LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   How to set up subversion with gnome-keyring to store encrypted svn passwords (http://www.linuxquestions.org/questions/linux-server-73/how-to-set-up-subversion-with-gnome-keyring-to-store-encrypted-svn-passwords-857437/)

kenneho 01-20-2011 02:04 AM

How to set up subversion with gnome-keyring to store encrypted svn passwords
 
Hi all,


I'd like to store my subversion client password encrypted, and thought
I'd store the password in a gnome keyring.

From my understanding, the subversion client shipped by Collabnet
(http://www.open.collab.net/downloads/subversion/) is compiled with
Gnome Keyring support, so I'm using that svn client. In
/root/.subversion/config (I'm running as root at the moment) file,
I've added "password-stores = gnome-keyring" under the auth section.

Since I'm logging into the server using SSH, the gnome keyring daemon
is not started by default, so I'm starting it manually (" export
`gnome-keyring-daemon` "). I issued "/opt/CollabNet_Subversion/bin/svn
co --username someuser http://svn-server.example.com/path/to/repo
working-copy" expecting to be promted for the some default keyring
password, but was not. I could not find any files under
/root/.gnome2/keyrings, so I figured I'd create a keyring manually
(isn't there supposed to be a keyring set up by default?). I started
the gnome-keyring-manager (after enabling X forwarding), created a
keyring, and tried the svn checkout command again, but still no luck.

This is more or less where I'm at now. I'm quite new with keyrings, so
I'm probably doing something wrong. I've failed to come across good
tutorials on the net explaining how to get this kind of setup going on
RHEL. So have anyone here got this working, and would like to outline
the steps needed to get there? I'm not sure if the problem is to get
the keyring working properly, or if the problem is on the svn client
side, so advice on how to debug this will be greatly appreciated.

Best regards,
kenneho


PS. I posted this issue on a Red Hat mailing list, but since I didn't get any replies I'm re-posting it here.

Noway2 01-21-2011 07:05 PM

From what I can see (googling for how to use SVN with the keyring, it looks like the answer for a lot of people is the export
`gnome-keyring-daemon` like you said you are doing. One thing I can think of to double check is to see if the keyring application is listening. On my system, I confirmed that it is by using netstat -ap | grep keyring and saw that it is listening on several high numbered UNIX Stream ports.

As far as being compiled with keyring support, I am seeing posts that go both ways on this and unfortunately, I didn't see anything spelled out in the documentation on Collab.net's page. The next thing you might want to try is downloading the application from source and building it yourself. I would suggest downloading the RPM source rather than the generic source as it should be configured for your distrobution and then either verifying the gnome-keyring option or just enable it during the ./configure stage.

I am sorry that I don't have better suggestions to offer you for getting it to work, but to be honest I never even realized this was an option. One last thing I can think of to try is to see if there is another application or a 'test' you can perform to see if the gnome keyring authentication works in general.

kenneho 02-03-2011 02:51 AM

Thanks for the reply.

I got it working, and documented the approach on my website. Take a look at the post i wrote if you're interested in the details.

- kenneho

Noway2 02-03-2011 05:02 AM

That is a good write up. Thank you for sharing. Out of curiosity, what was the missing piece? According to your post it looks like creating a keyring specifically for SVN may have been the breakthrough.

kenneho 02-11-2011 04:51 AM

Quote:

Originally Posted by Noway2 (Post 4246868)
That is a good write up. Thank you for sharing. Out of curiosity, what was the missing piece? According to your post it looks like creating a keyring specifically for SVN may have been the breakthrough.

Thanks for the compliment. :) Regarding the breakthrough, I think it was twofold: First, it helped creating a separate keyring, Second, the svn <-> keyring integrating seems a bit buggy, since it doesn't always seem to work properly (but I haven't had the time to play around with enough to decide if it's me or the software who causes the bug) :)


All times are GMT -5. The time now is 10:53 AM.