Public key authentication for svn over ssh

From FAIWiki
Jump to navigation Jump to search

Also demonstrated here is the ability to use the sshpass package to scp an identity file from another server (say, a keyserver). To do this, make sure the nfsroot has the sshpass package installed. 

#! /bin/bash

# Author: Ryan Steele
#   Date: 2008-11-11

error=0 ; trap "error=$((error|1))" ERR

set -x

# Make sure the .subversion directory exists
mkdir $target/root/.subversion

# Add some ssh config options
echo -e "[tunnels]\nssh = \$SVN_SSH ssh -o StrictHostKeyChecking=no -o IdentitiesOnly=yes" -i /root/.ssh/svn_rsa\n" > $target/root/.subversion/config

# Grab the identity from the keyserver
sshpass -p 'SECRET' scp -o StrictHostKeyChecking=no keyserver:/path/to/sshkeys/svn_rsa $target/root/.ssh/svn_rsa

# Run the checkout.  Pass the shell as an argument to ssh-agent so commands run in that shell can contact the agent for authentication.
# Per the man pages, "If a commandline is given, this is executed as a subprocess of the agent.  When the command dies, so does the agent."
$ROOTCMD bash -c 'ssh-agent bash -c "ssh-add /root/.ssh/svn_rsa; svn co --non-interactive svn+ssh://svnserver/repos;"'

exit $error
Retrieved from "https://wiki.fai-project.org/index.php?title=Public_key_authentication_for_svn_over_ssh&oldid=2998"