On Wed, 30 Nov 2005 15:31:34 +0100, Frank Küster <[EMAIL PROTECTED]> wrote: >Yann Dirson <[EMAIL PROTECTED]> wrote: >> Frank wrote: >>> - how to authenticate the transfer, since the svn repository and the >>> webspace is on different machines. >> >> https or svn+ssh to access the repo should provide the level of >> authentication you need, or do I miss something ? > >With svn+ssh, I'd need a key without a password that allows logging into >the SVN server machine; I'd prefer not to have that.
You could restrict that key to be valid only from the IP address belonging to the client box, and it should be possible to restrict the key only to invoke a read-only svn server. I didn't try that with svn, though. For example, |from="127.0.0.1",command="svnserve -t" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu0DKRi2tHpQcpFLuBqLvS/LbOnBTMlkprHuJSQeglX/LW1 in an authorized_keys file allows the key to only be used if the connection comes from localhost, and it _always_ invokes svnserve -t instead of whatever command was requested on the command line. This gives, however, read/write access to the repository. Greetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834