SSH is a protocol designed to allow secure communication between hosts on the Internet. All SourceForge.net project services for developers (including file management and Git, Hg, and SVN write access) are provided using SSH.
SourceForge.net supports two SSH clients: OpenSSH and PuTTY. OpenSSH is included with Windows, Linux, FreeBSD, Mac OS X. PuTTY is only available for Microsoft Windows users.
OpenSSH provides the following tools:
PuTTY provides the following tools:
PuTTY, the SSH client, supported by SourceForge.net for Microsoft Windows users, does not include a GUI-based file transfer client. WinSCP, hosted on SourceForge.net, is an excellent file transfer tool with an easy-to-use graphical interface. WinSCP is compatible with the PuTTY tool suite.
Other SSH client suites exist but are not directly supported by SourceForge.net staff.
All SSH-based services at SourceForge.net (including file management and Git, Hg, and SVN write access) are provided solely to members of Open Source software development projects hosted on SourceForge.net.
When users are added as members to a project, they are immediately granted permission to log in to the project shell servers via SSH.
Project administrators can grant developers write access to the project repositories or the project webspace. This permission is set when the developer is added to the project team and may be changed later.
The project permissions impact host access in the following manner:
If a developer is subsequently removed from a project by the project administrator, they will not lose their access to the project shell server, but they will be removed from the project group. This access persists to permit file retrieval.
Host Keys: As a further security improvement to authenticating a host via SSH, hosts will also authenticate themselves to your client. This authentication is done via host keys. SourceForge.net maintains a listing of fingerprints for all SSH-accessible hosts.
All SourceForge.net hosts will be accessed using the same username as your account on the SourceForge.net site (as specified during account registration). User accounts are provided on a per-user basis to developers, not per project; there are no user accounts for projects.
SSH authentication to SourceForge.net hosts is done using shared keys. Before you can access SSH-based services at SourceForge.net, you must generate and post SSH keys for your account. Detailed instructions are provided regarding SSH key generation. You must follow the provided instructions for generating and posting your SSH key as shared key support at SourceForge.net may differ from other implementations.
SSH-based file transfer tools are used to transmit project web content to the project shell servers. The tools available on most OS platforms support multiple file transfer methods. It would be best if you determined which tool is most appropriate for the file transfers you need to perform:
For documentation on those, please see these pages which contain settings and details:
Host sessions and SSH protocol version: The PuTTY suite allows you to create session profiles associated with hosts. This will enable you to easily manage the SSH settings used to access various hosts. This feature is equivalent to the settings in the /etc/ssh/ssh_config file used by OpenSSH. The protocol version set in the profile should match the protocol version of the SSH keys you are using to access that host.
Updates: As with any security-oriented software, it is important that you install updates provided by your software vendor. Most OpenSSH-supported platforms use automated updates to ensure security fixes are applied regularly. Since PuTTY is a third-party application, you should periodically check the PuTTY website for new updates to the application.
The following issues are common SSH-related problems; the provided troubleshooting instructions should be followed before reporting these types of issues to SourceForge.net staff.
For all issue types, you should review the verbose output of your SSH client to see if there are any leads to help you resolve the problem. Verbose output may be enabled using command-line options. The verbose output may be enabled for OpenSSH users using the -v
option, i.e., ssh -v USERNAME@HOSTNAME
. Verbose output may also be enabled using the -v
option to the PLINK.EXE
tool from PuTTY.
Connection problems can be caused by network outages, host outages, or firewall restrictions.
Authentication issues occur due to key issues and improper hostname and username specifications.
SSH host key mismatches are serious and may be caused either by a security compromise or by the misconfiguration of your SSH client.
The following steps should be followed when authentication issues are encountered:
Are you a developer on a project? You can check that on the my SourceForge.net page. If no projects are listed under the My Projects heading, you are not eligible for access to these services.
Verify that the correct hostname is being used. A common error is to misspell the SourceForge.net domain name or to include your project's UNIX name in the hostname.
Verify that your username is specified correctly. Your username will be the same as the username used on the SourceForge.net site. Usernames are not issued for projects, only for individual developers.
SSH key agent must be loaded with your key. Your SSH key must be loaded into the SSH agent if it is not otherwise being loaded (OpenSSH will automatically load keys from specific files within your home directory).
If the provided tips do not resolve your authentication issue, don't hesitate to contact SourceForge.net staff by submitting a Support Request.
As a further security improvement to authenticating to a host via SSH, hosts will also authenticate themselves to your client. When you first connect to a host using SSH, your SSH client will ask you whether or not you want to accept the SSH key provided by the host.
At this time, you check the host key against the SSH host key listing published by SourceForge.net to make sure they match and that you are connecting to the correct host.
When you accept the host key, a copy of that key is stored on the disk for comparison during future connections to that host. If the key is found not to match in the future when connecting to the host, you will see a WARNING message that indicates a security issue.
Documentation: File Management
Documentation: SCP
Documentation: SFTP
Documentation: SSH Key Fingerprints
Documentation: SSH Keys
Documentation: rsync
Feature Requests: #356