1

For various reasons we are finding it increasingly difficult to work with remote workers. We are a very small developer shop and it's becoming impractical to do manual merges on a daily basis. So we're left with little choice (?) but to consider opening up our SVN servers.

I'm looking into the following:

  1. Full HTTPS session
  2. Running non-80 port
  3. Strong password policy

Is this enough to prevent someone hacking and stealing data?

I will also look into VPN but first would like to understand any alternative solutions.

studiohack
  • 13,468
  • 19
  • 88
  • 118
user35072
  • 477
  • 3
  • 6
  • 14
  • 1
    Have you considered moving from SVN to a distributed version control system like git or mercurial? – MBraedley Nov 18 '11 at 15:06
  • That's a possibility, but seems like a bit of learning curve. Plus security problem still exists when committing back to the "master" – user35072 Nov 18 '11 at 15:27
  • 2
    Yeah, but git runs over ssh by default (probably Mercurial too, I'm not familiar with it) so you automatically get all the benefits of ssh. Plus, if your concern is repository damage, using a distributed VCS automatically gives you a whole slew of remote backups, since each developer should have a reasonably up-to-date clone of the repository. Besides, the ease of branching and merging in git or Mercurial compared to svn may make it worth the learning curve. – David Z Nov 18 '11 at 16:06
  • 1
    It seems that since much of your work is spent merging code in from your remote workers, and since [Merges Are Easy (TM)](http://www.joelonsoftware.com/items/2010/03/17.html) in a distributed VCS, you save a lot of work. There's also the bonus that it's already designed to be used by a group of distributed coders, something that SVN was never designed to do but has always been implemented. I think it'd be well worth the learning curve to at least consider it. – MBraedley Nov 18 '11 at 17:30

1 Answers1

0

You can try to configure a svn+ssh using the svnserve program. With --listen-port= option you can change the port.

http://svnbook.red-bean.com/nightly/it/svn-book.html#svn.serverconfig.svnserve.sshauth

ma81xx
  • 56
  • 2