- FAQ
- I think I found a bug in TortoiseSVN!
- Installation & Upgrade
- Overlay icons
- Authentication
- Daily Use
- Feature Requests
- Known problems on Vista
- Other Tools
- SSH / SSL
- Does TortoiseSVN support SSH?
- Subversion / TortoiseSVN SSH HowTo
- SVN+SSH+public key authentication on Windows Box as server
- How do I get client certificates to work?
- How do I disable http access once https is working?
- How do I re-configure the client certificate for Tortoise SVN?
- I am getting the password dialog over and over again
- PuTTY keeps showing 'Invalid port number'
- Error Messages
- Why do comments sometimes get deleted from this website?
- Why did you name it TortoiseSVN?
- I love TortoiseSVN, how can I help?
SVN+SSH+public key authentication on Windows Box as server
This walkthrough on getting SVN+SSH up and running on a Windows Box was provided by Thorsten Möller
Thanks!
Hi all,
I just want to provide my solution to the community since I have found out that there might be many people struggling with the same issue.
- Server: Install Cygwin SSH daemon as described here: http://pigtail.net/LRP/printsrv/cygwin-sshd.html
- Install SVN on the server (as described in the Subversion doku)
- Server: Create an account (for instance "SVNuser") which you will later use for logging in. Check that the user permissions are sufficient to read and write your SVN repository directory on the server.
-
Server (if not already done): Open Cygwin console and run
mkpasswd -l > /etc/passwd -
Client: Download PuTTY and PuTTYgen (http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html)
and place it in a directory which is part of the PATH, for instanceC:\Windows - Client: Create a key pair with PuTTYgen an save the keys.
-
Transfer the public key to the server file:
/home/<svnuser>/.ssh/authorized_keys -
Create a PuTTY session for loggin in to the server as described here:
Subversion / TortoiseSVN SSH HowTo.
Do not forget to activate auto login, i.e. set the user name. -
Test whether you can log in to the server with the key.
Server: If that works you might want to disable password authentication for SSH by editing /etc/sshd_config. Change/edit lines as follows (and restart SSH service afterwards):PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no -
Server: Modify
/home/<svnuser>/.ssh/authorized_keysas follows. Note that every user which is supposed to use SVN uses the same login but a different key, thus you have to add one line for every user/key.Note: This is all on one very long line.
command="svnserve -t -r c:/mySVNroot/ --tunnel-user=<SVNuser>",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa <thePublicKey> <publicKeyComment>The trick here is to use the slash instead of backslash to specifiy the SVN repository root:
-r c:/mySVNroot.
Another important thing is--tunnel-user=<SVNuser>.
Since all users later will do a SSH login with the same login name (but different keys) you have to map each key to a SVN user - remember that SVN maintains its own users/userrights. -
Client: Access the repository with a URL like:
svn+ssh://<PuTTYSessionName>/<MyRepository>/trunk
In various documentations and news group postings you will read that the URL has to contain the real path on the server. But this is not neccessary if the -r parameter was set correctly, see 10. I swear, for me it works fine :-)
Thorsten
google search
Open Source
|
|
|