2011/7/18 Thorsten Schöning <tschoening_at_am-soft.de>:
> Guten Tag David Mehler,
> am Samstag, 16. Juli 2011 um 18:46 schrieben Sie:
>> I'm wanting to ensure encryption of data while traveling from the
>> server to the client so am looking in to cyrus-sasl, though not
>> finding what i'm looking for.
> What exactly are you missing?
And is there any reason not to use svn+ssh:// or https://
>> I'm also needing to separate users. For example, user1 has access to
>> only repos1 while user2 has only access to repos2 but not repos1.
>> Under their respective repos' each user can commit their own projects
>> and manage them.
> This is easy, each repository has it's own user configuration per
> default and per repository you can use path based access control, if
>> I would have gone with an svn+ssh access, but don't want to give out
>> system accounts, and none of my user's want their repos visible to an
>> httpd server so apache is out.
> How about creating new users just for svn access? Else, a simple VPN
> using OpenVPN could be solution, too, depending on how you trust your
> users etc.
Oh, my! You don't have to give system accounts!!! You use a shared
account, called "svn", for write access.
The URL's would be "svn+ssh://svn@hostname/reponame", and you'd use
SSH keys with a "command" option, as documented at
There's a missing option in the documentation, the "--root" option.
For a set of shared SVN repostories at "/var/svn/", the saved keys
would look something like this:
command="svnserve -t --tunnel-user=username
arding,no-X11-forwarding,no-pty TYPE1 KEY1 username_at_example.com
The repo at /var/svn/repo1 would be accessed with the URL
> Mit freundlichen Grüßen,
> Thorsten Schöning
> Thorsten Schöning
> AM-SoFT IT-Systeme - Hameln | Potsdam | Leipzig
> Telefon: Potsdam: 0331-743881-0
> E-Mail: tschoening_at_am-soft.de
> Web: http://www.am-soft.de
> AM-SoFT GmbH IT-Systeme, Konsumhof 1-5, 14482 Potsdam
> Amtsgericht Potsdam HRB 21278 P, Geschäftsführer: Andreas Muchow
Received on 2011-07-18 13:18:50 CEST