[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: security issues

From: Chris Jensen <cjensen_at_edex.com.au>
Date: 2005-04-11 02:27:31 CEST

> Since I am still trying to understand how things work is there a way
> to use ssh and still rely on apache/webdav?

If you absolutely want to use SSH you could tunnel Port 80 over your SSH

> Or is there a better way to setup.

What exactly are your security concerns?

If you want to minimise public facing services, then tunneling through
SSH would help you do that.

If you just want to keep your subversion traffic encrypted you can setup
Apache to use SSL. (that's assuming that the Apache virtual host that
Subversion is on has it's own IP address)

If you want to limit the privileges you give users, then Apache + SSL is
a good way to go again, as you won't have to give your users logins to
the server in order to access Subversion.
(Of course, if they already have logins, then you can use
mod_auth_external to authenticate Apache users against PAM.)

We've been using this for a bit over a year at work, but it is only
internal facing.


Chris Jensen cjensen@edex.com.au
Educational Experience (Australia)
Postal Address: PO Box 860, Newcastle NSW 2300
Freecall:       1-800-025 270      International: +61-2-4923 8222
Fax:            (02) 4942 1991     International: +61-2-4942 1991
Visit our online Toy store! http://www.toysandmore.com.au/

Received on Mon Apr 11 02:29:47 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.