Do you know of a reliable way to encrypt an entire Subversion repository?
I host the repository on my dedicated server (FreeBSD), but would like to add encryption so my source code cannot be开发者_StackOverflow中文版 stolen in readable format if someone hacks into my server.
I prefer a server side solution as different SVN clients may be used.
Possible?
This thread gives a reasonable solution for GIT that could also be applied to SVN. Just encrypt (EncFS) the subversion repository folder and mount it remotely (with sshfs, for example). Your server would only have the encrypted version, and your desktop would have both, working with the unencrypted one:
[server|encrypted repo] -- sshfs -- [desktop|encrypted repo] -- encfs -- [desktop|unencrypted repo] -- svn -- [desktop|working copy]
NOTE: I don't know how well would this react to concurrent accesses... Try first and let us know :)
You can encrypt the repository on the filesystem level, like this.
If you're concerned about traffic sniffing, this won't be enough.
Another option is EncFS. There's a FreeBSD port for it. But, as SLaks noted, this won't prevent traffic sniffing. To add sniffing deterrence, you'll want to encrypt traffic to your Subversion server. There are tutorials on the web that'll help you set up Apache + SSL + Subversion. Google for "subversion ssl".
精彩评论