[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

help: can't use ssh-agent with svnX

From: Bill Bug <bbug_at_speakeasy.org>
Date: 2004-08-20 12:39:39 CEST

Hi All,

NB: Sorry for the duplicate post. The first was sent with the wrong
reply email address, so I'd not likely pick up on any responses set
directly to that address. List-admin - please post this one rather
than the first. Thanks.

Many thanks for all the valuable info folks have contributed to this
list - and thanks especially to the developers of Subversion. It's

Sorry to be posting an ssh question again. I've seen many such posts
here, but unfortunately not one that's solves my problem.

I'm trying to use ssh-agent in the hope I'll be able to access my
subversion repository with svnX - the very nice new GUI SVN client
written for Mac OS X

There's also a ssh-agent Mac OS X GUI application, too, called
SSH-Keychain (http://www.sshkeychain.org/) which helps to simplify use
of ssh-agent. Basically, you define ssh "tunnel"s in the SSHKeychain
preferences, and these can automatically cache your passphrase and keep
an open ssh tunnel set up for you. Each tunnel is configured with the
following info:
                human-readable name
                local port
                remote host
                remote port
                ssh host
                ssh port
                ssh username

The SSH section is automatically set to the default SSH port 22. You
just specify the host & username, and you're prompted for a password
when you try to open this tunnel.

The Tunnel section is where you set up access to your remote
application. So, for instance, to connect to a PostgreSQL database
server via JDBC on our remote host, I configure a tunnel as follows:
        name: "My PostgreSQL tunnel"
        local port: 9999
        remote host: our.remote.host
        remote port: 5432

Now, I define a JDBC URL to connect to the local port which looks like
this - jdbc:postgresql://localhost:9999/my-database. This is opposed
to connecting directly to the same database via the standard PostgreSQL
port 5432 on the remote machine with URL that looks like this -

This all works fine with SSHKeychain. I define the PostgreSQL tunnel,
open it and login to the database using the URL
jdbc:postgresql://localhost:9999/my-database. I'm simply forwarding
the traffic being directed to my local port 9999 to port 5432 on my
remote machine all within the encrypted SSH connection.

I tried using the same process for SVN, applying an analogous approach.

I defined the following SSHKeychain tunnel:
        name: "My SVN tunnel"
        local port: 9998
        remote host: our.remote.host
        remote port: 3690

Then, running svn on the command line, I issued the following command:

svn list svn://localhost:9998/path/to/svn/repository

I can tell by watching IP packets (via tcpdump or Ethereal) I am
getting data into the tunnel over to the remote machine. One encrypted
packet gets over to the remote machine, one is immediately sent back,
followed by a TCP ACK packet. That's it - end of conversation. On the
command line, I get back the error "svn: Connection closed

If, on the other hand, I issue the 'svn list' to a URL going directly
to the remote machine via the 'svn+ssh' protocol such as:

svn list svn+ssh://our.remote.host/path/to/svn/repository

I'm prompted for my password. Once entered, I get the repository list
back the way I should.

Does anyone have any thoughts on why this might be happening?

I'm hoping if I get this running, I'll also be able to use not only the
wonderful svnX GUI client, but also the svn plug-ins both for NetBeans
v3.4.x & for Apple's IDE XCode v1.5. All three of these SVN client
wrapper applications fail on me, when I try to log into the repository
via the 'svn+ssh' protocol. I'm pretty certain this has to do with
authentication based on the testing I've done which should be remedied
if I can use my SSHKeychain tunnel the way I've been able to do
successfully with PostgreSQL.

Many thanks ahead of time for any help you can offer.

Bill Bug
Bill Bug
Senior Analyst/Ontological Engineer

Laboratory for Bioimaging & Anatomical Informatics
Department of Neurobiology & Anatomy
Drexel University College of Medicine
2900 Queen Lane
Philadelphia, PA 19129
215 991 8430 (ph)

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Aug 20 16:37:13 2004

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.