Summer Nights

A blog on embedded and real-time systems as well as on general computing issues

Setting up svn+ssh on Ubuntu Server and Tortoise SVN as client on Windows PC

  1. First you need to setup the basic ssh connectivity using e.g. putty and sshd. This is not the focus of this short report.
  2. On the Windows, use Pageant to cache the ssh key. The target in the “Shortcut to Pageant” should be similar to:
    "C:\Program Files (x86)\PuTTY\pageant.exe" C:\path\private_sshkey
  3. Check again that you can now connect to the server without having to enter your password in the putty.
  4. Install subversion on the server using:
    apt-get install subversion
  5. Create the repositories in a location, let’s say /usr/local/svn.
  6. Make your first repository under svn, lets say proj1. Simply create a folder using mkdir.
  7. Now mark this folder as a repository using:
    svnadmin create /usr/local/svn/proj1
  8. Create a new group called subversion and add yourself and www-data to this group:
    groupadd subversion
    adduser youruid subversion
    adduser root subversion
    adduser www-data subversion
  9. Assign the owner rights of the repositories to the www-data user and the subversion group, as well as make all the subsequently added files belong to the subversion group.
    cd /usr/local/svn
    chown -R www-data:subversion proj1
    chmod -R g+rws proj1
  10. That completes the basic subversion setup. You can check the basic setup by checking-out the newly setup repo locally on the linux server by:
    svn co file:///usr/local/svn/proj1
  11. For the ssh setup, first open the /etc/subversion/config file and uncomment this line:
    ssh = $SVN_SSH ssh -q -o ControlMaster=no
  12. Now open the /usr/local/svn/proj1/conf/svnserve.conf file and make changes according to the following, where realm is whatever authentication realm you want to name it. The realm is not very important as long as you keep it same across different repos where you want to use the same authentication:
    anon-access = none
    auth-access = write
    realm = xxxx
  13. Now go to /etc/init.d and copy the skeleton file to svnserve file. Make appropriate changes in the beginning of  the svnserve file as follows:
    PATH=/sbin:/usr/sbin:/bin:/usr/bin
    DESC="Subversion Server"
    NAME=svnserve
    DAEMON=/usr/bin/$NAME
    DAEMON_ARGS="-d -r /usr/local/svn"
    PIDFILE=/var/run/$NAME.pid
    SCRIPTNAME=/etc/init.d/$NAME
  14. Set the execution bit by: chmod +x svnserve
  15. Now issue the following command to automatically start the svnserve at the bootup:
    update-rc.d svnserve defaults
  16. That is all for the settings on the server side. Start the svnserve using: /etc/init.d/svnserve start
  17. On the windows side, do the following:
    1. Start Pageant and enter the password.
    2. Open Tortoise SVN settings and ask it to use Plink as shown in the image below:
  18. Note that the -l parameter provides the username that should be used for the repository. The ssh key must belong to this user name.
  19. Now checkout the repository by providing the link in the following manner:
    svn+ssh://yourhost/usr/local/svn/proj1
    You must take care to provide the full path to the svn repository. This is because ssh is only tunneling the svn access which means it is similar to accessing it locally on the server itself. Other authentication methods like sasl, etc. allow accessing the repos in a simpler way like svn://yourhost/proj1 but this is not the case with ssh. There might be a way to achieve this also with ssh but I am not aware of it.
  20. That is it. Now you have a functional svn server which can be securely accessed through ssh from anywhere.

One Response to “Setting up svn+ssh on Ubuntu Server and Tortoise SVN as client on Windows PC”

  • webroot says:

    thanks.. for sharing ssh setup, every other articles have apache webdav with ssl but i dont like to use apache because if hacker gains access to php scripts he will hack svn directories

Leave a Reply

Your email address will not be published. Required fields are marked *