Ssh+svn any working doku with rcstack?

Support
1

Hello,
i try to setup svn via ssh because we have some major troubles with large files over https.
I can add keys and sshd container is running but nothing is accessible.
At a first step i tried ssh directly to port 9022 via " ssh -i ~/.ssh/id_rsa_rhodecode_access_priv.key -p 9022 user@server.xx.xx " but i get only access denied public-key

With the user rhodecode there seems some little success but the following error occurs:
SVN_SSH=“ssh -i ~/.ssh/id_rsa_rhodecode_access_priv.key” svn checkou
t svn+ssh://rhodecode@svn06-001.edag.de/Administration/Test
rhodecode@svn06-001.edag.de’s password:
svn: E170013: Unable to connect to a repository at URL ‘svn+ssh://rhodecode@svn06-001.edag.de
/Administration/Test’
svn: E210002: To better debug SSH connection problems, remove the -q option from ‘ssh’ in the
[tunnels] section of your Subversion configuration file.
svn: E210002: Network connection closed unexpectedly

nwadmin@gitlab-klon1:~$ SVN_SSH=“ssh -i ~/.ssh/id_rsa_rhodecode_access_priv.key -p 9022” svn
checkout svn+ssh://rhodecode@svn06-xxx.xx.sw/Administration/Test
Traceback (most recent call last):
File “/usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2”, line 8, in
sys.exit(main())
^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/click/core.py”, line 1157, in cal
l
return self.main(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/click/core.py”, line 1078, in main
rv = self.invoke(ctx)
^^^^^^^^^^^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/click/core.py”, line 1434, in invok
e
return ctx.invoke(self.callback, **ctx.params)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/click/core.py”, line 783, in invoke
return _callback(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/rhodecode/venv/lib/python3.11/site-packages/rhodecode/apps/ssh_support/lib/ssh
wrapper_v2.py", line 99, in main
return_code = ssh_wrapper.wrap()
^^^^^^^^^^^^^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/rhodecode/apps/ssh_support/lib/back
ends/init.py”, line 344, in wrap
user = self.parse_user_related_data(data)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/rhodecode/apps/ssh_support/lib/back
ends/init.py”, line 299, in parse_user_related_data
user.user_id = user_data[“user_id”]
~~~~~~~~~^^^^^^^^^^^
TypeError: ‘NoneType’ object is not subscriptable
svn: E170013: Unable to connect to a repository at URL ‘svn+ssh://rhodecode@svn06-xx1.xx.sw
/Administration/Test’
svn: E210002: To better debug SSH connection problems, remove the -q option from ‘ssh’ in the
[tunnels] section of your Subversion configuration file.
svn: E210002: Network connection closed unexpectedly

2

Hi! Which versions of Rhodecode are you using?
Which version of ssh wrapper is used?

; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2

3

Version is 5.5.0 and the ss config section is:

; ####################                                                                                                                                        
; SSH Support Settings                                                                                                                                        
; ####################                                                                                                                                        
                                                                                                                                                              
; Defines if a custom authorized_keys file should be created and written on                                                                                   
; any change user ssh keys. Setting this to false also disables possibility                                                                                   
; of adding SSH keys by users from web interface. Super admins can still                                                                                      
; manage SSH Keys.                                                                                                                                            
ssh.generate_authorized_keyfile = true                                                                                                                        
                                                                                                                                                              
; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding'                                                               
# ssh.authorized_keys_ssh_opts =                                                                                                                              
                                                                                                                                                              
; Path to the authorized_keys file where the generate entries are placed.                                                                                     
; It is possible to have multiple key files specified in `sshd_config` e.g.                                                                                   
; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode                                                                                
ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode                                                                             
                                                                                                                                                              
; Command to execute the SSH wrapper. The binary is available in the                                                                                          
; RhodeCode installation directory.                                                                                                                           
; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper                                                                                                     
; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2                                                                                             
#DEPRECATED: ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper                                                                                
ssh.wrapper_cmd.v2 = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2                                                                                       
                                                                                                                                                              
; Allow shell when executing the ssh-wrapper command                                                                                                          
ssh.wrapper_cmd_allow_shell = false                                                                                                                           
                                                                                                                                                              
; Enables logging, and detailed output send back to the client during SSH                                                                                     
; operations. Useful for debugging, shouldn't be used in production.                                                                                          
ssh.enable_debug_logging = false                                                                                                                              
                                                                                                                                                              
; Paths to binary executable, by default they are the names, but we can                                                                                       
; override them if we want to use a custom one                                                                                                                
ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg                                                                                                   
ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git                                                                                                 
ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve                                                                                            
                                                                                                                                                              
## Enables SSH key generator web interface. Disabling this still allows users                                                                                 
## to add their own keys.                                                                                                                                     
ssh.enable_ui_key_generator = true
4

do you have any custom group permissions set up, or something like that?

5

No no special groups or rights.
The “old” wrapper is working the v2 wrapper leads to error described…

6

Had the same issue. By debugging API calls I found the reason. I had an empty value for app.service_api.token parameter in rhodecode.ini. When I changed it to some string, the error disappeared.

1 Like
7

Yeah,
thats it !
Thank you for sharing your finding !

peter

8

We will add another check to make sure this kind of misconfiguration is less likely and error message is more clear