On Sun, Jun 26, 2011 at 10:16 AM, martin mar...@siamect.com wrote:
The https solution is not mature in the same way as the ssh solution.
SSH has protected Unix/Linux boxes for ages.
One might argue that SSH has exposed Unix/Linux boxes to attacks, not
protected them, for ages; just have a
On Sun, Jun 26, 2011 at 7:42 PM, jarrod.rober...@gmail.com wrote:
Yes, lots of people disable the HTTP support completely and only use SSH
for writes and Git of read only access. This is what we do for our
installation.
This is very important for work flows where people should be able to
On Mon, 2011-06-27 at 10:17 +0200, Marius Mårnes Mathiesen wrote:
On Sun, Jun 26, 2011 at 10:16 AM, martin mar...@siamect.com wrote:
The https solution is not mature in the same way as the ssh
solution.
SSH has protected Unix/Linux boxes for ages.
One might argue
Hi there
On Mon, Jun 27, 2011 at 11:17 AM, Marius Mårnes Mathiesen
marius.mathie...@gmail.com wrote:
On Sun, Jun 26, 2011 at 10:16 AM, martin mar...@siamect.com wrote:
I don't understand why you are concerned about the dedicated git user
account... just lock it down properly. You have exactly
Em 27-06-2011 05:30, Marius Mårnes Mathiesen escreveu:
On Sun, Jun 26, 2011 at 7:42 PM, jarrod.rober...@gmail.com
mailto:jarrod.rober...@gmail.com wrote:
Yes, lots of people disable the HTTP support completely and only
use SSH for writes and Git of read only access. This is what we do
Hi
On Mon, Jun 27, 2011 at 4:18 PM, Rodrigo Rosenfeld Rosas
rr.ro...@gmail.com wrote:
Em 27-06-2011 08:33, Benjamin Podszun escreveu:
Hi there
On Mon, Jun 27, 2011 at 11:17 AM, Marius Mårnes Mathiesen
marius.mathie...@gmail.com wrote:
On Sun, Jun 26, 2011 at 10:16 AM,
Em 27-06-2011 10:25, Benjamin Podszun escreveu:
Hi
On Mon, Jun 27, 2011 at 4:18 PM, Rodrigo Rosenfeld Rosas
rr.ro...@gmail.com wrote:
Em 27-06-2011 08:33, Benjamin Podszun escreveu:
Hi there
On Mon, Jun 27, 2011 at 11:17 AM, Marius Mårnes Mathiesen
marius.mathie...@gmail.comwrote:
On
Em 27-06-2011 10:41, Rodrigo Rosenfeld Rosas escreveu:
Em 27-06-2011 10:25, Benjamin Podszun escreveu:
Hi
On Mon, Jun 27, 2011 at 4:18 PM, Rodrigo Rosenfeld Rosas
rr.ro...@gmail.com wrote:
Em 27-06-2011 08:33, Benjamin Podszun escreveu:
Hi there
On Mon, Jun 27, 2011 at 11:17 AM, Marius
Em 27-06-2011 10:47, Rodrigo Rosenfeld Rosas escreveu:
...
I think it is not currently possible to listen on port 22 with
effective uid other than 0 in Unix-like systems, but I may be wrong
since I'm not really a security specialist.
If we set it up to run in another port, than instead of
On Fri, 2011-06-24 at 22:05 +0200, Christian Johansen wrote:
For my own servers I would turn off the HTTP protocol for
push/pull
anyway...
Why?
Explanation is below here:
I like to have http only for the Gitorious web interface. I
can open
On , Marius Mårnes Mathiesen marius.mathie...@gmail.com wrote:
Anyone subscribed to this list will know that installing Gitorious is not
for the faint of heart. There are a lot of moving parts, a lot of
dependencies, and getting everything right is difficult. I really want to
change this.
Hi Jarrod,
I would be happy to merge any changes to my Gitorious Chef recipe for it
to work on CentOS/Redhat too. I can download a CentOS image for testing
it and I can help you with Chef specific bits as long as I understand it.
It just happens that there is a long time since I last used
Hi,
I am pretty new to this list. Just joined yesterday, and only just getting a
gitorious installation setup behind the firewall. However, my thoughts are
if HTTP can offer everything that SSH can with the same reliability, rather
go with a single protocol. It would make the code easier to
On Fri, Jun 24, 2011 at 9:51 AM, Benjamin Podszun
benjamin.pods...@gmail.com wrote:
I would. The deployment of ssh is well-known and understood, and
probably already exists as a way to access machines/services in a lot
of shops. I trust ssh, trust the code quality and security audits.
Hello,
We'll investigate what it will take to use SSL client certificates for
authentication, since this will:
- save the users from entering their passwords when pushing/putting the
credentials in .git/config or elsewhere
- provide better integrity for credentials: you'd need access to the
Well I'm quite faint hearted and I have installed Gitorious a number of
times (4-5) so I don't really think it is that hard...
Please keep the SSH and Git protocols as they are. People like me expect
it to work the same way at Gitorious as it does according to the Git
documentation.
For my own
Another open question: Do clients actually support this http based
cloning decently? Think Git Extensions, TortoiseGit et al?
--
To post to this group, send email to gitorious@googlegroups.com
To unsubscribe from this group, send email to
gitorious+unsubscr...@googlegroups.com
Hi Marius,
First, I would like you to congratulate you and Johan for the good work
and efforts you both put on this feature.
Then, I would like to say that I would be really really sad if SSH
support was deprecated. I think that providing your public key from a
user's point of view is
Hi Marius,
I don't think it is a good idea to drop/deprecate support for ssh or
git-proxy. But I do like the approach of having modularized protocols, maybe
ssh and git handler should be refactored to its own modules? So one can
choose what it wants to install.
Any way, great job!
Cheers
On
First, I would like you to congratulate you and Johan for the good work and
efforts you both put on this feature.
Thanks, but my name is Christian. Johan stepped down, remember? :)
Then, I would like to say that I would be really really sad if SSH support
was deprecated. I think that
So - although I still think that ssh should stay and that GUI client
support is a valid point: I cannot ignore the thought that I might be
just a lazy bum that wants to keep it as it is, for the sake of it.
:) No worries. You are definitely right in that we want to reach a wider
audience, but
Thanks, but my name is Christian. Johan stepped down, remember? :)
Right, sorry, Christian. It is just the new age's effect :)
;)
If you could have well-performing, secure and easy-to-use HTTP pull/push,
then why wouldn't you use it?
Because I want all my repository submodules URL
22 matches
Mail list logo
