Recently, I needed to get Subversion working over SSH on a Windows machine. I elected to use
Plink.exe, the command line version of Putty to do this. I got my SSH tunnel working through plink in almost no time, but it wouldn't work when I executed an 'svn' command, such as 'svn co svn+ssh://server/repos'. The client simply sat there, pressing Ctrl-C caused the following error message "connection closed unexpectedly". After struggling with it, I found mention that paths in the subversion 'conf' file must use forward slashes. Using 'ssh= plink -P 1234 -l username -i D:\path\key.ppk' prevent plink from find the key. Plink defaults to using a password when it can't locate the key file. Hence
svn sat waiting for a password on STDIN until catching a Ctrl-c. I changed the path to my key to D:/path/key.ppk' and every thing worked immediately!
Step-by-step
This guide assumes you already have sshd and subversion configured and working on your *nix server and that you have a good grasp of how to use them.
Here are the step by step instructions (more or less) for getting svn+ssh to work from a windows client:
Use PuTTYGen.exe to generate a public/private key pair.
Leave the passphrase blank and save the private and public key somewhere safe.
Edit your Subversion config file to modify the ssh tunnel, or create a new tunnel. In Windows, this file is located at
C:\Documents and Settings\<username>\Application Data\Subversion\config
Under the [tunnels] section, I added the line:
ssh = plink -P 1234 -l username -i D:/Path/to/key.ppk
Where key.ppk is the private key that you want to use to authenticate. Make sure you use the -l option, on unix you wouldn't need this, but plink will get confused if it isn't there, even when logging in with key authorization. Be sure to use forward slashes in your paths!! Make sure that plink.exe is in your PATH, otherwise use
ssh=C:/path/to/plink.exe -P 1234 -l username -i D:/Path/to/key.ppk
Use
pscp to copy your
public key to the server. This is likely the key you saved without the .ppk extension.
Login to your server.
PuttyGen doesn't save the keys the way that OpenSSH expects them. You can use PuttyGen to export the key to OpenSSH or you can simply use
vi to do this - I elected to use
vi. Delete the headers and the trailing footer line, then get rid of each newline character so that the key is one long string. Before the key, type
command="/path/to/your/svnserve -t -r /repos/path
followed by a space. Then type
ssh-dss
followed by a space. If your key is not a DSA key, like mine, figure out what you need instead of ssh-dss. Finally, after your key string type a space followed by
username@domain
This should be something meaning full to you. Typically, you would use this to figure out which key to delete if the need arises but it isn't necessary.
Append your key file onto your
authorized_keys2 file using:
cat key-filename >> ~/.ssh/authorized_keys2
Logout of your server.
Test your connection from the windows client:
plink -l username -P 1234 -i D:\path\to\key.ppk server_ip
You should see
( success ( 1 2 ( ANONYMOUS EXTERNAL ) ( edit-pipeline ) ) )
This means your connection is working and you are ready to use Subversion. Note that you won't get a command prompt because we configured SSH to run svnserve when the session is authenticated using this key. If you still want command line access, login without this key using Putty or ssh.
List the contents of your project:
svn list svn+ssh://serverIP/project
