So, you want to checkout source code on some server and at the same time have ability to commit or diff against local copy on your laptop? Seems like an easy task, but it does involve some unexpected steps (for me at least), so here is a quick how to...
Create ssh tunnel from target host back to your laptop (called llin in output). Edit .ssh/config and add something like:
Host server-dev.rot13.org server-dev Hostname server-dev.rot13.org RemoteForward 8022 127.0.0.1:22You will notice that I added short name so I can type just ssh server-dev because I'm lazy.
When you login to server-dev you might think that something like svn checkout is everything that is left. However, that doesn't really work:
dpavlin@server-dev:~$ svn ls svn+ssh://localhost:8022/home/dpavlin/private/svn/SQL2XLS ssh: localhost:8022: Name or service not known svn: Connection closed unexpectedlyIt seems that subversion doesn't like port number within hostname! So, let's make .ssh/config there also:
Host llin-svn Hostname localhost Port 8022Let's try it out:
dpavlin@server-dev:~$ svn ls svn+ssh://llin-svn/home/dpavlin/private/svn/SQL2XLS The authenticity of host 'localhost (127.0.0.1)' can't be established. RSA key fingerprint is 00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'localhost' (RSA) to the list of known hosts. Password or swipe finger:Much better, but is asks us for password every time. We don't really like that, so we'll create ssh keys to get around this:
dpavlin@server-dev:~$ ssh-keygen -f .ssh/llin-svn Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in .ssh/llin-svn. Your public key has been saved in .ssh/llin-svn.pub. The key fingerprint is: aa:bb:cc:dd:ee:ff:00:11:22:33:44:55:66:77:88:99 dpavlin@server-dev.rot13.orgNow we will insert generated .ssh/llin-svn.pub into .ssh/authorized_keys on laptop but allow only svnserver to be started:
command="svnserve -t" ssh-rsa AAA...rest of key...AAA== dpavlin@server-dev.rot13.orgIf you want normal ssh login back to your laptop, you might leave out command="svnserve -t", but this makes me feel better. On the other hand, tunnel will be open only when we are logged into server-dev, but I usually prefer more security if possible. If you don't want to commit back to laptop, you might add -R flag to make repository read-only.
But wait, there is more! We need to tell ssh on server-dev that we are using newly generated key, so our final .ssh/config looks like this:
Host llin-svn Hostname localhost Port 8022 IdentityFile ~/.ssh/llin-svn
We can test it now to make sure that subversion doesn't ask for password by simply checking out source code:
dpavlin@server-dev:~$ svn co svn+ssh://llin-svn/home/dpavlin/private/svn/SQL2XLS Checked out revision 0.
Happy hacking!