[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: user auth with svn+ssh access on shared hosting inadequate

From: Andrew Thompson <subversionuser_at_aktzero.com>
Date: 2005-04-29 14:45:22 CEST

Travis Cline wrote:
> My personal hosting only allows a single shell account which is
> troublesome when I would like multiple developers contributing to a
> repository.
> My current solution is such:
> Genereate private/public key pairs using ssh-keygen
> Modify .ssh/authorized_keys, adding for each developer needed,
> command="~/svn/bin/svnserve -t -r ~/svn/repos/
> --tunnel-user=author_name" (that user's associated public key)
> Though this works it's bothersome if users are to be added.

You need a shell script. ;)

> The ideal situation for me would be to have a switch enabling the
> daemon-style auth (password-db) when tunneling.

The only thing is, if you are not specifying the tunnel-user flag, how
would we get the username in?

> Is my situation rare enough that such a request isn't valid?

I would also like to be able to use the permissions defined in the svn
database to limit/grant access.

> It is two layers of auth but I think most people restricted to a
> single shell account would happily use it.
> Criticism? (other than telling me to get a better host =)

Most cookie cutter hosts are going to have a similar setup. (Trust me,
I'm one of them.)

Andrew Thompson
Interested in a hosted SVN repository? Email me, let's talk...
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Apr 29 14:51:03 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.