tags:

views:

491

answers:

3
+2  Q: 

Encrypted Subversion repository

Do you know of a reliable way to encrypt an entire Subversion repository?

I host the repository on my dedicated server (FreeBSD), but would like to add encryption so my source code cannot be stolen in readable format if someone hacks into my server.

I prefer a server side solution as different SVN clients may be used.

Possible?

+1  A: 

You can encrypt the repository on the filesystem level, like this.

If you're concerned about traffic sniffing, this won't be enough.

SLaks  2010-02-25 14:51:49
+1  A: 

Another option is EncFS. There's a FreeBSD port for it. But, as SLaks noted, this won't prevent traffic sniffing. To add sniffing deterrence, you'll want to encrypt traffic to your Subversion server. There are tutorials on the web that'll help you set up Apache + SSL + Subversion. Google for "subversion ssl".

Brian Clapper  2010-02-25 14:56:26
But won't you need to mount and unmount the encrypted filesystem for every request? Can you pass the authentication for that through either apache or svnserve?
Rup  2010-10-19 08:34:48
+1  A: 

This thread gives a reasonable solution for GIT that could also be applied to SVN. Just encrypt (EncFS) the subversion repository folder and mount it remotely (with sshfs, for example). Your server would only have the encrypted version, and your desktop would have both, working with the unencrypted one:

[server|encrypted repo] -- sshfs -- [desktop|encrypted repo] -- encfs -- [desktop|unencrypted repo] -- svn -- [desktop|working copy]

NOTE: I don't know how well would this react to concurrent accesses... Try first and let us know :)

Ruben  2010-10-19 08:21:10
+1 for mounting the encrypted FS remotely - the other solutions imply leaving it mounted for server processes which could be compromised.
Rup  2010-10-19 08:31:21

related questions

Best strategy to write hooks for subversion in Windows
Database Version Control
Version control PHP Web Project
Experience with SVN vs. Team Foundation Server?
Best SVN Client Ignore Pattern for VB.NET Solutions?
SVN merge merged extra stuff
What is your favorite web app deployment workflow with SVN?
Integrating Fogbugz with TortoiseSVN with no URL/Subversion backend
Version Control. Getting started...
ASP.NET Display SVN Revision Number
How do I create a branch in SVN?
What do the result codes in svn mean?
Could you recommend a good free project hosting website?
Federated (Synced) Subversion servers?
Mechanisms for tracking DB schema changes
What are the advantages of using SVN over CVS?
Use SVN Revision to label build in CCNET
Best subversion client for Mac OS
Why is Git better than Subversion?
ASP.NET, Visual Studio and Subversion - how to integrate?
Best Practice: Collaborative Environment, Bin Directory, SVN
How do I sync the SVN revision number with my ASP.NET web site?
Best Subversion clients for Windows Vista (64bit)
Good branch/merge tutorials for Tortoise SVN?
How can you get Subclipse in Aptana to work with the newest release of Subversion?