September 28, 2012
Setting up svn+ssh on Ubuntu Server and Tortoise SVN as client on Windows PC
- First you need to setup the basic ssh connectivity using e.g. putty and sshd. This is not the focus of this short report.
- On the Windows, use Pageant to cache the ssh key. The target in the “Shortcut to Pageant” should be similar to:
"C:\Program Files (x86)\PuTTY\pageant.exe" C:\path\private_sshkey
- Check again that you can now connect to the server without having to enter your password in the putty.
- Install subversion on the server using:
apt-get install subversion
- Create the repositories in a location, let’s say /usr/local/svn.
- Make your first repository under svn, lets say proj1. Simply create a folder using mkdir.
- Now mark this folder as a repository using:
svnadmin create /usr/local/svn/proj1
- Create a new group called subversion and add yourself and www-data to this group:
adduser youruid subversion
adduser root subversion
adduser www-data subversion
- Assign the owner rights of the repositories to the www-data user and the subversion group, as well as make all the subsequently added files belong to the subversion group.
chown -R www-data:subversion proj1
chmod -R g+rws proj1
- That completes the basic subversion setup. You can check the basic setup by checking-out the newly setup repo locally on the linux server by:
svn co file:///usr/local/svn/proj1
- For the ssh setup, first open the /etc/subversion/config file and uncomment this line:
ssh = $SVN_SSH ssh -q -o ControlMaster=no
- Now open the /usr/local/svn/proj1/conf/svnserve.conf file and make changes according to the following, where realm is whatever authentication realm you want to name it. The realm is not very important as long as you keep it same across different repos where you want to use the same authentication:
anon-access = none
auth-access = write
realm = xxxx
- Now go to /etc/init.d and copy the skeleton file to svnserve file. Make appropriate changes in the beginning of the svnserve file as follows:
DAEMON_ARGS="-d -r /usr/local/svn"
- Set the execution bit by:
chmod +x svnserve
- Now issue the following command to automatically start the svnserve at the bootup:
update-rc.d svnserve defaults
- That is all for the settings on the server side. Start the svnserve using:
- On the windows side, do the following:
- Note that the -l parameter provides the username that should be used for the repository. The ssh key must belong to this user name.
- Now checkout the repository by providing the link in the following manner:
You must take care to provide the full path to the svn repository. This is because ssh is only tunneling the svn access which means it is similar to accessing it locally on the server itself. Other authentication methods like sasl, etc. allow accessing the repos in a simpler way like
svn://yourhost/proj1but this is not the case with ssh. There might be a way to achieve this also with ssh but I am not aware of it.
- That is it. Now you have a functional svn server which can be securely accessed through ssh from anywhere.