Re: How to choose between svn & http?

On Jul 8, 2010, at 4:49 PM, Nico Kadel-Garcia wrote:
> A local comparison is often best, especially when operating over HTTPS
> or svn+ssh for security reasons: Because of the continuing storage of
> HTTP/HTTPS/svn/SSH passwords in clear-text by the UNIX or Linux
> versions of Subversion, I don't trust anything but the svn+ssh public
> key based access for public use. Unfortunately, this does cause a
> noticeable performance hit.

It's worth pointing out that the private key has to have a passphrase, for this to be a security improvement. Otherwise all you've accomplished is to leave the password-equivalent in ~/.ssh instead of in ~/.svn. ;) I mention this only because a lot of the applications for SSH public keys involve passwordless login.

>
> Performance can also be dominated by the size of the repository, and
> the use of "chatty" file storage technologies such as CIFS, which can
> seriously slow the checkout of bulky working copies with lots of
> files. (I've run into this recently: what took 2.5 minutes to NFS
> shares took 25 minutes to CIFS shares. It was embarassing!)

Virus scanning overhead can really bite you here, too.

-- 
David Brodbeck
System Administrator, Linguistics
University of Washington