svn://访问方式(svnserve -d -r /opt/svnrepos)
ssh配置(假设用户为svn:svnusers)
chmod 700 /home/svn/.ssh
chmod 600 /home/svn/.ssh/authorized_keys
chown svn:svnusers /home/svn/.ssh/authorized_keys
为了给用户尽可能少的访问权限,可以在command命令之后指定一些限制选项
no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty
公钥最综应该是这样:
command="svnserve -t --tunnel-user=xxxx",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa KEY
--tunnel-user后面的用户即为subversion authz.conf里配置的用户名
仓库设置
chown -R root:svnusers /opt/svnrepos
chmod -R 775 /opt/svnrepos
svn+ssh连接
[HowTo]Debian lenny安装subversion并以svn+ssh协议访问(一)
MAG (2009年3月30日 12:23) | 暂无评论
环境:服务器为Debian5.0(lenny),客户端为Windows TortoiseSVN。
目的:在服务器debian上安装subversion,并配置ssh,让客户端能以svn+ssh协议访问,并对repository进行权限控制。
相关网址:
Debian:
TortoiseSVN:
PuTTY和PuTTYgen:
一、服务器端操作(以root身份执行)
1、安装ssh server和subversion
view sourceprint?1.apt-get update
2.apt-get install openssh-server
3.apt-get install subversion
2、建立svn用户,此用户为ssh登录帐号,再建立用户主目录并设置权限
view sourceprint?1.useradd svn
2.mkdir /home/svn
3.chown -R svn:svn /home/svn
3、建立 subversion repository
view sourceprint?1.mkdir /var/svn-repos
2.svnadmin craete /var/svn-repos/test
3.chown -R svn:svn /var/svn-repos/test
4、为svnuser建立SSH公钥和私钥,svnuser就是你以后用来操作的svn用户,注意它并不是debian系统用户
view sourceprint?1.ssh-keygen -t rsa -b 1024 -f svnuser.key
建议根据提示输入密码,此时在当前目录下会生成二个文件,svnuser.key私钥和svnuser.key.pub公钥
view sourceprint?1.mkdir /home/svn/.ssh
2.cat svnuser.key.pub >> /home/svn/.ssh/authorized_keys
3.chown -R svn:svn /home/svn/.ssh
编辑 authorized_keys 文件,在相应公钥内容的开头处加入:
view sourceprint?1.command="/usr/bin/svnserve -t -r /var/svn-repos/ --tunnel-user=svnuser",no-port-forwarding,no-pty,no-agent-forwarding,no-X11-forwarding
注意上述内容和原来公钥的内容应该在同一行中
5、修改repository配置,并启用authz权限控制
view sourceprint?1.nano /var/svn-repos/test/conf/svnserve.conf
在general小节中,加入三行内容
view sourceprint?1.anon-access = none
2.auth-access = write
3.authz-db = /var/svn-repos/svn.authz
配置authz文件
view sourceprint?1.nano /var/svn-repos/svn.authz
增加二行内容
view sourceprint?1.[test:/]
2.svnuser = rw
好了,服务器端就这样配置好了。
关于如何在windows客户端用TortoiseSVN以svn+ssh协议访问,下一节中继续......
