Connecting to an SVN Server via a Tunnel

This section describes how to connect to an SVN server using a tunneling protocol. For information on connecting without a tunnel see Connecting to an SVN Server.

  1. Select File > Add Repository… (or click the button located at the bottom of the source list and select Add Repository…)
  2. Select the SVN Server button at the top of the displayed sheet:

    SVN Server

  3. Select the tunnel to use. Both standard (SSH) and custom tunnels defined in ~/.subversion/config are included in the popup menu labeled Tunnel. The tunnel name should correspond to the second part of the repository’s protocol scheme. For example, select SSH if the URL’s scheme is svn+ssh://.
  4. Use the Server field to enter the name or IP address of the SVN server. Do not include the scheme (i.e. svn+ssh://) in this field.
  5. If your server is listening on a non-standard port (22 for svn+ssh://) then enter the port number into the Port field. Leave this field blank if your server is using the standard port.
  6. Enter the relative path of the repository into the Repository Path field. You may also specify the path to a folder in the repository.
  7. For example, for the URL
    enter into the Server field, 1022 into the Port field and repos/project/trunk into the Repository Path field.
    The path entered into the Repository Path field should not be URL-encoded.
  8. Use the Nickname field to specify the name used to represent the repository in the source list.
  9. Specify the name of the account name you use to access the repository.
    The value entered into the Name field should not be URL-encoded.
  10. You can leave the Name field blank if you only require anonymous access or are using a tunnel with private key authentication.
  11. A password is not required for all tunnel types. Cornerstone will prompt separately for your password when using SSH with password-only authentication.
  12. Your SSH agent will prompt separately for your passphrase when using private key authentication.
  13. Click the Add button to connect to the repository.

Cornerstone will attempt to contact the server and query information about the repository. The server must be reachable to successfully add a repository.

If you are contacting the repository for the first time from this computer then you will be prompted to accept the server’s RSA fingerprint. Select Accept Permanently if you do not want to be prompted again in the future.

An unexpected prompt in the future to re-accept the server’s RSA fingerprint will indicate that the server’s identity has changed, in which case we recommend that you contact your administrator for clarification before permanently accepting the server’s new identity.

If you are unconcerned about the identities of the servers you are connecting to then you can configure Cornerstone to always accept server RSA fingerprints. Open the app’s preferences (Cornerstone > Preferences), switch to the Advanced tab and set When connecting to an SSH server to Automatically accept RSA keys.

This preference only affects Cornerstone. Other SSH-based apps (such as the ssh command-line tool) are unaffected.

The sheet will autofill if the pasteboard contains an svn:// URL when the sheet is opened. You can click the Reset button to clear the autofilled contents if required.

Your SSH password is stored in your login keychain.

Security Considerations

As described in Connecting to an SVN Server, the SVN protocol is not secure. This limitation can be remedied through the use of a tunnel, in which case all network traffic passes through the tunnel on the way to and from the server.

Cornerstone provides integrated support for the standard Secure Shell (i.e. SSH) tunnel which adds both authentication and encryption services to the SVN protocol.

You can also add your own custom tunnel by editing Subversion’s configuration. See the Subversion documentation included with Cornerstone (Help > Cornerstone Help) for more information.