[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Wrong username for commits

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2004-12-05 17:26:36 CET

On Dec 5, 2004, at 10:09 AM, Gili wrote:

> Well, the only reason I am even running Subversion this way is
> because there doesn't seem to be a better way to run it through a SSH
> tunnel. Ideally I want a single Subversion server running in daemon
> mode and authenticating all operations like you mentioned and have the
> SSH client connect to the Subversion server using normal client
> operations. Right now we are having the SSH client spawn a Subversion
> server per connection which is far from ideal (for performance and
> security reasons).
> Isn't there a way for us to do this?
> 1) SSH server and Subversion server running in deamon mode
> 2) User connects to the server using SSH client
> 3) User invokes svn client operations on the remote connection

Sure there is. Start 'svnserve -d' on a server behind some firewall,
then have all your users set up ssh-encrypted 'tunnels' through the
firewall, to port 3690 on your server. This ssh tunnelling technique
works for essentially every server-process in the universe; it's not
an svn-specific solution at all. It's described in this FAQ:


of course, the annoyance with this is (1) teaching your users to set up
tunnels with 'ssh -L', (2) being prompted for BOTH ssh and svnserve

I have to ask: is it critical that all data passing over the link be
encrypted? If not, your life would be a heck of a lot simpler just
using 'svnserve -d' and the built-in authentication it supports. Leave
ssh out completely.

Or, if it's critical that the link be encrypted, use apache/SSL as your

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Dec 5 17:29:41 2004

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.