another week just to get the big patch split up again. But it's gonna work somehow.
Look at it this way for later on, say we want to revert just a single feature at some point in time, one of the things you have done. If it is all in one big commit, then it is really messy to split it up later on. Code has been reverted in the past, as needed.
Additionally, when we do checkins of code, automatic emails of the checkin are sent to the phpmyadmin-cvs mailing list. I don't know about the others, but I certainly review a sizeable portion of the commit logs from that mailing list usually. Code review practices certainly help a lot in the programming world.
I then created a public key on my webserver, and uploaded it to sourceforge. I now can login to the sourceforge-shell from the webserver. But still the cvs-password prompt pops up.
I guess I don't have to forward any keys using putty because my windows- machine shouldn't be involved in those whole key-issue, right? I tried to get the ssh-agent to work, but 'ssh-add' always tells me it "Could not open a connection to your authentication agent.". Even though ssh-agent is active.
Ah, here is the first place we differ. I keep my SSH/GPG keys and other sensitive data on a 128mb USB key device. Wherever I go, I take the key with me. My PuTTY using Pagent reads the key when needed to act like ssh-agent on windows, and when I use linux, ssh-add reads the key from there as well. Those are the ONLY (well besides a backup in a safe) copies of my private keys around. I don't want what happened to Apache to happen to me as well (compromised via a stolen key with a weak passphrase).
How are you running ssh-agent on linux? I recommend "eval `ssh-agent`", those backticks are important, as they set up your shell variables to point to the agent. ssh-add uses them to put your key in place. If you capture the output of ssh-agent instead, it is also possible to have multiple shells on the same machine connected to the same ssh-agent instance.
One other thing with ssh-agent, I noticed it has a nasty tendancy to continue running at times after you log out. So throw together something to keep track of the PID and kill it on logout.