Public key authentication for svn over ssh

From FAIWiki
Revision as of 15:40, 11 November 2008 by RyanSteele (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Also demonstrated here is the ability to use the sshpass package to scp an identity file from another server (say, a keyserver). To do this, make sure the nfsroot has the sshpass package installed.

  1. ! /bin/bash
  1. Author: Ryan Steele
  2. Date: 2008-11-11

error=0 ; trap "error=$((error|1))" ERR

set -x

  1. Make sure the .subversion directory exists

mkdir $target/root/.subversion

  1. Add some ssh config options

echo -e "[tunnels]\nssh = \$SVN_SSH ssh -o StrictHostKeyChecking=no -o IdentitiesOnly=yes" -i /root/.ssh/svn_rsa\n" > $target/root/.subversion/config

  1. Grab the identity from the keyserver

sshpass -p 'SECRET' scp -o StrictHostKeyChecking=no keyserver:/path/to/sshkeys/svn_rsa $target/root/.ssh/svn_rsa

  1. Run the checkout. Pass the shell as an argument to ssh-agent so commands run in that shell can contact the agent for authentication.
  2. Per the man pages, "If a commandline is given, this is executed as a subprocess of the agent. When the command dies, so does the agent."

$ROOTCMD bash -c 'ssh-agent bash -c "ssh-add /root/.ssh/svn_rsa; svn co --non-interactive svn+ssh://svnserver/repos;"'

exit $error

Retrieved from "https://wiki.fai-project.org/index.php?title=Public_key_authentication_for_svn_over_ssh&oldid=2820"