Announcement

Collapse
No announcement yet.

Help to setup an SVN repository on my web hotel

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Help to setup an SVN repository on my web hotel

    Hi, first post

    I wanted to ask some guidance on how to set up a SVN repository on my web hotel.

    I was in contact with the service provider who informed me that they have no SVN server and in order for me to use SVN I had to connect via SSH on the ssh.domain area. Problem is they offer no support and I have no clue.

    I have SVN installed as follows on my local Machine:
    TortoiseSVN 1.8.11, Build 26392 - 64 Bit , 2015/03/19 18:50:20
    Subversion 1.8.13, -release
    apr 1.5.1
    apr-util 1.5.4
    serf 1.3.8
    OpenSSL 1.0.2a 19 Mar 2015
    zlib 1.2.8

    and I have putty set up to connect with the server, which works fine. What I need assistance with is how to go from here?

  • #2
    Check out the TortoiseSVN page on this: [url]https://tortoisesvn.net/ssh_howto.html[/url]

    Comment


    • #3
      Hi, thanks for replying.

      I have managed now to connect to the server via Putty and I have generated the public/private key and copied the key locally and converted it to putty format. i added the key to the ssh section and my user in the auto.login username and this works fine. I only need to enter the passphrase i used when creating the key files, but it works good and I access the web-hotel easy.

      The next thing I did was to a -svnadmin creat ~svnrepository

      Then I added the following to the svnserve.conf file:
      [FONT=Consolas]anon-access = none
      auth-access = write
      password-db = passwd

      then I added a user = password in the passwd file

      Finally I ran svnserve -d

      All looks good on server side.

      Next I create a folder on my local machine and I want to do a checkout to see if it is working. But I am not certain what I should enter in the URL of the repository after the "[/FONT]svn+ssh://[FONT=Consolas]"[/FONT]

      Let us for sake of argument say that I use: login.webhotel.com when I connect with putty. My user on the we hotel is webhotel_user and the user / pw for the repo is user_svn and pw_svn

      What should I fill into the URL to get the checkout working?

      Comment


      • #4
        The point of using SSH is to use the public-private keys and NOT to use passwords (there will be a passphrase on the private key but that is not the same as a password on a linux account). You should be setting up the public key in the "authorized_keys" file for your "webhotel_user" account. The "user_svn" account should be placed in the authorized_keys entry per the article pointed to above. Look for "command="svnserve -t -r ..." in the article. In this manner you should NEVER run "svnserve -d" on the webhotel.com machine (there are ugly security implications...).

        Comment


        • #5
          I will recap what I did:

          #1 - I would like to use my existing user (It is not possible for me to add users to the webhotel server as the "useradd" command is not working).

          #2 - The /home directory is shared for other users, my directory is /home/4/c/MyServeruser/

          #3 - I connected with putty being prompted for my username and my webhotel password

          #5 - I entered "ps xa | grep sshd" and got "21464 pts/23 S+ 0:00 grep sshd"

          #6 - I entered "which svnserve" and got "/usr/bin/svnserve"

          #6 - Next I generated the private and publik key by entering: "ssh-keygen -b 1024 dsa -N passphrase -f turtoisekey"

          This generated the two files turtoisekey and tutoisekey.pub on my user directory

          #7 - Then I created the .ssh directory on my user directory with a mkdir .ssh

          #8 - Then I moved the turtoisekey.pub into the .ssh folder with a "mv turtoisekey.pub .ssh/authorized_keys" there was no need to append as the file did not exist from before.

          #9 - Then I copied the text from turtoisekey into a turtoisekey.txt on my local computer

          #10 - I then used the puttykey gen to generate the puttykey.ppk key

          #11 - I then added my username to "connection-login details - auto/login username" and added the puttykey.ppk to "connection-ssh-auth-private key file for authentication" and saved the session.

          Then I tested the connection with putty and it automatically enters my username but prompts for the passphrase I used to generate the keyfile *not my server password".

          Should it not ask for this passphrase? In case, what have I done wrong here?


