On Aug 24, 2009, at 1:32 AM, Ryan Schmidt wrote:
> You should post this as a diff. That means for example: download
> faq.html, copy it to faq.new.html, edit the copy so it looks like
> you want, then submit the output of "diff -u faq.html faq.new.html"
> as a file attachment.
thanks for your explicit instructions. here's the diff:
--- faq.html 2009-08-24 02:02:02.000000000 -0700
+++ faq.new.html 2009-08-24 02:27:07.000000000 -0700
@@ -2160,12 +2160,41 @@
<h3>I want to allow access via svn+ssh://, but am paranoid. I hate
the
idea of giving each user a login; I would then have to worry about
what they are, and are not, allowed to access on my machine.</h3>
-<p>See the section about hacking
-the <tt>~/.ssh/authorized_keys</tt> file in the answer
-to this other question; ignore
the stuff
-about getting <tt>svnserve</tt> on your PATH.</p>
-</div>
+<p>
+On the client (assumes svn version > 1.2):
+<ol>
+<li>generate an ssh private/public key-pair:
+<p><tt># ssh-keygen -t rsa</tt>
+<li>add the following line to the <tt>~/.bash_profile</tt>:
+<p><tt>export SVN_SSH="ssh -l svn -i ~/.ssh/id_rsa"</tt>
+<p>
+and make sure to execute the above line at the command line (for
immediate definition of the variable). the user may chose to use an
existing key-pair, or to generate a new one to be used exclusively for
SVN access. In such a case, replace the <tt>~/.ssh/id_rsa</tt> above
with the appropriate file name.
+</ol>
+<p>
+On the server (assumes the repository is owned by <tt>svn:svn</tt>
and is located at <tt>/var/svn</tt> on the server, which serves as the
user <tt>svn</tt>'s home directory. additionally assumes the SVN
service binary is located at <tt>/usr/bin</tt>):
+<ol>
+<li>create the directory <tt>/var/svn/.ssh</tt> if it does not exist
(make sure it's owned by <tt>svn:svn</tt>)
+<li>in the above directory place the file <tt>authorized_keys2</tt>
(permissions: <tt>-rw-r--r--</tt>) with the following contents:
+<p>
+<tt>command="/usr/bin/svnserve -t -r /var/svn --tunnel-
user=<username>",no-port-forwarding,no-agent-forwarding,no-X11-
forwarding,no-pty <public key></tt>
+<p>
+where <tt><username></tt> is the name the repository will use
in recording changes and <tt><public key></tt> represents the
contents of the client's <tt>~/.ssh/id_rsa.pub</tt> file (or whichever
public key was chosen for this purpose). <u>Make sure all of the
above is on a single line.</u>
+<p>
+To use the service then, on the client, check out any project:
+<p>
+<tt># svn checkout svn+ssh://<server>/var/svn/<project></
tt>
+<p>
+where <tt><server></tt> represents the DNS name of the server
host and <tt><project></tt> is the name of any project. Change
directory to the project's e.g. <tt>cd <project></tt> and change
the contents of some file, subsequently performing a difference report:
+<p>
+<tt># svn diff</tt>
+<p>
+if everything looks good, commit:
+<p>
+<tt># svn commit</tt>
+<p>
+that's it!
+</div>
<div class="h3" id="auto-props" title="auto-props">
<h3>How can I set certain properties on
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2386676
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-08-24 11:27:46 CEST