Public key authentication for svn over ssh
Also demonstrated here is the ability to use the sshpass package to scp an identity file from another server (say, a keyserver). To do this, make sure the nfsroot has the sshpass package installed.
#! /bin/bash # Author: Ryan Steele # Date: 2008-11-11 error=0 ; trap "error=$((error|1))" ERR set -x # Make sure the .subversion directory exists mkdir $target/root/.subversion # Add some ssh config options echo -e "[tunnels]\nssh = \$SVN_SSH ssh -o StrictHostKeyChecking=no -o IdentitiesOnly=yes" -i /root/.ssh/svn_rsa\n" > $target/root/.subversion/config # Grab the identity from the keyserver sshpass -p 'SECRET' scp -o StrictHostKeyChecking=no keyserver:/path/to/sshkeys/svn_rsa $target/root/.ssh/svn_rsa # Run the checkout. Pass the shell as an argument to ssh-agent so commands run in that shell can contact the agent for authentication. # Per the man pages, "If a commandline is given, this is executed as a subprocess of the agent. When the command dies, so does the agent." $ROOTCMD bash -c 'ssh-agent bash -c "ssh-add /root/.ssh/svn_rsa; svn co --non-interactive svn+ssh://svnserver/repos;"' exit $error