----- Original Message ----- From: John McKown To: [email protected] Sent: Tuesday, December 11, 2012 7:44 PM Subject: [git-users] securing data in a non-local repository
I haven't seen anything like this in anything I've read so far. And I know that git is all about freely sharing. But is there some way to have git keep the repository files encrypted. I know that the files in the .git subdirectory are compressed. It seems to me that it should be relatively simple to have the "git add" do an encrypt step just before the compress step in its processing. You could have a git config core.encrypt and git config cone.encrypt.key variable. The core.encrypt would be TRUE or FALSE. If the value is TRUE, then you could set the core.encrypt.key variable or you could have git ask for the password interactively. Or maybe I just really want it to occur when I do a "git push". This comes up pretty often. If each commit is encrypted then you can't compress the repository, and you can't do any of the fancy stuff that needs to go on within the server to pack the repo. Also, as a Distributed system, initially for the Linux Open Source activity, the key is that whenever you are distributing [clones] the code (everyone gets everything) you making it more open, so the repo isn't the place to add your security. Yes, I'm a bit of a security nut. And, yes, I know I could gpg encrypt the file before doing the git add. Or I guess that I could even make my own git-encrypt-add script to do it via a "git encrypt-add" operation. Hum. Your thoughts are appreciated. --
