----- Original Message -----
From: John McKown
Sent: Tuesday, December 11, 2012 7:44 PM
Subject: [git-users] securing data in a non-local repository
I haven't seen anything like this in anything I've read so far. And I know
that git is all about freely sharing. But is there some way to have git keep
the repository files encrypted. I know that the files in the .git subdirectory
are compressed. It seems to me that it should be relatively simple to have the
"git add" do an encrypt step just before the compress step in its processing.
You could have a git config core.encrypt and git config cone.encrypt.key
variable. The core.encrypt would be TRUE or FALSE. If the value is TRUE, then
you could set the core.encrypt.key variable or you could have git ask for the
password interactively. Or maybe I just really want it to occur when I do a
This comes up pretty often. If each commit is encrypted then you can't compress
the repository, and you can't do any of the fancy stuff that needs to go on
within the server to pack the repo.
Also, as a Distributed system, initially for the Linux Open Source activity,
the key is that whenever you are distributing [clones] the code (everyone gets
everything) you making it more open, so the repo isn't the place to add your
Yes, I'm a bit of a security nut. And, yes, I know I could gpg encrypt the
file before doing the git add. Or I guess that I could even make my own
git-encrypt-add script to do it via a "git encrypt-add" operation. Hum.
Your thoughts are appreciated.