> On May 12, 2015, at 8:45 AM, jbl...@icloud.com wrote: > > >> On May 12, 2015, at 5:30 AM, D Ste <djirat...@gmail.com> wrote: >> >> Hi, >> >> I would like to set up SVN to store confidential documents. >> I have secured the pipe communication with HTTPS/SSL. To avoid unauthorized >> users (even with root access) accessing documents from within the server, I >> would like to protect the SVN linux folder/files with encryption. >> >> Are there any ways to secure the SVN using protected folders or encryption? >> So only authorized users can access these confidential documents. >> >> Thanks in advance for your helps. >> > > > You could encrypt the documents before commiting them into the repository, > but that would eliminate the benefit of storing deltas and being able to > perform comparisons between revisions even for authorized users. > > For file-level encryption, I would recommend something like GnuPG. You would > need to build into your workflow the encryption/decryption steps from within > your working copies. It will be cumbersome at best. > >
Also, even if there were a server-side encryption possible, the encryption key would need to be stored on the server itself. Since you are in a situation where you cannot trust your system administrators, who would have access to the key as well, your purpose would be defeated by such a configuration. Therefore, you are limited to client-side encryption. To avoid the other problems of shared-key encryption systems, your best bet is asymmetric encryption.
