tags:

views:

250

answers:

2
Q: 

Accessing Subversion repository with 2 hops using svn+ssh protocol

My ubuntu subversion server is not directly accesible to the internet, 192.168.1.2

My public ubuntu machine is exposed through the dmz at 192.168.1.1

i setup port forwarding from 192.168.1.1:3906 to 192.168.1.2:3906,but i have no idea how this would work with svn+ssh since one extra hop is required to reach my subversion server

EDIT: For anybody going through same problem, my confusion came because i was trying to portforward to my SVN server(running a daemon at port '3906') but accessing your SVN server through SSH is totally different from accessing your SVN server running a daemon (at 3906). You need to treat this as a typical ssh connection. Both of the methods below worked once i edited my settings

+1  A: 

Put something like this in your .ssh/config file:

Host subversionserver
        Host=192.168.1.1
        ProxyCommand = ssh 192.168.1.1 /usr/local/bin/nc -w 60 192.168.1.2 %p
        ForwardX11 = no
        User = myusername
        ForwardAgent = yes

Then you'll be able to connect to your ssh server with just:

ssh subversionserver

Basically you'll log in to your public box and run the netcat command once you get in. Your desired to the subversion server SSH connection will be going over the netcat connection.

Obviously you'll need to have netcat somewhere on your box.

The version in my .ssh/config file has a wildcard Host and uses %h in the netcat command. Very useful when you want to proxy through for all the boxes in a production environment that you have to go through a DMZ to get to.

Epsilon Prime  2009-10-29 18:00:33
Small typo: ".12" should be ".2"
Grumdrig  2009-10-29 18:15:58
I assume this goes into the .sssh/config of the outside machine trying to get in. If so, when u run "ssh subverionserver" how does it know the location? (i dont see anything about loc or ip address in your host config)
ironic_username  2009-10-29 19:13:18
I used the IP addresses you provided for your machines (in this case 192.168.1.1). You can replace them with actual hostnames. The outside machine would need to know the external hostname, the public facing box would need to know the subversion servers ip address.
Epsilon Prime  2009-10-29 19:47:42
+1  A: 

Is your sshd listening on port 3906 (rather than the standard port 22)? If so you should be able to connect with e.g.

   $ svn co svn+ssh://MYHOST:3906/svn/trunk/whatever

If not, forward port 3906 on .1 to 22 on .2.

Or forward port 22 on .1 to 22 on .2 if you don't need to ssh anywhere else on your intranet.

Grumdrig  2009-10-29 18:15:26
If i understand port forwarding correctly, I access my public PC from work through ssh port 22 so i am not sure i can forward it to .2maybe if i add 3906 to my sshd listening ports then that would be forwarded?Is
ironic_username  2009-10-29 19:02:37

related questions

Best strategy to write hooks for subversion in Windows
Database Version Control
Version control PHP Web Project
Experience with SVN vs. Team Foundation Server?
Best SVN Client Ignore Pattern for VB.NET Solutions?
SVN merge merged extra stuff
What is your favorite web app deployment workflow with SVN?
Integrating Fogbugz with TortoiseSVN with no URL/Subversion backend
Version Control. Getting started...
ASP.NET Display SVN Revision Number
How do I create a branch in SVN?
What do the result codes in svn mean?
Could you recommend a good free project hosting website?
Federated (Synced) Subversion servers?
Mechanisms for tracking DB schema changes
What are the advantages of using SVN over CVS?
Use SVN Revision to label build in CCNET
Best subversion client for Mac OS
Why is Git better than Subversion?
ASP.NET, Visual Studio and Subversion - how to integrate?
Best Practice: Collaborative Environment, Bin Directory, SVN
How do I sync the SVN revision number with my ASP.NET web site?
Best Subversion clients for Windows Vista (64bit)
Good branch/merge tutorials for Tortoise SVN?
How can you get Subclipse in Aptana to work with the newest release of Subversion?