[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: How to get --tunnel-user working [SOLVED]

From: Hitzinger, Jozef <jhitzinger_at_soitron.com>
Date: Fri, 7 Mar 2008 14:49:53 +0100

Hi John,

thanks for the tip. Although there's only one svnserve on the system,
the advice made me re-check what exactly get's run, and the issue turned
out to be with the authorized_keys file (as half-expected).

Well known to some, and of course documented in sshd_config manual, the
authorized_keys must have the whole entry on one long line, and NOT on
several lines - the "\" continuation doesn't work in this file.

So in our case the command=".." (appearing two lines above key) was
ignored, and svn invoked plain "/usr/bin/svnserve" instead, which made
it more puzzling than if it didn't work at all.

As last remark, the example on pg. 152 of SVN Book would be better if it
explicitly mentions that continuation marks mean the text should go
onto one line

command="svnserve -t --tunnel-user=harry",no-port-forwarding,\
no-agent-forwarding,no-X11-forwarding,no-pty \
TYPE1 KEY1 harry_at_example.com

i.e. that this example is NOT suitable for copy&paste into
authorized_keys.

Thanks,

--
jozef  :-)
-----Original Message-----
From: John Peacock [mailto:john.peacock_at_havurah-software.org] 
Sent: Thursday, March 06, 2008 8:41 PM
To: Hitzinger, Jozef
Cc: users_at_subversion.tigris.org
Subject: Re: How to get --tunnel-user working
Hitzinger, Jozef wrote:
> command="svnserve --tunnel-user user1 -t" \ 
> no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty \ 
> ssh-dss <key1.........> 
I'll bet you have two different svnserve binaries installed.  Change 
that line to point at the 1.4.6. binary (instead of relying on the
path).
John
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-03-07 17:57:02 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.