Is there a way to move a saved login/password for TortoiseSVN to a network repository from machine to machine? Just got a new machine, know my username but don't recall my login to the repository.
I know TortoiseSVN saves some auth info on the directories at %appdata%\Subversion\auth
Moved over the file I found at svn.simple; I see my user name in it in clear text but the password is encrypted. I also see "wincrypt" in the file so that's the crypto functionality invoked.
Ordinarily I'd just have the SVN admin reset it for me but he is out on vacation until next week as is the other admin for SVN.
I can dive into the source for TortoiseSVN and see how authentication is being accomplished but there's got to be an easier way. I can run Wireshark on the successful authentication from the old machines if that would be useful.
See this answer: Extract TortoiseSVN saved password
If you still have access to the old machine and Windows user account, then you can extract the passwords using the 3rd party "TortoiseSVN Password Decrypter" utility.
Wireshark is another good alternative but I don't believe it will help you for SSL repositories.
Solved! Turns out it was pretty simple to resolve.
Wireshark was the answer. Did a capture of the communication between my old machine and the repository host, launched the repo browser from TortoiseSVN. Then I ran "Follow TCP Stream" on the conversation, and found this line:
Authorization: Basic ZHIzeDppc0F3ZXNvbWU=
Here's the Powershell script to decode it:
$basic = "ZHIzeDppc0F3ZXNvbWU="
[System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String($basic))
Returns plain text:
uname:pwd
According to the help file, TortoiseSVN stores credentials in sub-folders of %appdata%\Subversion\auth:
svn.simple contains credentials for basic authentication (username/password). svn.ssl.server contains SSL server certificates. svn.username contains credentials for username-only authentication (no password needed).
I guess you could just try and copy these folders the other machine.
The credentials are encrypted with the windows encryption APIs, using the data from the logged on user. This means the encryption is based on your Windows logon account, and therefore can't be copied to another machine, even if you set up a user with the same username and password there.
I would think you would want this not to be possible since it would mean anyone could copy over some files and be able to make changes using your SVN account. Perhaps it is best that this isn't possible and that things are more secure.
Instead, you should develop a better policy internally about password management so that you don't depend on certain people being around for this kind of thing (i.e. the bus factor).
