On Thu, 20 Oct 2005, H. Peter Anvin wrote: > > git over ssh seems to be the obvious choice. Yes, but Petr is right that there might be room for some lighter-weight "gits" secure protocol. One that doesn't necessarily require a whole user ID thing. For example, let's say that you're not the maintainer of your machine, but you're in an environment where you are allowed to run daemons as yourself (at a university, for example). And you have a group of people who want to work together at a project, but they don't want to give write permissions to the world or their bigger group (group "student"). And git itself _does_ actually support that, already. You can use the standard "ssh:" thing (or just "hostname:pathname"), and the GIT_SSH environment variable to set up any tunnelling program you want. Then you can authenticate any way you want (and encrypt or not, whatever).. So if somebody is in this situation, maybe we could have an example tunnel client/server thing that does this. This is unrelated to the git protocol itself, although the "pack over ssh/tunnel" obviously uses all the same stuff for the actual transfer. (It might also be worthwhile to have .git/config specify what program to use, so that you don't need a global environment variable. It might even be per-host, ie we could have git-send-pack and git-fetch-pack understand config language like [connect] program=[server.uni.edu]:mytunnel or something. It shouldn't even be hard to do. Certainly simpler than doing a good authenticating tunnel). Linus - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.htmlReceived on Fri Oct 21 03:18:32 2005
This archive was generated by hypermail 2.1.8 : 2005-10-21 03:18:35 EST