depthq - ccm|mac

I am using A Small Orange to host some of my stuff and I wanted to setup Subversion (SVN) to work there. It was pretty simple since this hosting company supports SVN through svnserve. How cool is that?

But the problem that I encountered with this is that I wanted to support more than one user. In the beginning I was thinking that I needed to share the single username and password with everyone that is working on the same SVN repository (or share a single private key). Oh the security implications that would bring!

But I soon realised that with svnserve and some SSH config tricks I can support multiple users on the repository. And the good thing is that I don't have to mange these damn passwords. I always preferred password-less setups with key pairs (many thanks to all the work done by people to make PKI possible).
And another good advantage is that you can restrict the user that is logging through SSH to only have access to some specific directory.

I found the details for this here (I think the A Small Orange community is really helpful). The only thing to look out for is that in Ubuntu 8.10 when you run the following command:

ssh-keygen -t dsa -f dev-dsa -P '' -C developer001

The password is not actually empty, it would be better to drop the -P and then enter an empty password in the input, instead of entering empty string at the command line. The same command worked fine in my Mac OSX 10.5.6.

And finally the new URL to access the repository is slightly different, it will be relative to the virtual directory that you point each user in your authorized_keys file to.

I actually use git svn quite a lot these days and I haven't really tested this with my git svn setup because the URL to the path of the SVN repository has changed and I am not sure what implications it would have on the git svn repository that is still referring to the old URL. I am keeping the old and new style for now until I figure things out.

I just wanted to share that although hosting a SVN repo behind Apache is probably one of the most popular ways to deploy Subversion repositories but I think this method has some distinct advantages and its quite flexible if you want finer grain control of security options, permissions and access controls.

Hope this hint help others out there and if anyone has done some work with git svn and changing of svn remote URLs, then it would be nice to hear from you.