Sahadeo Raskonda wrote:
> Dear Folks,
>
>
>
> Can anyone please help me on this ??
>
>
>
> I have installed SVN-1.4 on RHEL4 Box by RPM's
>
> Further configured SVN+SSH access by
>
> 1) Creating System users on the Box.
>
> 2) Wrapper script to embed svnserve
>
> Like all steps in http://svn.haxx.se/dev/archive-2004-03/0253.shtml
>
> and it works fine....
>
>
>
> But problem is users can logon onto Box and delete entire REPO !!!
>
>
>
> Further I was exploring
> http://svn.collab.net/repos/svn/trunk/notes/ssh-tricks
>
>
> But this doesnot work fine...
>
>
>
> *Any ideas on How to configure svn+ssh which uses system users and no shell
> access to these users ?? *
>
Create a dedicated user for the repository -- call it "svn". Do not
give it a password. Access it using sudo or some similar tool.
Only allow ssh Version 2 access. This is important.
Add each user's public key to ~/.ssh/authorized_keys. Precede each key
with a command to run svnserve in tunnel mode (This entry has to all be
on one line.)
command="/usr/bin/svnserve --root=/var/svn/repos --tunnel \
--tunnel-user=<username>" ssh-rsa <public key> user@machine
The above will start svnserve in tunnel mode with a root directory of
/var/svn/repos and set the username for recording any file manipulations
to "<username>"
The URL for accessing the repository then becomes
svn+ssh://svn@<subversion sserver>/<repository>
Users may or may not have shell access but will only be able to log on
with their own accounts, not svn.
>
> Thanks in Advance for your help,
>
> Regards,
>
> Saha
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Jul 24 06:56:19 2007