Jakub Narebski <jnareb@xxxxxxxxx> wrote: > "Arya, Manish Kumar" <m.arya@xxxxxxxxx> writes: > > > > I want to have following with Git > > > > - LDAP and ssh authentication. > > > > Instead of inventing (and failing) its own protocol and its own > authentication git uses established solutions for authentication: SSH > for "smart" server, and WebDAV for push via (currently only "dumb") > HTTPS protocol. > > There exist solutions that help with setting up SSH for git: > git-shell, ssh_acl, and I think most commonly used Gitosis (see > seminal reference about Gitosis on http://git.or.cz/gitwiki/BlogPosts). Yup. Gitosis is very popular for this. At my last job I rolled my own Gitosis-lite, but in Perl, because they are a Perl based shop. It also uses the update-paranoid hook for access controls, as its more flexible (and easier to confuse the heck out of yourself) than Gitosis. But if you can get along with Gitosis, its a good choice. Unfortunately its authentication is limited to public keys registered in the authorized keys file of the "git" user. <plug type="not-quite-ready-but-will-be-soon"> Gerrit2 is also likely to enter this "market" soon. I'm trying to get it production ready and live for one major project before the end of this month. It embeds its own SSH daemon on a non-standard port, completely disconnected from the OS authentication. This may make it slightly more palatable in some enviroments then Gitosis, as you don't need a huge authorized_keys file, and you don't have to worry quite so much about attack vectors. Unlike with Gitosis, public key management is placed on end-users by using web authentication to identify the user, and letting the user manage their own "authorized key list". It also has a full blown web based code review system built in. Which right now a project must use if it is hosted by Gerrit2. :-) </plug> -- Shawn. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html