-   Linux - Server (
-   -   Subversion (SVN) tunnelling through SSH (

nikhil010586 01-23-2009 02:02 AM

Subversion (SVN) tunnelling through SSH

Writing organised code was way too hectic for me before I found ways to use a subversion repository at my workplace. Things have been a bliss since then.
But however, I can use this repository only from my workplace and not from a machine that's outside the office network. Here, we have a live IP on one server that provides Internet Sharing services to the office LAN. The subversion repository is physically located on another machine that's accessible through normal svn://local-IP/<svn-path>.. like URLs within the LAN.

Now I've read in the svnbook that SSH tunnelling is possible and the repository shall be accessible via svn+ssh://... URLs.
The SVN server here is using svnserve with authentication and the live IP has sshd running, thus enabling us to remotely access it via SSH.

Can anybody please provide a quick HOWTO regarding server configurations on both the machines so that the Subversion repository becomes accessible through the internet? This shall facilitate an effective code management and working from home networks.

niknah 01-23-2009 07:29 AM

So the SVN server is on a different machine to the machine with the live IP?

From home, login to the live machine using ssh port forwarding like...
ssh -L 3690:svnserverip:3690 liveip

Change "svnserverip" to the ip address of the svnserver at work, and change "liveip" to whatever you use to login to work from home.

Then from the home machine access the svn server like...

If you're using windows at home you can get "putty" and add the svnserver's details into the tunneling section.

nikhil010586 01-23-2009 08:39 AM

Thanks niknah, that worked like a charm!

Now if I don't want to expose my local svn server for some reasons, or lets say, I want to access my svn server through this live IP by directly specifying the Live IP in SVN URLs. The whole idea behind this stuff is that I want to abstract the SVN server from outer networks. I hope there's a direct tunnelling possible so that I can access my repos through svn+ssh://... URLs. Some configurations need to be performed on the server side for that but I'm not sure of those.

niknah 01-23-2009 09:14 AM

On the live IP machine, you need to setup iptables so you can login to the svn server directly...

iptables -A PREROUTING -p tcp --dport 24 -j DNAT --to-destination svnserverip:22

After this you should be able to run "ssh -p 24 liveip" from home and login to the svn server.

The problem with the svn+ssh:// protocol is that they won't let you set the port number, before using svn you have change the port number by running...
export SVN_SSH="ssh -p 24"

nikhil010586 01-23-2009 11:18 PM

Thanks a lot for all your help..! I'll do it with the normal SSH tunneling!

All times are GMT -5. The time now is 08:43 AM.