Hi,
I'm using git-1.6.3.2 (with curl-7.19.5) and would like to configure a
private git server to be used over https with client-side certificate and
BasicAuth authentication because I want to restrict access to selective
and authenticated clients from the Internet which connect to the server
through a firewall and web proxy.
So far my test setup works fine. Using SSL FakeBasicAuth I can even access
the git server without storing the BasicAuth password unencrypted in
~/.netrc (and there are also no git password prompts).
However, it only works as long as I do *not* protect the client's private
key (PEM) with a pass phrase which is not secure (especially when using
FakeBasicAuth!). When I do protect the private key with a pass phrase
*each* git fetch/pull/push prompts the user *several* times with "Enter
PEM pass phrase:". Thus, it's not usable (even though it works).
Is there any way I can prevent this? Ideally, I want to be prompted for
the PEM pass phrase once and only once for each git command which uses a
secure network connection.
Searching the git mailing list archive I found this thread from February
09 which seems to indicate
git with https and client cert asks for password repeatedly
http://marc.info/?l=git&m=123553151323420&w=2
that this really does not work with git's current http code. Can anyone
confirm that this is still the case? I'm willing to test patches if
somebody is working on this problem.
--
Karsten Weiss
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html