HostingRails.com

Hi Josh,

The username and password for multiuser SVN is stored under the folder
/home/username/authfiles/svn-htpasswd and the password is given in encrypted format.  The folder 'authfiles' is under your root directory and no other users are able to access folder/files under your account.

Please refer the link for creating the authentication files of SVN repository.
http://www.hostingrails.com/forums/wiki_thread/23

I understand that.  The problem is, I am unclear as to when a user attempts to access the repository, whether their password gets passed to the server in plain text.

Thanks,
Josh

I attempted to do a:

svn co https://svn.mydomain.com/svn/myproject/trunk --username=myuser

But that gave me errors and my authorization never succeeded.

Any ideas?

Thanks,
Josh

for HTTPS you will need a dedicated IP and support will need to set your vhost accordingly to listen on the correct port.  

Also - and I think indeed with Basic Auhorization the password is send over plain text, even though it is encrypted on the server.

http://httpd.apache.org/docs/2.2/howto/auth.html

Thanks William.

So it seems the final conclusion on this, if you want your multi-user SVN to be secure (i.e., your usernames and passwords are *NOT* transmitted in plain text and are encrypted), you need to have a dedicated IP and get support to setup your vhost accordingly.

I'm going to go ahead and request a dedicated IP tomorrow.

Thanks!
Josh

Don't forget about SVN+SSH :)

Seth

svn+ssh is fine if you're only doing single user SVN, but for multi-user it's no good.

I wonder if it would be possible to use an SSH tunnel with M-SVN... I'll have to look at that. But yeah you're right it would only be useful for a single user.