I had a working subversion server which used the passwd file which stores passwords in clear text. My requirements changed so that passwords now need to be encrypted. I did everything according to the book to use SASL, or so I believe, but now only the linux command line can authenticate. My OSX users, which also use command line, and my WinXp users, which use TortoiseSVN get errors. Linux versions are 1.6.11. OSX versions are 1.6.17. And TortoiseSVN versions are 1.7.4.
/opt/subversion/QRpage/conf/svnserve.conf:
[general]
anon-access = none
auth-access = write
realm = ABC
[sasl]
use-sasl = true
min-encryption = 128
max-encryption = 256
/etc/sasl2/svn.conf:
pwcheck_method: auxprop
auxprop_plugin: sasldb
sasldb_path: /etc/sasldb2
mech_list: DIGEST-MD5
Then I add new users via:
saslpasswd2 -c -f /etc/sasldb2 -u ABC dacracot
But for instance OSX users get this error trying to check out:
$ svn co svn://svn.nowhere.org/QRpage
svn: Cannot negotiate authentication mechanism
Best Answer
Your clients need to be set up for SASL digest authentication too for this to work. For information on how to set this up for Tortoise, see here. Yes, it's a pain.
The svnserve protocol is not built for encryption or security at all. Consider using https with mod_dav_svn instead.