Encrypted Git Hosting #851
vHanda
started this conversation in
Feature Requests
Replies: 2 comments
-
There are a few existing approaches, each with some drawbacks
|
Beta Was this translation helpful? Give feedback.
0 replies
-
Alternative idea add an option for encrypted files. I.e. support both plain text and encrypted, kind of like the https://github.com/AGWA/git-crypt suggestion above. This would still mean plain text files are open to being read on a remote server if the user did not choose to encrypt those specific files. Unclear if a history of encrypted files would leave then vulnerable to key analysis attacks (I'm not a crypto expert :-(). |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
There are currently no open encrypted Git Hosting providers. Keybase was the only option, but they aren't open source. Perhaps GitJournal could start providing encrypted hosting, it would also make the project more sustainable.
The current plan is to create a new git remote handler, which operates over https. Each git object would be encrypted with a common passphrase before sending it to the server. This way the server would be storing opaque blobs. The files would not be encrypted at rest, and this way all the standard git commands will continue to work. This approach might work for individual repos, but sharing a passphrase doesn't scale with multiple users.
If anyone has ideas on how to implement encrypted git hosting, which does not encrypt the files at rest and would work with multiple users and keys, please let me know.
Beta Was this translation helpful? Give feedback.
All reactions