Using SmartSVN with a tunnelled SSH connection

Sometimes SVN servers are not directly accessible from the Internet, but hidden behind a corporate firewall. Using SSH tunnels is a way to allow access to such servers.

For such environments, the built-in SSH client of SmartSVN can’t be used as it requires direct access to the repository server. However, you can configure and use your system SSH to connect to such repositories.

The easiest way will be to use SSH’s ProxyCommand which can be configured in your .ssh/config file (details).

For my environment, I’m accessing our internal smartserver over the gateway gateway. So my configuration looks like:

Host gateway
 IdentityFile ~/gateway.ssh.key

Host smartserver
 ProxyCommand ssh gateway nc -w 1 smartserver 22
 IdentityFile ~/smartserver.ssh.key

I have stripped off the passwords from both private key files, so authentication requires no interaction (refer here for details). That’s an important step to avoid the OpenSSH password prompt or — even worse — get stuck, if that GUI-prompt does not work. Now I’m able to connect to smartserver via the gateway, simply by invoking:

ssh smartserver

In SmartSVN’s Repository Profiles I have set up following tunnel:

  • Name: ssh-gateway
  • Command: ssh
  • Parameters: ${host} ${svnserve}

In the Add Repository Profile wizard, I have entered URL svn+ssh://smartserver/repos/smartsvn and on the Details page, selected Tunnel set to ssh-gateway. That’s it!