We have a Scala project and we decided to use git. The problem is we are a very small distributed team and we want nobody outside of the team to have even the read only access to our git server (which has a valid IP and is world-accessible in the IP level). I have heard the git-daemon has no authentication mechanism by itself and you should somehow integrate it with ssh or something. What is the best (and easiest) way to make the git server respond only to authorized users ? Or perhaps git-daemon is not for this task ? I may add that I am looking for a simple and straightforward approach. I don't want to compete with github ;-)
What is the best way to secure a shared git repo for a small distributed team?
2.7k Views Asked by Ashkan Kh. Nazary At
6
There are 6 best solutions below
1
On
Use ssh's authentication, and exclusively so (disable git-daemon). git clone company.server.com:/srv/git/myproject is not any harder to use than other protocols.
0
On
Gitolite is a less straight-forward way to protect a "central" repository, but:
- its installation is quite simple, and it will take care of read/write access based on ssh public keys registered in the
authorized_keysof thegitoliteaccount on the central server.
You can initiate its installation right from your local workstation (it will copy what it needs to the server, provided you have ssh access to said server) - it certainly don't compete with GitHub ;)
0
On
If you're in a windows environment, you could simply set up a share that holds your bare repo and use windows' built in mechanisms for access control to the said share. No managing of any keys, your company will do the management of user accounts and stuff.
Run GIT local to the box,for example at 127.0.0.1:1234
Then have apache route requests from the outside to that local instance.
Apache will take care of the ssl.