On Fri, Jan 17, 2025 at 1:27 PM Johan Corveleyn <jcor...@gmail.com> wrote: > > On Fri, Jan 17, 2025 at 7:24 AM Bo Berglund <bo.bergl...@gmail.com> wrote: > ... > > ------------------------------------------------------ > > $ svn --version: > > svn, version 1.14.2 (r1899510) > > compiled Jan 31 2023, 18:14:10 on aarch64-unknown-linux-gnu > > ... > > The following authentication credential caches are available: > > > > * Plaintext cache in /home/bosse/.subversion > > * Gnome Keyring > > * GPG-Agent > > * KWallet (KDE) > > ------------------------------------------------------- > > > > I assume that the last 3 alternatives are Desktop dependent and use GUI > > dialog > > boxes? > > > > I'd appreciate it to get a specific direction as to which items to > > add/change in > > the default files in $HOME/.subversion/: config and servers, in order for > > the > > passwords to be cached in a text-only environment. > > I.e. how to set them to use a command line interface only? > > I guess it comes down to these settings in the $HOME/.subversion/servers file: > > [[[ > ### store-passwords Specifies whether passwords used > ### to authenticate against a > ### Subversion server may be cached > ### to disk in any way. > ### store-plaintext-passwords Specifies whether passwords may > ### be cached on disk unencrypted. > ... > ### Set store-passwords to 'no' to avoid storing new passwords on > ### disk in any way, including in password stores. It defaults to > ### 'yes', but Subversion will never save your password to disk in > ### plaintext unless explicitly configured to do so. > ### > ### Set store-plaintext-passwords to 'no' to avoid storing new > ### passwords in unencrypted form in the auth/ area of your config > ### directory. Set it to 'yes' to allow Subversion to store > ### unencrypted passwords in the auth/ area. The default is > ### 'ask', which means that Subversion will ask you before > ### saving a password to disk in unencrypted form. Note that > ### this option has no effect if either 'store-passwords' or > ### 'store-auth-creds' is set to 'no'. > ]]] > > If you set store-plaintext-passwords=yes it should work. You can > configure this setting differently depending on the server you are > connecting to, which is why this is a setting in the 'servers' file. > You probably want to configure your setting in the '[global]' section > in this file. Or you might configure your own group in the "[groups]" > section (listing the hostnames with which you connect to your own > server), and then put the store-plaintext-passwords=yes only in that > particular group's section. > > Also, keep in mind that there is a system-wide configuration area > (optional) in /etc/subversion, and then there is the user-specific are > in $HOME/.subversion [1]. It's possible that you have > store-plaintext-passwords=no set in /etc/subversion/servers, and > nothing set in your user-specific servers file. In that case, contrary > to what you might expect, you won't get the 'ask' default, but it will > be set to 'no' by the system-wide setting. > > [1] https://svnbook.red-bean.com/nightly/en/svn.advanced.confarea.html
Oh, and according to this cirata (previously wandisco) blog article it should be possible to setup a Gnome Keyring without a GUI: https://community.cirata.com/s/article/How-to-set-up-encrypted-svn-password-storage-using-gnome-keyring-in-an-ssh-session I have not tried it myself, but I might (have to) dig into it in the near future. Two more articles related to Gnome Keyring which I have bookmarked because I want to research unlocking the keyring automatically after login (but haven't gotten around to it, YMMV): https://wiki.archlinux.org/title/GNOME/Keyring https://forums.debian.net/viewtopic.php?t=152349 (how to auto-unlock gnome-keyring on login) I think, if we get this all figured out (setting up GUI-less Gnome Keyring with auto-unlock upon login), it would be great if we'd put this into a blog or step-by-step guide somewhere on subversion.apache.org. -- Johan
