[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How to configure TortoiseSVN --> SSH Server --> SVN Server

Posted on 2009-04-20
9
Medium Priority
?
9,167 Views
Last Modified: 2013-11-25
Client: Windows Vista
SSH Server: Linux
SVN Server: FreeBSD

When I use the "Repo Browser" in TortoiseSVN on the client, I am challenged for a username and password (as intended) but it always fails with the following error:

-----
OPTIONS of 'http://localhost/<path to my repo>': authorization failed: Could not authenticate to server: rejected Basic challenge (http://localhost)
-----

Before using TortoiseSVN I make a connection using putty to the SSH Server, which has 3 tunnels set up:

L 80:localhost:80 <ip_address_of_SVN_Server>
L 443:localhost:443 <ip_address_of_SVN_Server>
L 3690:localhost:3690 <ip_address_of_SVN_Server>

I know *something* is working because without the tunnels I can't even see my repo - but with them (providing I give the correct path) I'm at least getting challenged.  As you'll see in the question title, my topology is:

TortoiseSVN on Vista (with tunnels to SSH Server) --> SSH Server --> SVN Server

Any help would be appreciated.

Many thanks,
Steve
0
Comment
Question by:sda100
  • 5
  • 4
9 Comments
 
LVL 6

Expert Comment

by:karlwilbur
ID: 24190416
Rather than use the "http" protocol try "svn+ssh"

So the repo URL would be:

svn+ssh://<username>@<ip_address_of_SVN_Server>:<ssh_port>/<path_to_repo>/


the port can be omitted if it is the SSH default (port 22).
0
 
LVL 9

Author Comment

by:sda100
ID: 24190420
Do I keep my existing tunnel setings because the SVN Server isn't directly visible from the outside word, hence the need to the SSH Server in the middle.

Steve :)
0
 
LVL 6

Expert Comment

by:karlwilbur
ID: 24190448
Also, to shead a little more light on what may be happening with you current config:

Can you access SVN via HTTP on the other side of the SSH server? by accessing the SVN server directly via HTTP?

"TortoiseSVN on Vista (with tunnels to SSH Server) --> SSH Server --> SVN Server"
                                                                      from this network?    ----^

Maybe the SVN server is not set up to server SVN content via HTTP. Maybe the HTTP server on the SVN server machine is not implementing Basic Auth. Are you using Apache on the FreeBSD box?  Is Basic auth set up for that host?

I still think that direct ssh access to the SVN server seems the way to go, but is not, tell me a little more about the FreeBSD box's HTTP server (the box hosting the SVN server).
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 6

Expert Comment

by:karlwilbur
ID: 24190457
No, you would need to ssh directly to the FreeBSD box.

You could try this (assuming that SSH is running on the FreeBSD box adnd that you have an account there):
L 2222:<ip_address_of_SVN_Server>:22 <ip_address_of_SSH_Server>

svn+ssh://<SSH_username_on_SVN_server>@localhost:2222/<path_to_repo>/
0
 
LVL 6

Expert Comment

by:karlwilbur
ID: 24190465
Looking at your tunnels again, it seems that they were set up wrong. You have:

L 80:localhost:80 <ip_address_of_SVN_Server>
L 443:localhost:443 <ip_address_of_SVN_Server>
L 3690:localhost:3690 <ip_address_of_SVN_Server>


But shouldn't it be:
L 80:<ip_address_of_SVN_Server>:80 <ip_address_of_SSH_Server>
L 443:<ip_address_of_SVN_Server>:443 <ip_address_of_SSH_Server>
L 3690:<ip_address_of_SVN_Server>:3690 <ip_address_of_SSH_Server>
0
 
LVL 9

Author Comment

by:sda100
ID: 24190483
Yes, I normally use HTTP access to the SVN Server from the internal network.

I am running Apache on the FreeBSD box, and the SVN stuff is part of a 'trac' installation.  Authentication is handled like this (some information omitted):

<Location /trac>
        etc...
        AuthLDAPBindDN "cn=..."
        Require ldap-group cn=TracUsers,ou=Groups,dc=..."
</Location>
As I said, it all works from the internal network (containing SSH and SVN servers).

Is there any kind of reverse tunnelling that I need to set up on the SSH server?

Cheers,
Steve :)
0
 
LVL 9

Author Comment

by:sda100
ID: 24190490
Ah, my tunnels... I just listed them like that to show you my putty config.  To put in English, I was trying to create a tunnel from my client PC to the SVN server as I only have port 22 to work with on the SSH server.

Steve :)
0
 
LVL 6

Expert Comment

by:karlwilbur
ID: 24191050
Is there any kind of reverse tunnelling that I need to set up on the SSH server?
No.

I noticed that you are forwarding 443. Are you using HTTPS? If so, that is going to cause trouble trying to tunnel with HTTPS since the ip/domain names won't match....you might have to just drop the SSL on the HTTP and fall back to SSH only for encryption.
0
 
LVL 9

Accepted Solution

by:
sda100 earned 0 total points
ID: 25627928
Sorry for the lack of a reply for so long.. the problem was the wrong username/password.  Elementary mistake!!  On a side note, the only tunnelled port I needed was L:12345 --> remote:80

Steve
0

Featured Post

Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: gr8gonzo
Git can be a complicated version control system for beginners, but it definitely is one of the best ones out there. Since this article assumes that you're starting at square one, it will skip over things that Git -can- do and will focus on the typic…
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses
Course of the Month18 days, 11 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question