svn+ssh://odyssey@core/u/odyssey/svn/odyssey/
/u/odyssey/.ssh/authorized_keys
with an extra prefix limiting the available shells to svnserve
and mapping your public key with the author name USER
that will be recorded in your commits.
command="svnserve -t --tunnel-user=USER" ssh-dss AAAA...
odyssey
home directory, another key pair should be created for the above Subversion access. Replace the user's default public key in the above authorized_keys
line with the new Subversion-only public key. The user's default public key should be added as another line without the command
prefix. (A custom home sub-directory may be arranged with the prefix command="exec ~odyssey/pub/bin/login -r $USER -e SSH_ORIGINAL_COMMAND"
). The following line should be added to the user's shell startup file, provided that ~/.ssh/svn_id_dsa{,.pub}
is the new Subversion-only key pair. The line should be activated by either executing it or logging in.
export SVN_SSH="ssh -i ${HOME}/.ssh/svn_id_dsa"
svn co svn+ssh://odyssey@core/u/odyssey/svn/odyssey/
ogsas
repository is additionally limited with a custom change to the vcview
configuration file,
/u/odyssey/lib/viewvc/viewvc.conf [general] forbidden = ogsas/* superusers = USER1, USER2, ...
/u/odyssey/lib/mailer/mailer.conf
. A custom change was made to the mailer script to avoid unnecessary notifications from ogsas/today
.
-- IsaacMorland
-- IlguizLatypov - 12 Apr 2007