tortoiseplink.exe -l svn -i xxx.ppk
关于svnserve -d和-t
-d打开3690端口,允许svn://连接,为了允许访问subversion专门启动一个服务
-t隧道模式,允许通过隧道直接与subversion交互,我们这里利用的隧道就是ssh
I.Linux RedHat 9
1.卸载原版本
# rpm -ev subversion-0.17.1-4503.0
2.安装包
# rpm -ivh --nodeps apr-0.9.5-0.2.i386.rpm
# rpm -ivh --nodeps apr-util-0.9.5-0.1.i386.rpm
# rpm -ivh --nodeps neon-0.24.7-1.i386.rpm
# rpm -ivh --nodeps subversion-1.2.3-1.rh90.i386.rpm
3.建立用户svn,创建repostory
$ svnadmin create /home/svn/svnroot
4.启动SVN服务
$ svnserve -d -r /home/svn/svnroot
II.用户访问
1.修改repostory目录下的conf/svnserve.conf,改为
[general]
anon-access = none # 不允许匿名登录
auth-access = write # 可以用户读写
password-db = passwd
2.修改文件passwd,增加用户,如
[users]
luke = luke
III.svn+ssh访问
1.安装OpenSSH。RedHat9已经缺省安装。
2.用svn用户登录,生成密钥对。
$ ssh-keygen -b 1024 -t dsa -N passphrase -f mykey #其中passphrase为密钥关键字,必须修改;mykey为文件名。
这时生成两个文件mykey和mykey.pub。
3.$ cd /home/svn
$ mkdir .ssh
$ cp mykey.pub /home/svn/.ssh/authorized_keys #拷贝公钥到.ssh/authorized_keys,文件名必须是authorized_keys
4.启动svn+ssh服务
$ svnserve -t -r ~/svnroot & #似乎不需要执行???
5.Windows客户端下载putty,下载这几个执行文件"Putty", "Plink", "Pageant" and "Puttygen"
网址:
下载到E:\Program Files\putty
6.转换私钥格式
1) 将mykey拷贝到windows客户端,双击运行puttygen。
2) 选择菜单conversions->Import Key,选择文件mykey。
点击按钮Save private key,保存文件名为mykey.PPK。
7.在putty里创建session,如下
Session->Host Name: IP地址
Session->Protocol: SSH
Session->Saved Sessions: MyConnection
SSH->Prefered SSH Protocol version: 2
SSH->Auth->Private Key file for auth: E:\Program Files\putty\mykey.ppk,可以替换为实际目录。
测试MyConnection连接是否成功。
8.TortoiseSVN中测试SSH
1) 鼠标右键选择TortoiseSVN->RepoBrowser
2) 输入URL
svn+ssh://svn@MyConnection/home/svn/svnroot
3) 会提示输入密码两次,每进入一个目录都需要输入两次密码。
9.方法二。自动登录用户名
putty的MyConnection设置里connection->Data->Auto Login username: svn
svn+ssh://MyConnection/home/svn/svnroot
10.方法三。不使用putty的session。
1) 设置TortoiseSVN->Settings->Network->SSH client: E:\Program Files\TortoiseSVN\bin\TortoisePlink.exe
2) 运行pageant,点击右键->Add Key,将私钥文件加入。
3) svn+ssh://svn@192.168.0.159/home/svn/svnroot
本文来自[Svn中文网]转发请保留本站地址:
Re: Temporary failure in name resolution
This message: [ Message body ] [ More options ]
Related messages: [ Next message ] [ Previous message ] [ In reply to ]
From: Ryan Schmidt
Date: 2006-08-08 13:41:58 CEST
On Aug 8, 2006, at 07:36, Indraveni wrote:
> I am accessing subversion using svn+ssh server. It was working
> fine. But suddenly once it started displaying an error message
> saying Temporary failure of name resolution as follows. Can any one
> please tell me what is the may be the problem..
>
> root_at_localhost[root]#svn co svn+ssh://indraveni@192.168.31.65:8081/
> subversion/BOSS/Documents/
> ssh: 192.168.31.8081: Temporary failure in name resolution
> svn: Connection closed unexpectedly
Curious: you typed "192.168.31.65:8081" and it tried to access
"192.168.31.8081"? What version of Subversion and what OS is the
client running on?
You really have an SSH server running on port 8081? That sounds like
a port you'd be more likely to use for an HTTP server. If you're
serving by HTTP, you need to use that protocol:
Or try rather specifying the username with the --username switch, not
in the URL:
svn co --username indraveni svn+ssh://192.168.31.65:8081/subversion/
BOSS/Documents/
svn co --username indraveni
Documents/
---------------------------------------------------------------------
To unsubscribe, e-mail:
