On Wed, Jan 09, 2013 at 10:00:07AM -0800, Greg wrote:
> WRT 1.b: I am surprised by your comment that private Git repos purchased
> from Github are not secure... they purport to be authenticated and use SSL
> connections. Other than the employees at Github, who's prying eyes would
> be able to peruse the code?
I did not say they are not secure, I told about different levels of
security of various methods to keep your data offsite.
I stated that the security of a private repository hosted by a
third-party is questionable. This is because being private only keeps
your repository from being freely accessed by casual public. But that's
all what it means. The repository is physically maintained by that third
party (your hosting provider) whose staff has full access to it.
It's the same situation as with your webmail account: it's not only you
who has access to it but also the organisation who hosts its data.
So of course there's the question of which level of security you need.
It might be that the level of security just discussed is perfectly
acceptable for your needs. But it might be not. As you asked a rather
comprehensive question I decided to try to show the full picture so you
could make an educated decision.
As to the level of security for accessing your github private repos from
the outside, it's only as strong as your account's password -- this has
to be understood very well. Even if you do use SSH auth which requires
using public keys (it's beleived to be quite a strong authentication),
to upload these keys on the server, you use regular login to the github
web interface, hence whoever succeeded at guessing your password (or
happened to just obtain it ) could upload their own key. Well, and
since github also provides HTTPS transport they wouldn't even need to do
that as they could use your password right away to clone your repo.
> WRT 3.c: By "secure" I meant a user/password protected, SSL connection to
> a web-based UI over a private and (hopefully :-) secure Git repo hosted by
> a Git hosting provider.
Ah, that's doable of course: any Git hosting provider offering private
repos does provide password-protected and SSL-encrypted access to the
web interface, and in the case of deploying your own hosting (say, on a
rented server or a VPS) you usually put gitweb behind a web server which
is set up to perform whichever sort of authentification/encryption is
> So, based upon your thorough reply, it appears that Git will do everything
> we need it to do (and more). And we will review the options for off-site
> "secure" repository backup to determine where the best cost/benefit will be
> for our organization.
Well, Subversion would also fulfill all your requirements.
It's just... uh... well, okay ;-)