Bug#341438: Fwd: Re: How to automatically update files on alioth
from svn
Andrew Vaughan
ajv-lists at netspace.net.au
Wed Nov 30 16:38:45 UTC 2005
This bug report seems to have originated out of the d-devel discussion quoted
below.
Andrew V.
http://lists.debian.org/debian-devel/2005/11/msg01790.html
---------- Forwarded Message ----------
Subject: Re: How to automatically update files on alioth from svn
Date: Thu, 1 Dec 2005 02:13
From: Marc Haber <mh+debian-devel at zugschlus.de>
To: debian-devel at lists.debian.org
On Wed, 30 Nov 2005 15:31:34 +0100, Frank Küster <frank at debian.org>
wrote:
>Yann Dirson <ydirson at altern.org> wrote:
>> Frank wrote:
>>> - how to authenticate the transfer, since the svn repository and the
>>> webspace is on different machines.
>>
>> https or svn+ssh to access the repo should provide the level of
>> authentication you need, or do I miss something ?
>
>With svn+ssh, I'd need a key without a password that allows logging into
>the SVN server machine; I'd prefer not to have that.
You could restrict that key to be valid only from the IP address
belonging to the client box, and it should be possible to restrict the
key only to invoke a read-only svn server. I didn't try that with svn,
though.
For example,
|from="127.0.0.1",command="svnserve -t" ssh-rsa
| AAAAB3NzaC1yc2EAAAABIwAAAQEAu0DKRi2tHpQcpFLuBqLvS/LbOnBTMlkprHuJSQeglX/LW1
in an authorized_keys file allows the key to only be used if the
connection comes from localhost, and it _always_ invokes svnserve -t
instead of whatever command was requested on the command line. This
gives, however, read/write access to the repository.
Greetings
Marc
More information about the pkg-subversion-maintainers
mailing list