Hi, I'm considering setting up Gitorious at work, but I don't want to use public key authentication. We already have centralized user management and authentication through LDAP and Kerberos, and using a shared user and public keys wouldn't go over well with our IT group (there's no way to enforce non-empty passphrases or that passphrases are strong or rotated regularly, for example)
In principle, this seems like it should be reasonably easy -- basically just set the users' shell to be the gitorious wrapper that is normally invoked by ssh. Probably need to wrap the wrapper to pass the userid on the giorious command line and chdir to the repository directory. I haven't looked at what is actually written to the authorized_keys file. Obviously this wouldn't affect the webapp side, and that would have its own authentication realm, unless I can hack the rails app to add LDAP authn, but I don't speak Ruby atm. This split-authn situation would be ok for now. My question is, what else do I have to look out for? Gitorious has enough dependencies that I don't want to get started on hacking this together without a better idea of what lies ahead. Thanks, John --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Gitorious" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/gitorious?hl=en -~----------~----~----~----~------~----~------~--~---
