Re: [QUESTION]Is it possible that git would support two-factor authentication?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Aug 11, 2021 at 07:00:50PM +0800, lilinchao@xxxxxxxxxx wrote:
> Many websites support two-factor authentication(2FA) to log in, like Github, I wander if we can support it in application layer.
> When client clone something, they need  input username and password, it is like a website login process. For security, we can
> enable  2FA during this process.

As you well know, "cloning" a repository can be done via any number of
mechanisms:

1. locally from another repository on disk
2. locally, from a git bundle file
3. remotely, using the anonymous git:// protocol
4. remotely, using ssh or http(s) protocols

2-factor authentication does not make sense in the first three cases (you
already have access to all the objects with 1 and 2, and the git:// protocol
is public and anonymous by design). For the ssh/https scheme, 2fa is already
supported by the underlying protocol, so it does not make sense for git to
implement it again on the application level.

Hope this helps.

-K



[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux