subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sampson, Barry" <barry.samp...@teejet.com>
Subject RE: svnsync via svn+ssh w/key authentication: password prompt
Date Tue, 02 Sep 2014 14:49:10 GMT
Thank you for the advice on the hooks, it will be helpful.

At this point, I’m trying to get it working from a command line first, and I’m not using
ssh agent.  I am using a keyfile without a passphrase.  What is a little confusing is that
my attempts work with ‘svn’ commands (I don’t have to enter a password), but not ‘svnsync’
commands (I DO have to enter a password).

Using ‘svn+ssh’, do both commands establish a tunnel, and start an instance of svnserve?

From: Andreas Stieger [mailto:andreas.stieger@gmx.de]
Sent: Friday, August 29, 2014 12:20 PM
To: Sampson, Barry
Cc: users@subversion.apache.org
Subject: Re: svnsync via svn+ssh w/key authentication: password prompt



On 29 Aug 2014, at 17:22, "Sampson, Barry" <barry.sampson@teejet.com<mailto:barry.sampson@teejet.com>>
wrote:
I am attempting to use svnsync over a SSH tunnel, which works, but always prompts for a password.
 I already setup ssh key authentication, which does work fine when performing svn commands.

I can establish a SSH tunnel with keys like this – no password prompts:
ssh servername

Using svn, I can do this without being prompted for a password:
svn list svn+ssh://servername/path/to/repos

However, this does prompt for a password:
svnsync sync svn+ssh://servername/path/to/repos

And just for good measure, this does the same thing:
svnsync sync svn+ssh://username@servername/path/to/repos

Any ideas of what I can do here to eliminate the password prompt?  My goal is to automate
a ‘push’ synchronization via hooks scripts.

Hooks execute in a mostly empty environment so your ssh client will not have access to the
ssh agent.

Add a wrapper to compensate, e.g. Specify a passphrase less key file (-i) or configure hook
environment via conf/hooks-env (from 1.8) to find the ssh agent. As it's pid/socket will change
that is a moving target.

You should it run --non-interactive in either case.

Andreas
Mime
View raw message