I'm having problems accessing an SVN repository using TortoiseSVN 1.7.8.
The SVN repository is on a CentOS 6.3 box with openssh 5.3p1:81.el6
and appears to be functioning correctly.
# svnadmin --version
# svnadmin, version 1.6.11 (r934486)
I can access the repository from another CentOS box with this command:
svn list svn+ssh://[email protected]/var/svn/joetest
But when I attempt to browse the repository using TortiseSVN from a Win 7 workstation I'm unable to do so using the following path:
svn+ssh://[email protected]/var/svn/joetest
I receive the following error from TortoiseSVN:
Unable to connect to a repository at URL 'svn+ssh://[email protected]/var/svn/joetest' To better debug SSH connection problems, remove the -q option from 'ssh' in the [tunnels] section of your Subversion configuration file. Network connection closed unexpectedly
I'm able to login via SSH from the workstation using Putty.
The results are the same if I attempt access as root.
I've given ownership of the repository /var/svn/
to USER:USER
and ran
chmod 2700 -R /var/svn/
.
Because I can access the repository via ssh from another Linux box, permissions don't appear to be the problem.
When I watch the log file using tail -fn 2000 /var/log/secure
, I see the following each time TortiseSVN asks for the password:
Sep 26 17:34:31 dev sshd[30361]: Accepted password for USER from xx.xxx.xx.xxx port 59101 ssh2
Sep 26 17:34:31 dev sshd[30361]: pam_unix(sshd:session): session opened for user USER by (uid=0)
Sep 26 17:34:31 dev sshd[30361]: pam_unix(sshd:session): session closed for user USER
I'm actually able to login, but the session is then closed immediately.
It caught my eye that the session is being opened for USER by root (uid=0)
, which may be correct, but I'll mention it in case it has something to do with the problem.
I looked into modifying the svnserve.conf
, but as far as I can tell, it's not used when accessing the repository via svn+ssh
, a private svnserve instance is created for each log in via this method. From the manual:
There's still a third way to invoke svnserve, and that's in “tunnel mode”, with the -t option. This mode assumes that a remote-service program such as RSH or SSH has successfully authenticated a user and is now invoking a private svnserve process as that user. The svnserve program behaves normally (communicating via stdin and stdout), and assumes that the traffic is being automatically redirected over some sort of tunnel back to the client. When svnserve is invoked by a tunnel agent like this, be sure that the authenticated user has full read and write access to the repository database files. (See Servers and Permissions: A Word of Warning.) It's essentially the same as a local user accessing the repository via file:/// URLs.
The only non-default settings in sshd_config
are:
Protocol 2 # to disable Protocol 1
SyslogFacility AUTHPRIV
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
X11Forwarding no
Subsystem sftp /usr/libexec/openssh/sftp-server
Any thoughts?
I finally came across a solution for this. In the TortoiseSVN FAQ of all places:
TortoiseSVN Frequently asked questions
From the FAQ:
SVN+SSH: Connection closed unexpectedly
It has been reported that svn+ssh connections of the form svn+ssh://[email protected] which were previously working, stop working with TortoiseSVN 1.5. This seems to be related to plink, and occurs if you have a default hostname set in PuTTY.
If this is the case you can fix it by using regedit or regedt32 to clear HKEY_CURRENT_USER/Software/SimonTatham/Putty/Sessions/Default%20Settings/HostName.
Another user has reported the following server-side fix:
- ssh into your account
- cd ~
- cp /etc/bashrc .bashrc
- nano .bashrc
- put a # before the line "mesg y" (which comments it out)
- Ctrl+X to exit, press Y when prompted to save.
I didn't try the first approach of editing my registry.
The second approach of editing the bash configuration worked for me.
A note about the bash configuration method:
If you're on shared hosting, your user .bashrc file will likely be loading the global /etc/bashrc file. You won't be able to edit the global file, so you'll need to work around that.
Some possible approaches:
Try adding mesg n
to your user .bashrc file. I'm not sure if this
will work or whether it should be placed before or after the global
file is loaded.
Don't include the global file and hard code all the settings in your
user .bashrc
file.
Remove the mesg y
setting from the global /etc/bashrc file as it's
loading. This question discusses how to do that: Use a grepped file
as an included source in bash