<div id="Password-authentication-client"></div>
<div class="header">
<p>
Next: [[cvs: Security considerations with password authentication#Security considerations with password authentication|Password authentication security]], Previous: [[cvs: Setting up the server for password authentication#Setting up the server for password authentication|Password authentication server]], Up: [[cvs: Direct connection with password authentication#Direct connection with password authentication|Password authenticated]] &nbsp; |[[cvs: Index#SEC_Contents|Contents]]||[[cvs: Index#Index|Index]]|</p>
</div>

----

<div id="Using-the-client-with-password-authentication"></div>
===== Using the client with password authentication =====
<div id="index-Login-_0028subcommand_0029"></div>
<div id="index-Password-client_002c-using"></div>
<div id="index-Authenticated-client_002c-using"></div>
<div id="index-_003apserver_003a_002c-setting-up"></div>
To run a <small>CVS</small> command on a remote repository via
the password-authenticating server, one specifies the
<code>pserver</code> protocol, optional username, repository host, an
optional port number, and path to the repository.  For example:

<div class="example" style="margin-left: 3.2em">
 cvs -d :pserver:faun.example.org:/usr/local/cvsroot checkout someproj
</div>

or

<div class="example" style="margin-left: 3.2em">
 CVSROOT=:pserver:bach@faun.example.org:2401/usr/local/cvsroot
 cvs checkout someproj
</div>

However, unless you&rsquo;re connecting to a public-access
repository (i.e., one where that username doesn&rsquo;t
require a password), you&rsquo;ll need to supply a password or <em>log in</em> first.
Logging in verifies your password with the repository and stores it in a file.
It&rsquo;s done with the <code>login</code> command, which will
prompt you interactively for the password if you didn&rsquo;t supply one as part of
<var>$CVSROOT</var>:

<div class="example" style="margin-left: 3.2em">
 cvs -d :pserver:bach@faun.example.org:/usr/local/cvsroot login
 CVS password:
</div>

or

<div class="example" style="margin-left: 3.2em">
 cvs -d :pserver:bach:p4ss30rd@faun.example.org:/usr/local/cvsroot login
</div>

After you enter the password, <small>CVS</small> verifies it with
the server.  If the verification succeeds, then that
combination of username, host, repository, and password
is permanently recorded, so future transactions with
that repository won&rsquo;t require you to run <code>cvs
login</code>.  (If verification fails, <small>CVS</small> will exit
complaining that the password was incorrect, and
nothing will be recorded.)

The records are stored, by default, in the file
&lsquo;<tt>$HOME/.cvspass</tt>&rsquo;.  That file&rsquo;s format is
human-readable, and to a degree human-editable, but
note that the passwords are not stored in
cleartext&mdash;they are trivially encoded to protect them
from &quot;innocent&quot; compromise (i.e., inadvertent viewing
by a system administrator or other non-malicious
person).

<div id="index-CVS_005fPASSFILE_002c-environment-variable"></div>
You can change the default location of this file by
setting the <code>CVS_PASSFILE</code> environment variable.
If you use this variable, make sure you set it
''before'' <code>cvs login</code> is run.  If you were to
set it after running <code>cvs login</code>, then later
<small>CVS</small> commands would be unable to look up the
password for transmission to the server.
  
Once you have logged in, all <small>CVS</small> commands using
that remote repository and username will authenticate
with the stored password.  So, for example
  
<div class="example" style="margin-left: 3.2em">
 cvs -d :pserver:bach@faun.example.org:/usr/local/cvsroot checkout foo
</div>

should just work (unless the password changes on the
server side, in which case you&rsquo;ll have to re-run
<code>cvs login</code>).

Note that if the &lsquo;<code>:pserver:</code>&rsquo; were not present in
the repository specification, <small>CVS</small> would assume it
should use <code>rsh</code> to connect with the server
instead (see [[cvs: Connecting with rsh#Connecting with rsh|Connecting via rsh]]).

Of course, once you have a working copy checked out and
are running <small>CVS</small> commands from within it, there is
no longer any need to specify the repository
explicitly, because <small>CVS</small> can deduce the repository
from the working copy&rsquo;s &lsquo;<tt>CVS</tt>&rsquo; subdirectory.

<div id="index-Logout-_0028subcommand_0029"></div>
The password for a given remote repository can be
removed from the <code>CVS_PASSFILE</code> by using the
<code>cvs logout</code> command.


----

<div class="header">
<p>
Next: [[cvs: Security considerations with password authentication#Security considerations with password authentication|Password authentication security]], Previous: [[cvs: Setting up the server for password authentication#Setting up the server for password authentication|Password authentication server]], Up: [[cvs: Direct connection with password authentication#Direct connection with password authentication|Password authenticated]] &nbsp; |[[cvs: Index#SEC_Contents|Contents]]||[[cvs: Index#Index|Index]]|</p>
</div>
This document was generated on <i>a sunny day</i> using [http://www.nongnu.org/texi2html/ <i>texi2html</i>].
