Thank you again Konstantin for the detailed clarifications! We will carefully consider how secure our code needs to be and then review your recommendations. Greg
On Wednesday, January 9, 2013 3:45:59 PM UTC-8, Konstantin Khomoutov wrote: > On Wed, Jan 09, 2013 at 10:00:07AM -0800, Greg wrote: > > [...] > > WRT 1.b: I am surprised by your comment that private Git repos > purchased > > from Github are not secure... they purport to be authenticated and use > SSL > > connections. Other than the employees at Github, who's prying eyes > would > > be able to peruse the code? > > I did not say they are not secure, I told about different levels of > security of various methods to keep your data offsite. > > I stated that the security of a private repository hosted by a > third-party is questionable. This is because being private only keeps > your repository from being freely accessed by casual public. But that's > all what it means. The repository is physically maintained by that third > party (your hosting provider) whose staff has full access to it. > It's the same situation as with your webmail account: it's not only you > who has access to it but also the organisation who hosts its data. > > So of course there's the question of which level of security you need. > It might be that the level of security just discussed is perfectly > acceptable for your needs. But it might be not. As you asked a rather > comprehensive question I decided to try to show the full picture so you > could make an educated decision. > > As to the level of security for accessing your github private repos from > the outside, it's only as strong as your account's password -- this has > to be understood very well. Even if you do use SSH auth which requires > using public keys (it's beleived to be quite a strong authentication), > to upload these keys on the server, you use regular login to the github > web interface, hence whoever succeeded at guessing your password (or > happened to just obtain it [1]) could upload their own key. Well, and > since github also provides HTTPS transport they wouldn't even need to do > that as they could use your password right away to clone your repo. > > > WRT 3.c: By "secure" I meant a user/password protected, SSL connection > to > > a web-based UI over a private and (hopefully :-) secure Git repo hosted > by > > a Git hosting provider. > > Ah, that's doable of course: any Git hosting provider offering private > repos does provide password-protected and SSL-encrypted access to the > web interface, and in the case of deploying your own hosting (say, on a > rented server or a VPS) you usually put gitweb behind a web server which > is set up to perform whichever sort of authentification/encryption is > desired. > > > So, based upon your thorough reply, it appears that Git will do > everything > > we need it to do (and more). And we will review the options for > off-site > > "secure" repository backup to determine where the best cost/benefit will > be > > for our organization. > > Well, Subversion would also fulfill all your requirements. > It's just... uh... well, okay ;-) > > 1. https://lwn.net/Articles/531726/ > > --