For our subversion repositories we only allow users to connect through ssh public key login. We are switching towards using Fabric for doing automated deployments (in combination with zc.buildout, which we already use). Unfortunately it seems that both Fabric and paramiko, the python library Fabric uses for making ssh connections, don't support the ForwardAgent option in ~/.ssh/config which allows you to forward your ssh-agent to ...
Read MoreWe want to use SSH+SVN. However, access rights can be a pain with this protocol since we cannot use SVN's built-in access management. I explain how to use SSH+SVN and have proper access rights with multiple users and groups.
Read MoreWe maintain all of our server's /etc directories in subversion repositories and just disabled password logins on our subversion server. So that means you actually need ssh-agent to work when using sudo. This can be done by editting the /etc/sudoers file and adding the following line: Defaults env_keep="SSH_AUTH_SOCK"
Read MoreJust as I wrote in Using a jumpbox in ssh it can also come in handy to use a jumpbox with subversion. A jumpbox is an in between server which you use to tunnel traffic through, because the end point is somehow not reachable directly. In this case we migrated to a new internet connection in our office. Which brought in a Zyxel modem/router. Our ...
Read MoreSometimes you will need to access a service on a client's machine from an untrusted network, but you don't want to expose this client's SSH server to untrusted IP's. If this is the case you can use a trusted machine (a so called jumpbox) as an intermediate to connect to the client's box. For example, to connect the user test (user available on both jumpbox ...
Read MoreHow often don't I just want to open a tunnel to some server (that I'm sure to have in PuTTY) without opening a full SSH terminal? Or, isn't it annoying that everytime you open a terminal session in PuTTY, all tunnels related to that session open as well? -- PuTTY Tunnel Manager is here!
Read More