All the Perl that's Practical to Extract and Report
use Perl Log In
grantm (164)
(email not shown publicly)
http://www.mclean.net.nz/
Just a simple [cpan.org] guy, hacking Perl for fun and profit since way back in the last millenium. You may find me hanging around in the monestary [perlmonks.org].
What am I working on right now? Probably the Sprog project [sourceforge.net].
GnuPG key Fingerprint:
6CA8 2022 5006 70E9 2D66
AE3F 1AF1 A20A 4CC0 0851
SVN SSH Multi-hop Tunnelling
I needed to access a Subversion repository on a server at work from home. All access to the repository is via SSH+svnserve - which is good because there are no Apache setup hassles and no extra authentication layer.
Unfortunately the SSH route from outside in involves landing on a bastion host in the DMZ and then logging on to a dual-homed proxy server and finally connecting to the server which hosts subversion. It's all passwordless since logins to the intermediate hosts are only possible if keys have been installed by the sysadmins. I have a shell alias that gets me onto the subversion server with agent forwarding as follows:
ssh -A bastion.example.com ssh -A proxy ssh svnserver
I thought it was going to be tricky to get subversion to work with a multihop SSH path and Google didn't seem to turn up anything particularly helpful. However, once I'd read the fine manual, it was not hard at all.
Step 1: Edit $HOME/.subversion/config, find the [tunnels] section and add a line like this:
workssh =
/usr/bin/ssh -A bastion.example.com ssh -A proxy ssh svnserver
Step 2: Check out a working copy:
svn co svn+workssh:///path/to/svnrepos/proj/trunk proj
Done.
an endless discussion thread about what features to include.
-- Jarkko Hietaniemi
SVN SSH Multi-hop Tunnelling 0 Comments More | Login | Reply /