Testing SSH with TortoiseSVN

So far we have only tested that you can login using SSH. Now we need to make sure that the SSH connection can actually run svnserve. On the server modify /home/svnuser/.ssh/authorized_keys as follows to allow many subversion authors to use the same system account, svnuser. Note that every subversion author uses the same login but a different authentication key, thus you have to add one line for every author.

Note: This is all on one very long line.

command="svnserve -t -r <ReposRootPath> --tunnel-user=<author>",
            no-port-forwarding,no-agent-forwarding,no-X11-forwarding,
            no-pty ssh-rsa <PublicKey> <Comment>

There are several values that you need to set according to your setup.

<ReposRootPath> should be replaced with the path to the directory containing your repositories. This avoids the need to specify full server paths within URLs. Note that you must use forward slashes even on a Windows server, e.g. c:/svn/reposroot. In the examples below we assume that you have a repository folder within the repository root called repos.

<author> should be replaced with the svn author that you want to be stored on commit. This also allows svnserve to use its own access rights within svnserve.conf.

<PublicKey> should be replaced with the public key that you generated earlier.

<Comment> can be any comment you like, but it is useful for mapping an svn author name to the person's real name.

Right click on any folder in Windows Explorer and select TortoiseSVNRepo-Browser. You will be prompted to enter a URL, so enter one in this form:

svn+ssh://svnuser@SvnConnection/repos

What does this URL mean? The Schema name is svn+ssh which tells TortoiseSVN how to handle the requests to the server. After the double slash, you specify the user to connect to the server, in our case svnuser. After the @ we supply our PuTTY session name. This session name contains all details like where to find the private key and the server's IP or DNS. Lastly we have to provide the path to the repository, relative to the repository root on the server, as specified in the authorized_keys file.

Click on OK and you should be able to browse the repository content. If so you now have a running SSH tunnel in conjunction with TortoiseSVN.

Note that by default TortoiseSVN uses its own version of Plink to connect. This avoids a console window popping up for every authentication attempt, but it also means that there is nowhere for error messages to appear. If you receive the error “Unable to write to standard output”, you can try specifying Plink as the client in TortoiseSVN's network settings. This will allow you to see the real error message generated by Plink.