Friday, June 20, 2003

Fun With PuTTY

so i just figured out how to do two of the things i wanted to do with subversion's ssh tunneling, and i figured i'd write it down here, so others can benefit from my playing around, and more importantly so i don't forget how i did it.

first, i wanted to be able to set up an ssh tunnel through the exposed machine on my home network, so i can hit the machine which has my personal subversion repository on it. this isn't especially difficult to do, but i'd never really played with it before. second, i wanted to get subversion on a windows box to tunnel it's repository access over ssh. several people mentioned they'd gotten this working on the dev list, but i'd never actually tried it myself, and it took a little fiddling around before i could get it to work.

ssh tunneling is pretty simple. the command looks something like this:

C:\> plink -L 4747:quicksilver:22
plink is the command line interface to putty, everyone's favorite win32 ssh client. i believe you can just replace that with 'ssh' if you're on a unix machine. 4747 is the port on my local machine that i'll be hitting, quicksilver is the name of the machine the tunnel is pointing to on my home network, 22 is the port ssh is running on on quicksilver, and is my username @ the machine i'm tunneling through.

once you enter your password, you'll be presented with a shell interface to the machine you're tunneling through, which you can safely ignore, since the whole point of this was to set up the tunnel, not to get a login shell. to confirm that the tunnel is working, just try to connect to port 4747 on your local machine, and you should see the beginnings of the ssh connection to
the box you're tunneling to.

now that the tunnel is up, let's see what we need to do to get subversion on windows to speak to it. first, you'll have to set up the SVN_SSH environment variable, since you'll be using plink, not ssh, as your tunnel agent. this should look something like this:

C:\> set SVN_SSH=plink -P 4747 -l yourusername -pw yourpasswordhere
now, you can just use subversion as usual, like this:
C:\> svn list svn+ssh://localhost/home/repos/writing
since you've told subversion to hit port 4747 on localhost (4747 from the -P argument to plink, and localhost in the url), it'll hit your ssh tunnel, and everything will be forwarded on to the machine on the home network. note that you apparently need to set the password in the SVN_SSH variable, because if you don't, subversion hangs waiting for you to enter it. i'm not entirely sure why this happens, but this seems like a reasonable work around for now.