> That "svn" user can be set to have no valid shell, with its shell set > to something like "/sbin/nologin". This is actually quite common for > system services to have no valid shell. This is how the "apache" or > "www-data" user is usually set up. But that would prevent login using ssh, which I don't want. I can tell the sysadmin "we need an SSH login for Charlie so he can use Subversion", but I cannot say "You have to cut the SSH login for Marilyn so she can't use Subversion".
*Truncated for clarity* One option would be to generate a different (password enabled... of course) key for each unique user (all logging in with the same SVN user name). Then revoking SVN access is as simple as removing that user's key from the authorized_keys list. ---------------------------------------- Matthew Beals Michigan Technological University Department of Atmospheric Sciences 1400 Townsend Drive B019a Fisher Hall Houghton, MI 49931 mjbe...@mtu.edu
