Re: Secure svnserve?

From: Branko Čibej <brane_at_apache.org>
Date: Sat, 26 Nov 2016 23:55:02 +0100

On 26.11.2016 23:26, Olaf van der Spek wrote:
> On Sat, Nov 26, 2016 at 10:32 PM, Branko Čibej <brane_at_apache.org> wrote:
>>> Doesn't svn+ssh require all accounts to have direct and full file
>>> access to the entire repo?
>> The account under which svnserver runs does need such access, but you do
>> /not/ have to create one account per user; with a bit of SSH magic, you
>> can get all users to use one account, and restrict that so that it can
>> only run svnserve (i.e., not a shell session).
> Where would svnserve get the right user name from for stuff like commits?
> It was my understanding it took the name of the current user.

5 seconds of searching on the Internet gave me this:

http://zeroset.mnim.org/2012/08/14/svn-over-ssh-with-multiple-svn-users-and-a-single-unix-account-without-shell-access/

http://stackoverflow.com/questions/20176049/multiple-users-of-svn-with-single-ssh-account

https://tortoisesvn.net/ssh_howto.html

It took me 30 times longer to write this mail than to find the data.

TL;DR: you have to use the SSH 'command=' option to change svnserve's
'--tunnel-user' option for each of your users.

-- Brane
Received on 2016-11-26 23:55:06 CET

This message: [ Message body ]
Next message: Stefan Sperling: "Re: Secure svnserve?"
Previous message: Olaf van der Spek: "Re: Secure svnserve?"
In reply to: Olaf van der Spek: "Re: Secure svnserve?"
Next in thread: Stefan Sperling: "Re: Secure svnserve?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]