[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SSH docs and SASL

From: Stefan Küng <tortoisesvn_at_gmail.com>
Date: Fri, 28 Mar 2008 07:56:01 +0100

Simon Large wrote:
> Hi folks,
> I have been doing a bit more digging on the SSH docs, in particular in
> the svn book nightly.
> The setup described in our FAQ uses a single SSH user account with a
> different key for each real user. The reason you would want to do that
> is mainly that you want to secure the traffic over the internet rather
> than use the default plaintext that svnserve uses.
> The svn book nightly now recommends using SASL for better
> authentication and encryption, and recommends using svn+ssh only if
> you already have an SSH infrastructure, with one account per user
> which you want to use. Even then it does not recommend it.
> So, I am wondering a) do we want to add the SSH instructions to our
> docs just as they are becoming less relevant and b) does anyone have
> any experience with SASL so we can provide a simple guide to setting
> up a server that way instead?
> Our Apache section only deals with setting up a Windows server, so we
> could assume the same for svnserve and SASL.

For a), I'd say we should leave the SSH instructions in the docs. After
all, most servers won't get updated that soon and if they are, it's not
guaranteed that they will then use SASL. So a section on how to set up
SSH on the client side (and on the server side) doesn't hurt.

For b), I never set up an svnserve with SASL myself. Not even sure if
that's possible on Windows. To test TSVN with SASL I asked on the
Subversion dev list for someone to set up a test server for me, which
happened within a day. Maybe you could ask on the Subversion list for
help on how to do it?


   oo  // \\      "De Chelonian Mobile"
  (_,\/ \_/ \     TortoiseSVN
    \ \_/_\_/>    The coolest Interface to (Sub)Version Control
    /_/   \_\     http://tortoisesvn.net

Received on 2008-03-28 07:56:19 CET

This is an archived mail posted to the TortoiseSVN Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.