Previous Next Tracker index See it online !

(37/185) 87 - svn + ssh agent proxy integrations

The SVN plugin so far has treated me well when I only need anonymous access to servers. However, I have quite a few servers and projects that only accept SSH access, and for those I need to use svn+ssh from the commandline.

I note that the SSH plugin allows for use of ssh keys. Rather than duplicating this functionality in the SVN plugin, is there a possibility of "if SSH plugin is installed, enable SSH style logins"?

Or something that would enable the use of SSH keys for authentication?

Submitted	hunteke - 2008-07-07 22:53:53	Assigned	daleanson
Priority	5	Labels
Status	open	Group
Resolution	None

Comments

2008-07-07 23:13:07 hunteke	Logged In: YES user_id=1271235 Originator: YES Heh, so totally didn't reread that to edit my thought process. :-) Basically, I'm requesting that the SVN plugin get SSH ability, including the ability to use SSH keys.
2008-07-08 02:05:40 daleanson	- assigned_to: nobody --> daleanson
2008-07-08 02:05:40 daleanson	Logged In: YES user_id=187628 Originator: NO Yeah, that's been on my list for the longest. It's not something I ever use, so it hasn't been high priority. I'll see if I can get it moved up the list.
2008-07-08 03:15:55 daleanson	Logged In: YES user_id=187628 Originator: NO Okay, so I mis-read the original request. The SVN Plugin does support svn+ssh, which is the part that is on my list to do but had never checked until tonight. You're asking that SSH keys be supported though, so I'll look into that as well. I'll update the docs, but to use svn+ssh, you have to set it up with an svn+ssh url. Go to the SVN Browser, then use the 'New' button to add a repository location. In the URL field, enter a url like "svn+ssh://hostname/path/to/repository". You'll have to enter a username and password until I figure out how to make it use your SSH key, but other than that, it should work fine.
2008-07-08 03:21:49 daleanson	Logged In: YES user_id=187628 Originator: NO In researching this, I ran across this page: http://svnbook.red-bean.com/en/1.4/svn.serverconfig.choosing.html#svn.serverconfig.choosing.recommendations Which recommends against using svn+ssh. I'm not saying you shouldn't, but they recommend Apache with SSL (https) instead.
2008-07-08 03:44:51 daleanson	Logged In: YES user_id=187628 Originator: NO Here's a way to do it for now. I'll get a GUI dialog set up for this fairly soon. In a new buffer, enter these lines and edit as appropriate: System.setProperty("svnkit.ssh2.key", "/path/to/private/key/file"); System.setProperty("svnkit.ssh2.username", "yourlocalusername"); System.setProperty("svnkit.ssh2.password", "yourlocalpassword"); If necessary, add these lines too: System.setProperty("svnkit.ssh2.passphrase", "optionalPassphrase"); System.setProperty("svnkit.ssh2.port", "optionalPort"); Select all the lines, then go to Utilities/Beanshell/Evaluate Selection. Now use the SVN Browser, add a new repository location with a svn+ssh url. Leave the username and password blank. You'll be able to browse the repository, do a check out, and all the other svn commands. The downside of this work=around is you'll have to do this each time you start jEdit until I get the GUI added to the plugin.
2008-07-08 10:37:25 hunteke	Logged In: YES user_id=1271235 Originator: YES > Which recommends against using svn+ssh Interesting and thanks for finding that. I had not read that particular blurb. And heh. Recommend \heavily\ against it more like it. They're reasoning makes sense, and for future projects that \I\ set up, I'll keep that in mind. Thanks for that. From-the-department of unsolicited advice/suggestions: since at least one person missed that recommendation, and recognizing it really \isn't\ jEdit's job, would a small note be useful when folks choose the svn+ssh:// url via your GUI? Perhaps point to the svnbook or something? Probably not since it's not jEdit's responsibility, but it's a thought, for those admins who also use jEdit. :-) > Here's a way to do it for now. In the mean time, I do have projects for which I'm \not\ the admin and the only access the local administrators allow is through ssh, so I highly appreciate your workaround. Good stuff\!
2008-07-08 22:59:31 daleanson	Logged In: YES user_id=187628 Originator: NO I need a little help with this one. Considering these properties: System.setProperty("svnkit.ssh2.key", "/path/to/private/key/file"); System.setProperty("svnkit.ssh2.username", "yourlocalusername"); System.setProperty("svnkit.ssh2.password", "yourlocalpassword"); System.setProperty("svnkit.ssh2.passphrase", "optionalPassphrase"); System.setProperty("svnkit.ssh2.port", "optionalPort"); I'm thinking that the port would be per project, where the rest are for the local machine. Does it seem reasonable that the plugin should provide text fields for the user to enter password and pass phrase? If not, when would be the right time to request those be entered by the user? I don't see any problem with the key path nor the username, it's the password and pass phrase that cause me some concern. Right now, the plugin does cache username and password (encrypted, of course) for the repositories, so maybe having the plugin cache local password and pass phrase is okay too?
2014-07-19 04:09:06.059000 ezust	Dale asks: "Does it seem reasonable that the plugin should provide text fields for the user to enter password and pass phrase? If not, when would be the right time to request those be entered by the user?" My answer: No. And those workarounds you have where the password is stored plaintext as a property are a bad idea. Please don't do that in any actual plugins. With proper agent integration, you won't need to ask the user for a password or passphrase, because the keys will be provided by the agent that is already running on the system.
2014-07-19 04:11:19.676000 ezust	- summary: svn + ssh agent integrations --> svn + ssh agent proxy integrations