If you are searching for a way to get Subversion working over SSH but just… can’t… quite… get there, this should help you out. These instructions should work for any *NIX system. I’m writing them for Mac OS X. I’ll assume you already have a Subversion server set up somewhere and that you already have an account with SSH access to that server.
-
Install svn client
You can get it from the Subverion site or snag the Mac Subversion DMG if that’s what you need.
-
Add paths
Now that you’ve got the client installed, we need to add it to our path so that the shell knows where to find it. If you compiled it from source and put it somewhere else, you should substitute that location here. (or maybe you put it in a place that’s already in your path so that you wouldn’t HAVE to do this step?)
If you’re using tcsh:setenv PATH "${PATH}:/usr/local/bin"
If you’re using bash:
export PATH=${PATH}:/usr/local/bin
-
Modify SSH config
If you’re connecting with non-standard options, such as a different username or a different port, you might wish to modify ~/.ssh/config so that you don’t have to type them every time, which makes things much easier. (For more information on the options you can put here, see Getting Started with SSH or check out the man pages for ssh and sshd)
Host hostname User username Port otherport
-
Set up SSH keys
We set up keys so that you don’t have to type your password every single time you do anything. First we need to generate the key:
ssh-keygen -t dsa -f ~/.ssh/id_dsa -C "Comment about this key, perhaps a descriptive title?"
Then we need to upload that key to the server you’re trying to connect to:
cat ~/.ssh/id_dsa.pub | ssh hostname 'cat - >> ~/.ssh/authorized_keys'
-
Configure ssh-agent
Now we configure ssh-agent to automatically send that there key which we just created and authorized whenever it needs to connect. This is the part that keeps you from having to type your password every time.
If you’re using tcsh, you need to modify ~/.login:set sshAgent=/usr/bin/ssh-agent set sshAgentArgs="-c" set tmpFile=~/.ssh/ssh-agent-info # # Check for existing ssh-agent process # if ( -s $tmpFile ) source $tmpFile if ( $?SSH_AGENT_PID ) then set this=`ps -elf | grep ${SSH_AGENT_PID} | grep ssh-agent > /dev/null` # start ssh-agent if status is nonzero if (( $? != 0 ) && ( -x "$sshAgent" )) then $sshAgent $sshAgentArgs | head -2 > $tmpFile source $tmpFile echo "ssh agent started [${SSH_AGENT_PID}]" ssh-add endif endif
If you’re using bash, you need to modify ~/.profile:
SSH_ENV=$HOME/.ssh/environment function start_agent { echo "Initialising new SSH agent..." /usr/bin/ssh-agent | sed 's/^echo/#echo/' > ${SSH_ENV} echo succeeded chmod 600 ${SSH_ENV} . ${SSH_ENV} > /dev/null /usr/bin/ssh-add; } # Source SSH settings, if applicable if [ -f "${SSH_ENV}" ]; then . ${SSH_ENV} > /dev/null #ps ${SSH_AGENT_PID} doesn’t work under cywgin ps -ef | grep ${SSH_AGENT_PID} | grep ssh- agent$ > /dev/null || { start_agent; } else start_agent; fi
-
Test
After editing one of the above files, you probably need to log out and back in so that it will run and set up ssh-agent. Then test the connection to your Subverison server:
svn list svn+ssh://path/to/repos
If that works, you’re good to go!
October 5th, 2006 at 5:21 pm
OOOOOH! i get it now. thank you, i’ve been losing sleep over that one.
October 8th, 2006 at 4:22 am
well, I don’t know how I missed three blogs in a row, but way to up the production rate! and I certainly hope that thing you just wrote really and truly helps someone, someday, somewhere, somewhy.
October 11th, 2006 at 12:55 am
You know, I sort of know what you’re talking about, and man would I like to get something like that set up JUST to try your instructions out. Too bad I have no practical use for such things.
That and:
me+command line=sad mac
January 4th, 2007 at 8:06 am
One thing I don’t understand is why ssh-agent is needed if ssh public key authentication is configured? In my environment, using a server that allows public key authentication, I can stop at the end of step four. The authentication just works. I don’t appear to gain anything by running ssh-agent, too.
However, some servers in my environment were configured to disallow public key authentication. I am required to enter a password for those servers. The free Subversion book suggests that ssh-agent could be used to cache my password. But ssh-agent doesn’t appear to work in that way. (I found this page by Googling for svn and ssh-agent.)
April 13th, 2009 at 6:52 pm
Thank you!
November 29th, 2010 at 10:43 pm
This is great, I can now set into cron the update of my working copy.
Thanks.