Konstantin Khomoutov <flatw...@users.sourceforge.net> writes:

> On Fri, 27 Dec 2013 18:59:00 +0600
> Sergey Sharybin <sergey....@gmail.com> wrote:
>> Quick question is, is it possible to use git:// protocol over
>> SSL/TLS/other secure transport?
> The Git protocol does not implement it itself but you can channel it
> over a TLS tunnel (via stunnel for instance).  Unfortunately, this
> means a specialized software and setup on both ends so if the question
> was about a general client using stock Git then the answer is no, it's
> impossible.

Hmph, I somehow had an impression that you wouldn't need anything
more complex than a simple helper that uses git-remote-ext on the
client side. On the remote end, you'd need to have something that
terminates the incoming SSL/TLS and plugs it to your git daemon.

>> Or the recommended way to do secure anonymous checkout is to simply
>> use https:// ?
> Yes, but it will only be secure if you've managed to verify the
> server's certificate and do trust its issuer (or a CA higher up the
> cert's trust chain) -- people tend to confuse "encrypted" with
> "secure" which is not at all the same thing.
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to