Ssh+svn any working doku with rcstack?

Hello,
i try to setup svn via ssh because we have some major troubles with large files over https.
I can add keys and sshd container is running but nothing is accessible.
At a first step i tried ssh directly to port 9022 via " ssh -i ~/.ssh/id_rsa_rhodecode_access_priv.key -p 9022 user@server.xx.xx " but i get only access denied public-key

With the user rhodecode there seems some little success but the following error occurs:
SVN_SSH=“ssh -i ~/.ssh/id_rsa_rhodecode_access_priv.key” svn checkou
t svn+ssh://rhodecode@svn06-001.edag.de/Administration/Test
rhodecode@svn06-001.edag.de’s password:
svn: E170013: Unable to connect to a repository at URL ‘svn+ssh://rhodecode@svn06-001.edag.de
/Administration/Test’
svn: E210002: To better debug SSH connection problems, remove the -q option from ‘ssh’ in the
[tunnels] section of your Subversion configuration file.
svn: E210002: Network connection closed unexpectedly

nwadmin@gitlab-klon1:~$ SVN_SSH=“ssh -i ~/.ssh/id_rsa_rhodecode_access_priv.key -p 9022” svn
checkout svn+ssh://rhodecode@svn06-xxx.xx.sw/Administration/Test
Traceback (most recent call last):
File “/usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2”, line 8, in
sys.exit(main())
^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/click/core.py”, line 1157, in cal
l

return self.main(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/click/core.py”, line 1078, in main
rv = self.invoke(ctx)
^^^^^^^^^^^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/click/core.py”, line 1434, in invok
e
return ctx.invoke(self.callback, **ctx.params)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/click/core.py”, line 783, in invoke
return _callback(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/rhodecode/venv/lib/python3.11/site-packages/rhodecode/apps/ssh_support/lib/ssh

wrapper_v2.py", line 99, in main
return_code = ssh_wrapper.wrap()
^^^^^^^^^^^^^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/rhodecode/apps/ssh_support/lib/back
ends/init.py”, line 344, in wrap
user = self.parse_user_related_data(data)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/home/rhodecode/venv/lib/python3.11/site-packages/rhodecode/apps/ssh_support/lib/back
ends/init.py”, line 299, in parse_user_related_data
user.user_id = user_data[“user_id”]
~~~~~~~~~^^^^^^^^^^^
TypeError: ‘NoneType’ object is not subscriptable
svn: E170013: Unable to connect to a repository at URL ‘svn+ssh://rhodecode@svn06-xx1.xx.sw
/Administration/Test’
svn: E210002: To better debug SSH connection problems, remove the -q option from ‘ssh’ in the
[tunnels] section of your Subversion configuration file.
svn: E210002: Network connection closed unexpectedly

Hi! Which versions of Rhodecode are you using?
Which version of ssh wrapper is used?

; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2

Version is 5.5.0 and the ss config section is:

; ####################                                                                                                                                        
; SSH Support Settings                                                                                                                                        
; ####################                                                                                                                                        
                                                                                                                                                              
; Defines if a custom authorized_keys file should be created and written on                                                                                   
; any change user ssh keys. Setting this to false also disables possibility                                                                                   
; of adding SSH keys by users from web interface. Super admins can still                                                                                      
; manage SSH Keys.                                                                                                                                            
ssh.generate_authorized_keyfile = true                                                                                                                        
                                                                                                                                                              
; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding'                                                               
# ssh.authorized_keys_ssh_opts =                                                                                                                              
                                                                                                                                                              
; Path to the authorized_keys file where the generate entries are placed.                                                                                     
; It is possible to have multiple key files specified in `sshd_config` e.g.                                                                                   
; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode                                                                                
ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode                                                                             
                                                                                                                                                              
; Command to execute the SSH wrapper. The binary is available in the                                                                                          
; RhodeCode installation directory.                                                                                                                           
; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper                                                                                                     
; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2                                                                                             
#DEPRECATED: ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper                                                                                
ssh.wrapper_cmd.v2 = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2                                                                                       
                                                                                                                                                              
; Allow shell when executing the ssh-wrapper command                                                                                                          
ssh.wrapper_cmd_allow_shell = false                                                                                                                           
                                                                                                                                                              
; Enables logging, and detailed output send back to the client during SSH                                                                                     
; operations. Useful for debugging, shouldn't be used in production.                                                                                          
ssh.enable_debug_logging = false                                                                                                                              
                                                                                                                                                              
; Paths to binary executable, by default they are the names, but we can                                                                                       
; override them if we want to use a custom one                                                                                                                
ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg                                                                                                   
ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git                                                                                                 
ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve                                                                                            
                                                                                                                                                              
## Enables SSH key generator web interface. Disabling this still allows users                                                                                 
## to add their own keys.                                                                                                                                     
ssh.enable_ui_key_generator = true                                                                                                                            
 

do you have any custom group permissions set up, or something like that?

No no special groups or rights.
The “old” wrapper is working the v2 wrapper leads to error described…

Had the same issue. By debugging API calls I found the reason. I had an empty value for app.service_api.token parameter in rhodecode.ini. When I changed it to some string, the error disappeared.

1 Like

Yeah,
thats it !
Thank you for sharing your finding !

peter

We will add another check to make sure this kind of misconfiguration is less likely and error message is more clear