Re: Subversion authentication security issue (svnserve, MITM)
Stefan Sperling wrote on Fri, Jan 16, 2015 at 11:03:17 +0100:
> On Fri, Jan 16, 2015 at 10:35:46AM +0300, Navrotskiy Artem wrote:
> > Configuration svnserver + ssh even in local network adds more overhead to establish the connection (I have 0.3 seconds per connection). Console svn client reconnects too often (eg, svn status -u A.txt B.txt C.txt produces 6 serial connections).
> You can improve performance by making use of SSH connection pooling.
> See the ssh_config(1) man page:
> Enables the sharing of multiple sessions over a single network
> connection. When set to yes, ssh(1) will listen for
> connections on a control socket specified using the ControlPath
> argument. Additional sessions can connect to this socket using
> the same ControlPath with ControlMaster set to no (the
> default). These sessions will try to reuse the master instance's
> network connection rather than initiating new ones, but will fall
> back to connecting normally if the control socket does not exist,
> or is not listening.
1. Set ControlPath in ~/.ssh/config (one time)
2. Run 'ssh -MNf host' to establish the SSH connection (once per boot)
3. Every svn+ssh operation to that host will then reuse the existing SSH connection.
Received on 2015-01-18 04:48:13 CET
This is an archived mail posted to the Subversion Dev