Public key authentication for svn over ssh: Difference between revisions
Jump to navigation
Jump to search
RyanSteele (talk | contribs) No edit summary |
(No difference)
|
Revision as of 15:40, 11 November 2008
Also demonstrated here is the ability to use the sshpass package to scp an identity file from another server (say, a keyserver). To do this, make sure the nfsroot has the sshpass package installed.
- ! /bin/bash
- Author: Ryan Steele
- Date: 2008-11-11
error=0 ; trap "error=$((error|1))" ERR
set -x
- Make sure the .subversion directory exists
mkdir $target/root/.subversion
- Add some ssh config options
echo -e "[tunnels]\nssh = \$SVN_SSH ssh -o StrictHostKeyChecking=no -o IdentitiesOnly=yes" -i /root/.ssh/svn_rsa\n" > $target/root/.subversion/config
- Grab the identity from the keyserver
sshpass -p 'SECRET' scp -o StrictHostKeyChecking=no keyserver:/path/to/sshkeys/svn_rsa $target/root/.ssh/svn_rsa
- Run the checkout. Pass the shell as an argument to ssh-agent so commands run in that shell can contact the agent for authentication.
- Per the man pages, "If a commandline is given, this is executed as a subprocess of the agent. When the command dies, so does the agent."
$ROOTCMD bash -c 'ssh-agent bash -c "ssh-add /root/.ssh/svn_rsa; svn co --non-interactive svn+ssh://svnserver/repos;"'
exit $error