Tunnelling SubversionPublished on 10 Mar 2004
cvs accept an environment variable to contain a command which allows logging in to a remote system before executing the desired action. The result seemingly causes the action to be executed locally although it is actually tunnelled through the specified program. Formerly
rsh was used which contains some serious design flaws therefore
ssh was designed to replace it. Refer to notes RSync over SSH and CVS over SSH for details how to use
ssh with these utilities.
NOTE: This note assumes that you own a SSH login on the machine that hosts the repository.
Subversion provides an even more flexible mechanism to access remote repositories:
Subversion uses URIs to determine how to access the repository. Usually you will use a
file://URI to refer to a local repository though subverson also supports remote repositories via WebDAV (
http://) and a dedicated server program (
svn://). The latter method also allows tunnelling commands and data through a program to a remotely executed instance of the server program which uses the following URI:
There is one predefined
sshto login to the remote system:
svn+ssh://[USER@]HOST/REPOSITORY/PATH/. You will have to authenticate yourself on
HOSTusing the local username unless you specified a
USER. After successfully logging in a remote instance of the subversion server program will be executed which will provide repository access (to
/REPOSITORY/PATH/) through the tunnel.
Though the predefined ssh tunnelling method usually suits a user just fine circumstances arise when the flexible tunnelling of subversion allows access to a remote repository which might have been impossible otherwise. In the user configuration file
tunnelssection allows the definition of custom tunnels:
... [tunnels] test = ssh -p 12345
The following URI refers to the remote repository which is accessible via the custom tunnel: