How to make an encrypted svnsynced repository
Hi, At the moment, my SVN repository is snvsynced to a server in another location. I would like to make this remote repository encrypted on the file level, so that even somebody who has physically access to this server, cannot read the contents of the files. I have searched in the svn manual, with Google and in the past couple of months posts I have of this mailing list, but I could find no reference. Does that mean that there is no way to design a solution to this requirement? --- Ton Boelens 's-Hertogenbosch, The Netherlands TonsofTime, enjoy the Now http://tonsoftime.com
Re: How to make an encrypted svnsynced repository
On Fri, Jan 15, 2010 at 16:23, Ton Boelens wrote: > Hi, > > At the moment, my SVN repository is snvsynced to a server in another > location. I would like to make this remote repository encrypted on the > file level, so that even somebody who has physically access to this > server, cannot read the contents of the files. > > I have searched in the svn manual, with Google and in the past couple > of months posts I have of this mailing list, but I could find no > reference. > > Does that mean that there is no way to design a solution to this > requirement? Wouldn't disk/file-level encryption be a task for the OS? IOW, encrypt/decrypt the data as it's written to/read from disk, regardless of whether it's a repository or not?
Re: How to make an encrypted svnsynced repository
On 2010-01-15 22:23, Ton Boelens wrote: > Hi, > > At the moment, my SVN repository is snvsynced to a server in another > location. I would like to make this remote repository encrypted on the > file level, so that even somebody who has physically access to this > server, cannot read the contents of the files. > > I have searched in the svn manual, with Google and in the past couple > of months posts I have of this mailing list, but I could find no > reference. > > Does that mean that there is no way to design a solution to this > requirement? I don't think this is built into subversion. I've asked about a similar feature in the past and not gotten anywhere. It would be pretty slick to have a "repository session key" that is pgp-encrypted for the committers/reviewers of the repository that all files (and network traffic) is encrypted with. If the svn clients managed it all well, it could be pretty seamless. A new committer would be added to the repository session key, and revoking a committer would require generating a new key and encrypting new revisions with it. It would be a great feature because you could distribute a secure repository onto a public subversion server and only send private data to and from it. -- alec.kl...@oracle.com Oracle Middleware PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x432B9956 pgpwtHRj5tcGa.pgp Description: PGP signature
Re: How to make an encrypted svnsynced repository
On Fri, Jan 15, 2010 at 03:37:19PM -0600, Alec Kloss wrote: > On 2010-01-15 22:23, Ton Boelens wrote: > > Hi, > > At the moment, my SVN repository is snvsynced to a server in another > > location. I would like to make this remote repository encrypted on the > > file level, so that even somebody who has physically access to this > > server, cannot read the contents of the files. > > I have searched in the svn manual, with Google and in the past couple > > of months posts I have of this mailing list, but I could find no > > reference. > > Does that mean that there is no way to design a solution to this > > requirement? > I don't think this is built into subversion. I've asked about a > similar feature in the past and not gotten anywhere. It would be > pretty slick to have a "repository session key" that is > pgp-encrypted for the committers/reviewers of the repository that > all files (and network traffic) is encrypted with. If the svn > clients managed it all well, it could be pretty seamless. A new > committer would be added to the repository session key, and > revoking a committer would require generating a new key and > encrypting new revisions with it. It would be a great feature > because you could distribute a secure repository onto a public > subversion server and only send private data to and from it. I agree, that would be great functionality. However, I would like to have the encrypted remote copy this winter :-) Ton
Re: How to make an encrypted svnsynced repository
On Fri, Jan 15, 2010 at 04:35:08PM -0500, Andy Levy wrote: > On Fri, Jan 15, 2010 at 16:23, Ton Boelens wrote: > > Hi, > > At the moment, my SVN repository is snvsynced to a server in > > another location. I would like to make this remote repository > > encrypted on the file level, so that even somebody who has > > physically access to this server, cannot read the contents of the > > files. > > I have searched in the svn manual, with Google and in the past > > couple of months posts I have of this mailing list, but I could > > find no reference. > > Does that mean that there is no way to design a solution to this > > requirement? > Wouldn't disk/file-level encryption be a task for the OS? IOW, > encrypt/decrypt the data as it's written to/read from disk, > regardless of whether it's a repository or not? Andy, If you have physical access to a server that contains the encrypted disk and the encryption key as well, you can still use the key to open the disk. How could I solve that? What we are thinking about is something like this (it's a snippit of a larger script): /usr/bin/openssl enc -d -aes-256-cbc -in $1 -out "$BESTAND" -pass file:$PAD/$KEY This command will create a local copy of the repository, which will then be rsynced to the remote server*. I wonder if when I execute this command to the files of a SVN repository and direct the output to another directory, if the new directory, when restored (decrypted again) would still be a good useable repo. I guess we have to do some testing. Has anybody tried something like this? *(this sync would function only as some kind of last resort backup) Thank you for your reply! --- Ton Boelens 's-Hertogenbosch, The Netherlands
Re: How to make an encrypted svnsynced repository
On 2010-01-16 08:06, Ton Boelens wrote: [chop] > > > I don't think this is built into subversion. I've asked about a > > similar feature in the past and not gotten anywhere. It would be > > pretty slick to have a "repository session key" that is > > pgp-encrypted for the committers/reviewers of the repository that > > all files (and network traffic) is encrypted with. If the svn > > clients managed it all well, it could be pretty seamless. A new > > committer would be added to the repository session key, and > > revoking a committer would require generating a new key and > > encrypting new revisions with it. It would be a great feature > > because you could distribute a secure repository onto a public > > subversion server and only send private data to and from it. > > I agree, that would be great functionality. However, I would like to > have the encrypted remote copy this winter :-) > What about using exposing a device on the server with iscsi and then running OS encryption on the clients on top of that device? The remote repository would be "live" for use but only for clients that have the encryption key for the filesystem. -- alec.kl...@oracle.com Oracle Middleware PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x432B9956