Add new comment | League of Professional System Administrators

LOPSA Training at OLFU

REGISTER TODAY!

Navigation

LOPSA Social Media

Events

Recent Updates

Mentors Available - 2d
Completed Projects - 2d
Sample Projects - 2d
Conference report: Configuration Management Summit 2010 - 8d
OLFu Press Release - 12d

Upcoming events

LOPSA-NJ - iSCSI SANs Don't Have To Suck and Data Structures from the Future (6 hours)
LINUX USERS LINING UP FOR PRO SYSADMIN TRAINING AT OHIO LINUX FEST (8 days)

Notes on accessing SVN over SSH

Submitted by Aleksey Tsalolikhin on Fri, 2008-09-26 12:32.Unix


Here are my notes how I set up SVN over SSH to an SVN server that had been set up to run SVN as a single user, "svn".

So, we have multiple users on the remote side, all logging in as "svn" on the SVN server side.
Authentication is done via a dedicated key-pair, with special options to make SVN+SSH work.

See http://svn.collab.net/repos/svn/trunk/notes/ssh-tricks for more details.

These are just my notes, the above link is authoritative.


Procedure:

1. Generate a dedicated key pair

	[SVN Client]$ ssh-keygen -f ~/.ssh/svnssh
	Generating public/private rsa key pair.
	Created directory '/home/tsalolia/.ssh'.
	Enter passphrase (empty for no passphrase):
	Enter same passphrase again:
	Your identification has been saved in /home/tsalolia/.ssh/svnssh.
	Your public key has been saved in /home/tsalolia/.ssh/svnssh.pub.
	The key fingerprint is:
	...
	[SVN Client]$ 



2.  Set your SVN_SSH env var to use the private key from above.   For example:

	SVN_SSH="ssh -i /home/tsalolia/.ssh/svnssh"

Add this to your .bashrc

3. Add the public key from above into "svn" user's .ssh/authorized_keys2 file on the SVN server.

The key has to be suffixed with a command specifying snvserve, its tunnel option, SVN repo root, and tunnel user.   Example:


	[SVN Server]$ cat ~svn/.ssh/authorized_keys2
	command="/usr/bin/svnserve -t -r /svn/repos --tunnel-user=tsalolia" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxX9+oN0yiTCy7bJWxeQtamlEvMW/NZC7U2MGA7OLC+rrziWy0Wlvmj6HizoSMdGk2CPFKoM50xh8+1I5YK1dCBYttWlu9vH7qVuT6WWaQqnnRXPq1t9CSJw/zg8kz+5fv1wlvR+6Qmn2YLoDhw2LVcDsffptDVghrNBnN2hOhwmPXI8op7UxQfv3EWuNEl4niE4osp8hdhgOCkfRq/cX4GgqPF7tR5Q9r8FMpPr4fsvh7rztPFeQrf27a/W8gPZvjFU41zhfFyY+kXvWrL8g6sRoiHRzpyIUyMQlIiLeNchRZfYu9f7y7WiI845HAnN6njrSS4OJkVmIt2wW7R37Ew== tsalolia@xxx
	[SVN Server]$



4. connect using svn user on the SVN server.  Example:

	svn checkout svn+ssh://svn@10.10.10.10/trunk alekseytest

SVN will ask you for your SSH password each time it connects to the SVN server.


4b. If that  bugs you, you can use ssh-agent to cache the password:

For example, run "ssh-agent /bin/bash"

Then run "ssh-add" to have it cache your password

Then svn checkout over SSH will not ask you for password.

That cache will last until you exit your "/bin/bash" process.

Trackback URL for this post:

http://lopsa.org/trackback/1671

Read the rest of this entry...

Aleksey Tsalolikhin's blog | add new comment | 3481 reads

Reply

Subject:

Comment:*

Input format:

Filtered HTML

Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <hr> <dl> <dt> <dd> <h2> <h3> <h4> <pre> <i> <table> <tr> <th> <td> <img> <div> <p> <br> <blockquote> <font>
Lines and paragraphs break automatically.
Images can be added to this post.
Easily link to terms in various wikis or other websites by typing [prefix:term]. Use the "|" character to create a "piped link," e.g., "[w:public transport|public transportation]" displays as "public transportation." For a full list of available prefixes and the websites to which they point, see interwiki.
You may use [inline:xx] tags to display uploaded files or images inline.
Web and e-mail addresses are automatically converted into links.

Plain text

Web and e-mail addresses are automatically converted into links.
Lines and paragraphs break automatically.
You may use [inline:xx] tags to display uploaded files or images inline.

Wiki Text

Images can be added to this post.
You may use [inline:xx] tags to display uploaded files or images inline.
Easily link to terms in various wikis or other websites by typing [[prefix:term]]. Use the "|" character to create a "piped link," e.g., "[[w:public transport|public transportation]]" displays as "public transportation." For a full list of available prefixes and the websites to which they point, see interwiki.
WikiText is converted to HTML (supported WikiText formatting will show in the long tip format).

More information about formatting options

Verify comment authorship

Captcha Image: you will need to recognize the text in it.

Word:*

Please type in the letters/numbers that are shown in the image above.