On Wed, 15 Feb 2012 19:22:06 +0100, [email protected] (=?utf-8?Q?Aur=C3=A9lien?=) wrote: > > Smv says gitosis not only does this but also *only* allows the git user > > ([email protected]) access to the git repos. If we > > were going to manage push privileges using regular ssh > > methods (ssh-copy-id, authorized_keys, etc.), people could not only push > > to the repos but have shell login if available or access to the full git > > user's home, included .ssh/authorized_keys. > > Should it be possible that the script which verify authorithy ask > another "securly closed" server rather than the normal > .ssh/authorized_keys?
If everyone had a gpg key also we could use monkeysphere for auth.
pgpUUNKOFG1do.pgp
Description: PGP signature
_______________________________________________ Dev mailing list [email protected] http://lists.parabolagnulinux.org/mailman/listinfo/dev
