Ssh-keygen with different user for subversion

I can't figure out how to create public / private keys for other users on my server. On my server, I type the following through the shell

(uiserver):john:> ssh-keygen -t dsa

After that, I enter the filenames and password, which successfully results in a private key and public key pair for "john". Now when I use this key to ssh into my subversion repository (sitting on john), all actions are logged as "john". That's perfect.

So next, I want to create a public /private key pair for "george" so he can access my server. I repeated the ssh-keygen from my server. Then I gave the private key to George. George successfully installed the key, but every time he performs an action in the svn repository, subversion logs his actions as "john" instead of "george". How do I get subversion to recognize the difference between "george" and "john"?

I looked in authorized_keys2 and I noticed that the final comment for both keys is "john@uiserver". I tried editing the comment, but subversion still can't recognize the difference between george and john.

Additional Detail

I have a half-working solution based on Juliano's answer. I went to "david" machine (linux), made the prv/pub keys, attached pub key to john's authorized_keys2. Perfect! SVN is logging david's changes as david.

I went to "george" machine (windows xp), used puttygen to create prv/pub keys, attached pub key to john's authorized_keys2. George can access svn, but all his changes are still logged as john. I am trying bojo's tunnel solution as soon as I figure out where to configure it in TortoiseSVN.

ANSWER

I used option 2 of bojo's answer. In the end, all I needed to do was add the following line to my authorized_keys2

command="svnserve -t --tunnel-user=george",no-port-forwarding,no-X11-forwarding,no-agent-forwarding ssh-dss <george's long public key> == meaningful comment

I also added the line

george=george's password

to my /pathtorepository/conf/passwd to my subversion password file

Best Answer

Check the instructions on how to use the --tunnel-user command here at the svn manual. I imagine the reason George is showing up as John is because you aren't telling the ssh session which user it is, so it's defaulting to John's account.

To clarify, the original poster has two options.

Create a new user account for George. This assumes he has super user access.
Generate the second key (ideally George does this), append to the John account's .ssh/authorized_keys file, and add the above linked commands to the .ssh/authorized_users file as described. The link also describes how to limit the additional user's access to the John account.

Best Answer

Related Solutions

Subversion asks for incorrect user

Accessing Subversion repository with 2 hops using svn+ssh protocol

Related Topic