          Comment


          • #6
            The ".ssh" directory must be specifically protected: "chmod 0700 .ssh"
            Otherwise SSHD won't allow its use - it simply fails that path silently and then asks for your password.

            Comment


            • #7
              I entered the "chmod 0700 .ssh" but it still asks for the passphrase when I connect with putty..

              It also sounds strange to me that this is the problem since it does not ask for my server password which in turn should mean that the keyfile get's read.

              EDIT: When I run putt with Pegeant with the local key loaded, it logs straight in. So I assume this is in order or is there a way to avoid running Pageant?
              Last edited by tommen76; 06-09-2017, 04:25 PM. Reason: Found out that I could use Pageant

              Comment


              • #8
                When connecting with putty it should ask for the passphrase - putty does not save your passphrase so you'll be prompted every time you use it.

                Pageant, however, is caching your passphrase - that's its job. When it runs putty it will provide the keys without your needing to use the passphrase.

                All of that means that you've proven that the SSH part of this is working properly.

                So now it's time to generate a 2nd SSH key-pair, one to run the "svnserve" command by your creating a special entry in the "authorized_keys" file that begins "command="/usr/bin/svnserve -t -r ..." (see the TortoiseSVN URL above). You need 2 keys since you'll use 1st key to login directly to the command line and the 2nd key to run "svnserve".

                Comment


                • #9
                  Alright, I know that I can now access my web hotel via SSH and that I have a key stored on the server for this.

                  Next up I followed the instructions and created a keypair with puttygen and then I copied the key itsef (AAA...==) from the public key and prepended it with:

                  command="/usr/bin/svnserve -t --tunnel-user=svnuser -r /home/4/w/weburl/svnrepository/",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa

                  and appended it with user@domain

                  it is then one long line with a space before and after the key:

                  command="/usr/bin/svnserve -t --tunnel-user=svnuser -r /home/4/w/weburl/svnrepository/",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa AAA...== user@domain

                  I then accessed "authorized_keys" and added (on a new line) this key to the file and save/closed it.

                  I then made another connection on putty where I saved the session after connecting the .pkk file to the session and run it.

                  The server then asks me "log in as:"

                  If I enter the svn user, I get "server refused our key".

                  then he asks me for svnuser@domain's password. I tried the passphrase for the key I generated earlier and I tried the password for server access. None of them works.

                  ANy advise on where to go from here or what I messed up?

                  Comment


                  • #10
                    You should add NOTHING after the public key (the public key must look exactly as generated with NOTHING following it). Go back and remove the "user@domain".

                    Comment


                    • #11
                      I removed the user@domain after the key but still the server refuse the key when I log in with svnuser

                      When I for fun enter serveruser as login, it sais: "Server refused to allocate pty
                      ( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries commit-revprops depth log-revprops atomic-revprops partial-replay inherited-props ephemeral-txnprops file-revs-reverse ) ) )"

                      Comment


                      • #12
                        Here's an example "authorized_keys" entry:[INDENT]
                        command="/usr/bin/svnserve --log-file /opt/repo/SvnServe.log -t --tunnel-user=username -r /opt/repo",no-port-forwarding,no-pty,no-agent-forwarding,no-X11-forwarding long-key-info[/INDENT]

                        NOTE: that is a single long line. With a real public key that line will run on for many "editor lines".

                        This assumes that your account name is "username", your repositories are found in "/opt/repo" and that you're keeping an svnserver log file in that same directory (by the name "SvnServe.log").
                        The "long-key-info" is the exact key as generated separated from prior characters by white space on the left and the line should end after its last character.

                        DO NOT USE a Windows editor to create or edit the "authorized_keys" file (except perhaps on a Windows server) since it can/will mess with the line terminator.

                        As for the "Server refused to allocate pty" message, see here: [URL="https://serverfault.com/questions/233962/failing-to-connect-to-server-via-ssh-server-refused-to-allocate-pty"]https://serverfault.com/questions/23...o-allocate-pty[/URL]

                        Comment

                        Working...
                        X