[git-users] Re: securing data in a non-local repository
Thanks. I had forgotten that encrypting data tends to randomize it and so it wouldn't compress very well. What I was thinking was of was GitHub's private repositories perhaps containing company proprietary software. It might be attractive to a startup which recruits non-local talent and does its work via the Internet rather than in an office building. In that case, my paranoia would kick in about the possibility of GitHub being hacked and my source stolen or compromised. I guess in this case, it would be wise for the startup to run a GitHub Enterprise virtual server on its own equipment. Or, like I do, have a git subdirectory on a machine which contains the various repositories and is accessible only via SSH. I.e. keep it in house with external developers having an SSH connection to the git server. Thanks for the feedback. On Tuesday, December 11, 2012 1:44:36 PM UTC-6, John McKown wrote: I haven't seen anything like this in anything I've read so far. And I know that git is all about freely sharing. But is there some way to have git keep the repository files encrypted. I know that the files in the .git subdirectory are compressed. It seems to me that it should be relatively simple to have the git add do an encrypt step just before the compress step in its processing. You could have a git config core.encrypt and git config cone.encrypt.key variable. The core.encrypt would be TRUE or FALSE. If the value is TRUE, then you could set the core.encrypt.key variable or you could have git ask for the password interactively. Or maybe I just really want it to occur when I do a git push. Yes, I'm a bit of a security nut. And, yes, I know I could gpg encrypt the file before doing the git add. Or I guess that I could even make my own git-encrypt-add script to do it via a git encrypt-add operation. Hum. Your thoughts are appreciated. --
Re: [git-users] Re: securing data in a non-local repository
On Wed, Dec 12, 2012 at 5:27 PM, John McKown john.archie.mck...@gmail.com wrote: Thanks. I had forgotten that encrypting data tends to randomize it and so it wouldn't compress very well. What I was thinking was of was GitHub's private repositories perhaps containing company proprietary software. It might be attractive to a startup which recruits non-local talent and does its work via the Internet rather than in an office building. In that case, my paranoia would kick in about the possibility of GitHub being hacked and my source stolen or compromised. I guess in this case, it would be wise for the startup to run a GitHub Enterprise virtual server on its own equipment. Or, like I do, have a git subdirectory on a machine which contains the various repositories and is accessible only via SSH. I.e. keep it in house with external developers having an SSH connection to the git server. You may be interested in using gitolite https://github.com/sitaramc/gitolite to host your repositories in house. The setup is easy and you will get many features that github has. -- Serge Matveenko mailto: se...@matveenko.ru github: http://lnkfy.com/1 linkedin: http://lnkfy.com/S --
Re: [git-users] Re: securing data in a non-local repository
You may also want to look at atlassian.com if you're doing enterprise work. They specialize in behind-the-firewall solutions. On Dec 12, 2012 7:47 AM, Serge Matveenko se...@matveenko.ru wrote: On Wed, Dec 12, 2012 at 5:27 PM, John McKown john.archie.mck...@gmail.com wrote: Thanks. I had forgotten that encrypting data tends to randomize it and so it wouldn't compress very well. What I was thinking was of was GitHub's private repositories perhaps containing company proprietary software. It might be attractive to a startup which recruits non-local talent and does its work via the Internet rather than in an office building. In that case, my paranoia would kick in about the possibility of GitHub being hacked and my source stolen or compromised. I guess in this case, it would be wise for the startup to run a GitHub Enterprise virtual server on its own equipment. Or, like I do, have a git subdirectory on a machine which contains the various repositories and is accessible only via SSH. I.e. keep it in house with external developers having an SSH connection to the git server. You may be interested in using gitolite https://github.com/sitaramc/gitolite to host your repositories in house. The setup is easy and you will get many features that github has. -- Serge Matveenko mailto: se...@matveenko.ru github: http://lnkfy.com/1 linkedin: http://lnkfy.com/S -- --
