Re: How to automatically update files on alioth from svn
On Wed, 30 Nov 2005 15:31:34 +0100, Frank Küster <frank@debian.org>
wrote:
>Yann Dirson <ydirson@altern.org> wrote:
>> Frank wrote:
>>> - how to authenticate the transfer, since the svn repository and the
>>> webspace is on different machines.
>>
>> https or svn+ssh to access the repo should provide the level of
>> authentication you need, or do I miss something ?
>
>With svn+ssh, I'd need a key without a password that allows logging into
>the SVN server machine; I'd prefer not to have that.
You could restrict that key to be valid only from the IP address
belonging to the client box, and it should be possible to restrict the
key only to invoke a read-only svn server. I didn't try that with svn,
though.
For example,
|from="127.0.0.1",command="svnserve -t" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu0DKRi2tHpQcpFLuBqLvS/LbOnBTMlkprHuJSQeglX/LW1
in an authorized_keys file allows the key to only be used if the
connection comes from localhost, and it _always_ invokes svnserve -t
instead of whatever command was requested on the command line. This
gives, however, read/write access to the repository.
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834
Reply to: