[CentOS] svnserve with encryption on CentOS

[David Mehler]

Hello,
Thanks again for your reply.

I've done some more reading/googling and from what i'm seeing high
security isn't doable with svnserve even with sasl, passwords from the
client need to be stored on disk plain, this isn't desirable in my
case.

Do you host a repository via apache? The problem I'm having is not
it's ease of setup, I can do that, the issue is one of data
visibility. I'm not wanting someone to be able to go to
http://domain.com/svn/project1 and see trunk code. I know that I can
use basic authentication to prevent this, but would rather the repo
not be viewable at all to any anonymous users.

Thanks.
Dave


On 7/15/11, Les Mikesell <lesmikesell at gmail.com> wrote:
> On 7/15/2011 6:55 PM, David Mehler wrote:
>> Hello,
>>
>> Thanks, and apologies if this is a repeat message.
>>
>> I'm not really wanting to do an apache setup for this project.
>
> You make it sound like that's a hard thing.  It's basically a 'yum
> install httpd mod_dav_svn' and an edit to /etc/httpd/conf.d/subversion.conf.
>
>> What my
>> structure will be like I think will be /var/svn and under that parent
>> directory repos# where that equals a separate project.
>
> That will work with any of the serving methods.
>
>> I've read that svnserve can hook in to sasl for encryption and
>> authentication, but not a lot of details on it. I'm starting to think
>> my best method would be svn+ssh, any experiences with this method?
>
> I think the sasl encryption is limited to the password exchange.  You
> should probably ask on the subversion list if encryption/security is
> important - there are some fanatics there.  My experience is mostly
> behind firewalls where those details are less critical.
>
> --
>    Les Mikesell
>     lesmikesell at gmail.com
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>