You probably need to edit your sshd_config configuration file. But if you haven't already done that, you probably shouldn't be worried about password-free access.
Presumably, you've also figured out that you need to run ssh-agent
on the client so that you don't have to type in your passphrase all the time.
No? Perhaps I should just stop now.
What can you do? Wouldn't it be nice if you could give 'em access to the CVS tree and nothing else?
Well, you can.
Let's say that the CVS executable is at /bin/cvs, and that the user account is jsmith, and the home directory is /users/friends/jsmith (making the ssh directory /users/friends/jsmith/.ssh).
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command="/bin/cvs server"(There should be a space -- NOT a newline -- between the bit you're prepending and the rest of the key.)
For example, it might look like this:
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command="/bin/cvs server" ssh-dss BBBBA3NzaC1kc3MAAACBAMmQvE5z7efR6e4Ek7BmFBLvEHMh6nB6gqXs8BfZDIz3vYrZkCTmUjI86JtEW0gedSpz7ElMjLR3EMNhIkPz/qoXTkqni23LW02m2iWGkOELjfFGRUnw7J5mvlbE+uEVAAAAFQDwLAmv4h9ug5MisOu/0hp1PUdXA0a8A0VrQNNYiUDpwLd0lKBTeeiDx+LSxK7YZSKYpBH2bQAAAjtsFZIBO1VUd9YsqWoJvgOJBeinG6cQODYGM+sjdOG/h0GwTQ+ze2gxfQeU4C/PQTWQFpphmGb2VPn49mA1ol/m4G1co1wvIZ39lXb+JntC0lXVdd2r2oc3Xb7AoFDDA1Jw8xUZCcnE0+ylK54qQjSqIiFnodcf3rtk29AHP7ldLwAAIAAagI7qikztgxydS6r893w9gAf5Sim2cByxYb5UnU90XrBV+sN/8c7P9KZdxFwXte1Ido7ltfEW/U5vE0atIUQODb3YYLz9IPJvdmjsMpJNHMpRsJ0TQyrBreXmB06xyjFz2c/jT1CJR1JJqfRByWctdq5eOwC3CpkzVNAACxhLew== anyone@anywhereIt's probably best to set up a test user just for testing this.
Note: There's apparently a shell called rssh that helps with just this.
I have not tried to track it down just yet.