[seek-dev] CVS system changes
jones at nceas.ucsb.edu
Mon Apr 3 17:56:07 PDT 2006
You've probably noticed that the CVS server on cvs.ecoinformatics.org
has been down for several days due to a security incident. If not, then
this message might not be of interest to you. If so, read on...
The CVS server was used by Kepler, SEEK, EML, Metacat, Morpho, VegBank,
WOW and other open source development projects. It is now back online.
We have replaced the old CVS server with a new one at the same address.
Because the old server was compromised and many account passwords were
captured, we have had to reset everyone's password and be more
restrictive about our access. As a result, none of the previous account
passwords will work on the new machine (and all public keys were removed
so automatic login will not work either). To regain your cvs account
password, do the following:
1) Go to https://ldap.ecoinformatics.org
1a) Reset your password using the web form and your account username
1b) Find the email sent to you with the new password and return to
1c) Change your password to a NEW password you like -- do not use
your previous password as it was likely compromised by our
2) From one of your cvs checkouts, try 'cvs update' to see if it works
for you with the new password. If it doesn't work for you, send a note
to 'pmc at ecoinformatics.org' describing the problem and we will help work
Thanks for your understanding during this difficult recovery. We have a
lot of web sites to recover and systems to bring back online -- if you
see anything out of order please report it to 'pmc at ecoinformatics.org'
and we'll get it resolved.
P.S. The new account is a restricted shell, so you can't ssh to it --
the only commands you are allowed to run are cvs and scp and sftp.
P.P.S We haven't tested whether public key access to these new accounts
works well or not, but have one report that it works. If you want to
set up public key access, generate a new key for yourself using your
client ssh tools, create an authorized_hosts file with the public key in
it, and then sftp to cvs.ecoinformatics.org and put your authorized_keys
file into the .ssh directory on cvs.ecoinformatics.org (you might need
to create the directory first before the 'put' command).
Matt Jones Ph: 907-789-0496
jones at nceas.ucsb.edu SIP #: 1-747-626-7082
National Center for Ecological Analysis and Synthesis (NCEAS)
UC Santa Barbara http://www.nceas.ucsb.edu/ecoinformatics
More information about the Seek-dev