This bug report seems to have originated out of the d-devel discussion quoted below.
Andrew V. http://lists.debian.org/debian-devel/2005/11/msg01790.html ---------- Forwarded Message ---------- Subject: Re: How to automatically update files on alioth from svn Date: Thu, 1 Dec 2005 02:13 From: Marc Haber <[EMAIL PROTECTED]> To: debian-devel@lists.debian.org On Wed, 30 Nov 2005 15:31:34 +0100, Frank Küster <[EMAIL PROTECTED]> wrote: >Yann Dirson <[EMAIL PROTECTED]> wrote: >> Frank wrote: >>> - how to authenticate the transfer, since the svn repository and the >>> webspace is on different machines. >> >> https or svn+ssh to access the repo should provide the level of >> authentication you need, or do I miss something ? > >With svn+ssh, I'd need a key without a password that allows logging into >the SVN server machine; I'd prefer not to have that. You could restrict that key to be valid only from the IP address belonging to the client box, and it should be possible to restrict the key only to invoke a read-only svn server. I didn't try that with svn, though. For example, |from="127.0.0.1",command="svnserve -t" ssh-rsa | AAAAB3NzaC1yc2EAAAABIwAAAQEAu0DKRi2tHpQcpFLuBqLvS/LbOnBTMlkprHuJSQeglX/LW1 in an authorized_keys file allows the key to only be used if the connection comes from localhost, and it _always_ invokes svnserve -t instead of whatever command was requested on the command line. This gives, however, read/write access to the repository. Greetings Marc