Securing a Git Repository
I have a shared hosting package and I have installed git from source. I created a repo and intend to create a couple more, but I was wondering if there is any way to secure the git repository. Currently I access it over regular http. I do have a shared SSL cert, but I’m pretty sure that won’t be of use here.
Edit: by secure, I mean authenticated, not encrypted.
- Sharing a repo without git-daemon
- Having trouble working with a Git repository
- Problems cloning 1and1 git repository in 1and1 shared Linux server with Eclipse EGit
- Git push to live server through limited ssh
- Best option for deploying a CakePHP web app to shared hosting
- shell_exec configuration for git pull Godaddy vs Bluehost
3 Solutions collect form web for “Securing a Git Repository”
If it’s http, can you not just use the http server authetication? i.e. .htaccess
You can use gitosis to configure fine-grained repository permissions with ssh authentication. However, gitosis needs a separate user account because it takes over that account’s
~/.ssh/authorized_keys; the separate account also makes it more secure.
gitolite doesn’t need a separate user account. Here is the tutorial.
You said “authenticated”. Well, if you really meant just that, then SSH (even with password access) is good enough. If no one else has access to your server shell account, you’re safe.
You need gitolite if you need authorisation in addition to authentication. That is, after sshd (or httpd, if you use git-http-backend) have authenticated the user, you then want to authorise the user to only the repos he/she should have access to.
Nothing in your original question indicates you need that, and I suspect plain SSH access will be good enough for you. Like:
git clone MyUserNameOnSharedHost@my.shared.host:myRepos/foo.git