This semester, we are using Subversion with "SSH tunneling" to keep project repositories for teams and homework repositories for individuals. The repositories are all owned by cs164-ta and kept on the instructional machines. To access them, you must inform your local SSH software of a private key, and must inform cs164-ta of the matching public key.
To authenticate yourself to a remote party with SSH, you give the remote
party a
SSH on Unix and MacOS keep SSH keys as files in a directory named .ssh. On the instructional machines, we have defined a command set-keys, which will check that you have a public key names .ssh/login.pub, where login is the login id on your instructional CS164 account. If you don't have one, it will create a key pair one for you, with an empty password (not a great idea in general, perhaps, but it is adequate for this course). The set-keys script will also register your public key with us, so that you will be able to use your private key (which is called .ssh/login) to authenticate yourself from anywhere. We run set-keys for you at login, so you probably won't have to use it explicitly.
Periodically, we run a program that collects keys that people have generated and sets up our central course repository to recognize them. It may therefore take some hours between the time you create a key with set-keys (or logging in does it for you) and the time the repository becomes available to you.
You will need to copy your private key to the .ssh directory of whatever machine(s) you intend to use for your work (let's call it your home machine), and inform the SSH program there of its existence (see Using Your Key, below).
Once you have a keys properly created and registered, the next step is to actually use SSH and Subversion to access your repository. First, it is useful to tell your local SSH configuration about your private key for the repository. There are several techniques. If you are using OpenSSH on Unix or MacOS, you add a line to the file .ssh/config that says
IdentityFile ~/.ssh/privatekey(create the config file if needed). Whenever you use SSH or Subversion with an "svn+ssh" repository, SSH will consult the indicated private key file(s) for a key to try (you can have any number of IdentityFile lines in your config file).
Alternatively, you can set up an SSH agent, which will allow you to specify the key you want to use and then provide it to programs that ask for it. Within a given Unix shell, the command
ssh-agent name-of-shellwill run the shell you name (csh, bash, etc.) and supply its environment with a link to an agent process. Alternatively, you can use
eval `ssh-agent`to supply that environment to the current shell.
Once you have started an agent, you may add keys to it with
ssh-add private-key-fileOther programs that you run from this shell, including Subversion, will be supplied with the authentication services with the keys you have added, and will not have to ask you for a passphrase.
Page was last modified on Tue Jan 27 14:59:23 2009.