Getting started with SVN+SSH

If you are searching for a way to get Subversion working over SSH but just… can’t… quite… get there, this should help you out. These instructions should work for any *NIX system. I’m writing them for Mac OS X. I’ll assume you already have a Subversion server set up somewhere and that you already have an account with SSH access to that server.

  1. Install svn client

    You can get it from the Subverion site or snag the Mac Subversion DMG if that’s what you need.

  2. Add paths

    Now that you’ve got the client installed, we need to add it to our path so that the shell knows where to find it. If you compiled it from source and put it somewhere else, you should substitute that location here. (or maybe you put it in a place that’s already in your path so that you wouldn’t HAVE to do this step?)
    If you’re using tcsh:

    setenv PATH "${PATH}:/usr/local/bin"

    If you’re using bash:

    export PATH=${PATH}:/usr/local/bin
  3. Modify SSH config

    If you’re connecting with non-standard options, such as a different username or a different port, you might wish to modify ~/.ssh/config so that you don’t have to type them every time, which makes things much easier. (For more information on the options you can put here, see Getting Started with SSH or check out the man pages for ssh and sshd)

    		Host hostname
    		User username
    		Port otherport
  4. Set up SSH keys

    We set up keys so that you don’t have to type your password every single time you do anything. First we need to generate the key:

    ssh-keygen -t dsa -f ~/.ssh/id_dsa -C "Comment about this key, perhaps a descriptive title?"

    Then we need to upload that key to the server you’re trying to connect to:

    cat ~/.ssh/id_dsa.pub | ssh hostname 'cat - >> ~/.ssh/authorized_keys'
  5. Configure ssh-agent

    Now we configure ssh-agent to automatically send that there key which we just created and authorized whenever it needs to connect. This is the part that keeps you from having to type your password every time.
    If you’re using tcsh, you need to modify ~/.login:

    set sshAgent=/usr/bin/ssh-agent
    set sshAgentArgs="-c"
    set tmpFile=~/.ssh/ssh-agent-info
    
        #
        #  Check for existing ssh-agent process
        #
        if ( -s $tmpFile ) source $tmpFile
        if ( $?SSH_AGENT_PID ) then
          set this=`ps -elf | grep ${SSH_AGENT_PID} | grep ssh-agent > /dev/null`
          # start ssh-agent if status is nonzero
          if (( $? != 0 ) && ( -x "$sshAgent" )) then
            $sshAgent $sshAgentArgs | head -2 > $tmpFile
            source $tmpFile
            echo "ssh agent started [${SSH_AGENT_PID}]"
            ssh-add
          endif
        endif

    If you’re using bash, you need to modify ~/.profile:

    SSH_ENV=$HOME/.ssh/environment
    
    function start_agent {
         echo "Initialising new SSH agent..."
         /usr/bin/ssh-agent | sed 's/^echo/#echo/' > ${SSH_ENV}
         echo succeeded
         chmod 600 ${SSH_ENV}
         . ${SSH_ENV} > /dev/null
         /usr/bin/ssh-add;
    }
    
    # Source SSH settings, if applicable
    
    if [ -f "${SSH_ENV}" ]; then
         . ${SSH_ENV} > /dev/null
         #ps ${SSH_AGENT_PID} doesn’t work under cywgin
         ps -ef | grep ${SSH_AGENT_PID} | grep ssh- agent$ > /dev/null || {
             start_agent;
         }
    else
         start_agent;
    fi
  6. Test

    After editing one of the above files, you probably need to log out and back in so that it will run and set up ssh-agent. Then test the connection to your Subverison server:

    svn list svn+ssh://path/to/repos
    

    If that works, you’re good to go!

6 thoughts on “Getting started with SVN+SSH”

  1. well, I don’t know how I missed three blogs in a row, but way to up the production rate! and I certainly hope that thing you just wrote really and truly helps someone, someday, somewhere, somewhy.

  2. You know, I sort of know what you’re talking about, and man would I like to get something like that set up JUST to try your instructions out. Too bad I have no practical use for such things.

    That and:

    me+command line=sad mac

  3. One thing I don’t understand is why ssh-agent is needed if ssh public key authentication is configured? In my environment, using a server that allows public key authentication, I can stop at the end of step four. The authentication just works. I don’t appear to gain anything by running ssh-agent, too.

    However, some servers in my environment were configured to disallow public key authentication. I am required to enter a password for those servers. The free Subversion book suggests that ssh-agent could be used to cache my password. But ssh-agent doesn’t appear to work in that way. (I found this page by Googling for svn and ssh-agent.)

Leave a Reply

Your email address will not be published. Required fields are marked *

Comment spam protected by SpamBam