How to configure TortoiseSVN --> SSH Server --> SVN Server
Client: Windows Vista
SSH Server: Linux
SVN Server: FreeBSD
When I use the "Repo Browser" in TortoiseSVN on the client, I am challenged for a username and password (as intended) but it always fails with the following error:
-----
OPTIONS of 'http://localhost/<path to my repo>': authorization failed: Could not authenticate to server: rejected Basic challenge (http://localhost)
-----
Before using TortoiseSVN I make a connection using putty to the SSH Server, which has 3 tunnels set up:
L 80:localhost:80 <ip_address_of_SVN_Server>
L 443:localhost:443 <ip_address_of_SVN_Server>
L 3690:localhost:3690 <ip_address_of_SVN_Server>
I know *something* is working because without the tunnels I can't even see my repo - but with them (providing I give the correct path) I'm at least getting challenged. As you'll see in the question title, my topology is:
TortoiseSVN on Vista (with tunnels to SSH Server) --> SSH Server --> SVN Server
Any help would be appreciated.
Many thanks,
Steve
SSH Server: Linux
SVN Server: FreeBSD
When I use the "Repo Browser" in TortoiseSVN on the client, I am challenged for a username and password (as intended) but it always fails with the following error:
-----
OPTIONS of 'http://localhost/<path to my repo>': authorization failed: Could not authenticate to server: rejected Basic challenge (http://localhost)
-----
Before using TortoiseSVN I make a connection using putty to the SSH Server, which has 3 tunnels set up:
L 80:localhost:80 <ip_address_of_SVN_Server>
L 443:localhost:443 <ip_address_of_SVN_Server>
L 3690:localhost:3690 <ip_address_of_SVN_Server>
I know *something* is working because without the tunnels I can't even see my repo - but with them (providing I give the correct path) I'm at least getting challenged. As you'll see in the question title, my topology is:
TortoiseSVN on Vista (with tunnels to SSH Server) --> SSH Server --> SVN Server
Any help would be appreciated.
Many thanks,
Steve
ASKER
Do I keep my existing tunnel setings because the SVN Server isn't directly visible from the outside word, hence the need to the SSH Server in the middle.
Steve :)
Steve :)
Also, to shead a little more light on what may be happening with you current config:
Can you access SVN via HTTP on the other side of the SSH server? by accessing the SVN server directly via HTTP?
"TortoiseSVN on Vista (with tunnels to SSH Server) --> SSH Server --> SVN Server"
from this network? ----^
Maybe the SVN server is not set up to server SVN content via HTTP. Maybe the HTTP server on the SVN server machine is not implementing Basic Auth. Are you using Apache on the FreeBSD box? Is Basic auth set up for that host?
I still think that direct ssh access to the SVN server seems the way to go, but is not, tell me a little more about the FreeBSD box's HTTP server (the box hosting the SVN server).
Can you access SVN via HTTP on the other side of the SSH server? by accessing the SVN server directly via HTTP?
"TortoiseSVN on Vista (with tunnels to SSH Server) --> SSH Server --> SVN Server"
from this network? ----^
Maybe the SVN server is not set up to server SVN content via HTTP. Maybe the HTTP server on the SVN server machine is not implementing Basic Auth. Are you using Apache on the FreeBSD box? Is Basic auth set up for that host?
I still think that direct ssh access to the SVN server seems the way to go, but is not, tell me a little more about the FreeBSD box's HTTP server (the box hosting the SVN server).
No, you would need to ssh directly to the FreeBSD box.
You could try this (assuming that SSH is running on the FreeBSD box adnd that you have an account there):
L 2222:<ip_address_of_SVN_Se
svn+ssh://<SSH_username_on
You could try this (assuming that SSH is running on the FreeBSD box adnd that you have an account there):
L 2222:<ip_address_of_SVN_Se
svn+ssh://<SSH_username_on
Looking at your tunnels again, it seems that they were set up wrong. You have:
L 80:localhost:80 <ip_address_of_SVN_Server>
L 443:localhost:443 <ip_address_of_SVN_Server>
L 3690:localhost:3690 <ip_address_of_SVN_Server>
But shouldn't it be:
L 80:<ip_address_of_SVN_Serv
L 443:<ip_address_of_SVN_Ser
L 3690:<ip_address_of_SVN_Se
L 80:localhost:80 <ip_address_of_SVN_Server>
L 443:localhost:443 <ip_address_of_SVN_Server>
L 3690:localhost:3690 <ip_address_of_SVN_Server>
But shouldn't it be:
L 80:<ip_address_of_SVN_Serv
L 443:<ip_address_of_SVN_Ser
L 3690:<ip_address_of_SVN_Se
ASKER
Yes, I normally use HTTP access to the SVN Server from the internal network.
I am running Apache on the FreeBSD box, and the SVN stuff is part of a 'trac' installation. Authentication is handled like this (some information omitted):
Is there any kind of reverse tunnelling that I need to set up on the SSH server?
Cheers,
Steve :)
I am running Apache on the FreeBSD box, and the SVN stuff is part of a 'trac' installation. Authentication is handled like this (some information omitted):
<Location /trac>
etc...
AuthLDAPBindDN "cn=..."
Require ldap-group cn=TracUsers,ou=Groups,dc=
</Location>
As I said, it all works from the internal network (containing SSH and SVN servers).etc...
AuthLDAPBindDN "cn=..."
Require ldap-group cn=TracUsers,ou=Groups,dc=
</Location>
Is there any kind of reverse tunnelling that I need to set up on the SSH server?
Cheers,
Steve :)
ASKER
Ah, my tunnels... I just listed them like that to show you my putty config. To put in English, I was trying to create a tunnel from my client PC to the SVN server as I only have port 22 to work with on the SSH server.
Steve :)
Steve :)
Is there any kind of reverse tunnelling that I need to set up on the SSH server?
No.
I noticed that you are forwarding 443. Are you using HTTPS? If so, that is going to cause trouble trying to tunnel with HTTPS since the ip/domain names won't match....you might have to just drop the SSL on the HTTP and fall back to SSH only for encryption.
No.
I noticed that you are forwarding 443. Are you using HTTPS? If so, that is going to cause trouble trying to tunnel with HTTPS since the ip/domain names won't match....you might have to just drop the SSL on the HTTP and fall back to SSH only for encryption.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
So the repo URL would be:
svn+ssh://<username>@<ip_a
the port can be omitted if it is the SSH default (port 22).