Konstantin Khomoutov <flatworm@xxxxxxxxxxxxxxxxxxxxx> writes: > On Fri, 27 Dec 2013 18:59:00 +0600 > Sergey Sharybin <sergey.vfx@xxxxxxxxx> wrote: > >> Quick question is, is it possible to use git:// protocol over >> SSL/TLS/other secure transport? > > The Git protocol does not implement it itself but you can channel it > over a TLS tunnel (via stunnel for instance). Unfortunately, this > means a specialized software and setup on both ends so if the question > was about a general client using stock Git then the answer is no, it's > impossible. Hmph, I somehow had an impression that you wouldn't need anything more complex than a simple helper that uses git-remote-ext on the client side. On the remote end, you'd need to have something that terminates the incoming SSL/TLS and plugs it to your git daemon. > >> Or the recommended way to do secure anonymous checkout is to simply >> use https:// ? > > Yes, but it will only be secure if you've managed to verify the > server's certificate and do trust its issuer (or a CA higher up the > cert's trust chain) -- people tend to confuse "encrypted" with > "secure" which is not at all the same thing. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html