Creating SSH key pairs for subversion
Whilst it could be argued it isn’t massively secure, to automate some subversion processes, it is often required to skip the username/password authentication process using subversion over SSH - for instance, we’re writing an automation tools which allows our project management team to do an svn update on an externally facing server without using SSH or the terminal. As even a simple
svn update
has a password request, automation becomes difficult. I’ve finally got around to installing the PEAR/PECL SVN libraries for PHP5. Whilst they’re experimental, they do the basics, which is pretty much all we need right now (we’re doing any switching/branching via the terminal still), but you will need to setup SSH keys to streamline the authentication side of things.
First of all, log into the ‘client’ machine (ie. the server with your working copy which needs updates etc.) and generate your private and public keys:
ssh-keygen -t dsa
Make sure you accept the default location and leave the password blank (this is essential).
Then copy your public key (~/.ssh/id_dsa.pub) to the SSH/SVN server. It’s pretty easy to do this via SCP
scp ~/.ssh/id_dsa.pub username@svn.server.com:
Then SSH into the subversion box and add the public key to your authorised keys file
cat id_dsa.pub >>~/.ssh/authorized_keys
Logout of the subversion server, and try ssh’ing back in - it shouldn’t ask you for your password. If you’re in - it worked!
This is also really handy for connecting to Media Temple subversion repositories, which have a bizarre username “user@foobar.com”, and ecaping the @ can be a pain. You can utilise serveraliases to get around this:
Host aliasHostName realservername.comUser user@realservername.com
Enabling you to simply…
ssh alias
Where alias is, of course, the alias you’ve chosen, not an excuse to think about Jennifer Garner - why would you need an excuse?
