Re: Authentication

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2005-06-03 15:19:40 CEST

On Jun 2, 2005, at 11:03 PM, William Ferguson wrote:
>
> Do all instances of svnserver require a password-db to have been
> configured?
> What about a tunnelling call to svnserve via "svnserver -t"?

'svnserve' either has a username, or it doesn't.

The username can come from two different places:

* by sending a CRAM-MD5 challenge, which forces the client to
retrieve a simple credential structure of {username, password}, which
is compared against the private svnserve userdatabase, or

* if the -t switch used ('svnserve -t'):

- svnserve assumes it running UID is already an authenticated
username

- 'svnserve -t --tunnel-user=foo' makes svnserve assumes that
'foo' is the username.

The -t stuff is used by svn+ssh://. When the client access an svn
+ssh:// URL, it's effectively running a private svnserve as a
temporary remote process: 'ssh remotehost svnserve -t'. The --
tunnel-user stuff can be configured for times when SSH users share
the same account via .ssh/authorized_keys (see the book about that.)

So 'svnserve -t --tunnel-user=foo' might be the way to go, assuming
that you start/stop svnserve with every new invocation.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jun 3 15:30:24 2005

This message: [ Message body ]
Next message: Jeff Lanzarotta: "Re: Problem compiling 1.2 under Mandriva Linux"
Previous message: Cagatay Catal: "Apache &SVN Server installation error"
In reply to: William Ferguson: "RE: Authentication"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]