Presently my server is on an internal network and only used by me, however, I wish to create a new subversion repository and allow external people to access it. They should be restricted to svn access and not allowed to do anything else. They will access it by svn+ssh protocol.
The steps I believe I should take are below, but what other steps should I take?
- Add new users
- Create a public/private key for each user
- Add users to a group 'ext_svn' or similar
- Create repository and set r/w permissions for 'ext_svn' members
- Install SSH, redirect my router port to my server, disable root login and disable password login
Presumably they will still be able to SSH in and then download files from the internet, open ports, install backdoors, read server config files ... etc
Note that I'm focusing here on authorised users, I've already read this question about preventing unauthorised access
