diff options
Diffstat (limited to 'README.rst')
-rw-r--r-- | README.rst | 58 |
1 files changed, 35 insertions, 23 deletions
@@ -22,7 +22,13 @@ over arbitrary git transport. The aim is to provide confidential, authenticated git storage and collaboration using typical untrusted file hosts or services. -PLEASE help us evaluate how well we meet this design goal! + +Installation +............ + +* ``apt-get install git-remote-gcrypt`` on Debian and Ubuntu systems + +* run the supplied ``install.sh`` script on other systems Quickstart .......... @@ -60,12 +66,16 @@ The following ``git-config(1)`` variables are supported: .. ``gcrypt.publish-participants`` By default, the gpg key ids of the participants are obscured by - encrypting using `gpg -R`. Setting this option to `true` disables + encrypting using ``gpg -R``. Setting this option to ``true`` disables that security measure. - The problem with using `gpg -R` is that to decrypt, gpg tries each + The problem with using ``gpg -R`` is that to decrypt, gpg tries each available secret key in turn until it finds a usable key. - This can result in unncessary passphrase prompts. + This can result in unnecessary passphrase prompts. + +``gcrypt.gpg-args`` + The contents of this setting are passed as arguments to gpg. + E.g. ``--use-agent``. ``remote.<name>.gcrypt-signingkey`` .. @@ -75,26 +85,11 @@ The following ``git-config(1)`` variables are supported: part of the participant list. You may use the per-remote version to sign different remotes using different keys. -``gcrypt.gpg-args`` - The contents of this setting are passed as arguments to gpg. - E.g. ``--use-agent``. - Environment Variables ===================== *GCRYPT_FULL_REPACK* - This environment variable forces full repack when pushing. - -Note to users of GnuPG version 2 -================================ - -When a repository was pushed with ``gcrypt.publish-participants`` -false (i.e. the recipient is anonymous), and you are using GnuPG -version 2, you will need to include ``--try-all-secrets`` or -``--try-secret-key ID`` in ``gcrypt.gpg-args``. - -GnuPG version 1 always tries all available secret keys when it -encounters a message with an anonymous recipient. + This environment variable forces a full repack when pushing. Examples ======== @@ -112,7 +107,7 @@ How to use a git backend:: git remote add gitcrypt gcrypt::git@example.com:repo#next git push gitcrypt master -The URL fragment (`#next` here) indicates which backend branch is used. +The URL fragment (``#next`` here) indicates which backend branch is used. Notes ===== @@ -139,6 +134,14 @@ Remote ID a warning if the Remote ID changes, which should only happen if the remote was re-created. +Performance + Using an arbitrary `<giturl>` or an `sftp://` URI requires + uploading the entire repository history with each push. If your + repository history is large or you are pushing over a slow link, + consider using the `rsync://` transport, which performs + incremental pushes. Note that the latter won't work with a + repository hosting service like Gitolite, GitHub or GitLab. + Repository Format ................. @@ -198,8 +201,8 @@ Each item extends until newline, and matches one of the following: Detecting gcrypt repos ====================== -To detect if a git url is a gcrypt repo, use: git-remote-gcrypt --check url -Exit status if 0 if the repo exists and can be decrypted, 1 if the repo +To detect if a git url is a gcrypt repo, use: ``git-remote-gcrypt --check url`` +Exit status is 0 if the repo exists and can be decrypted, 1 if the repo uses gcrypt but could not be decrypted, and 100 if the repo is not encrypted with gcrypt (or could not be accessed). @@ -211,6 +214,15 @@ See Also git-remote-helpers(1), gpg(1) +Credits +======= + +The original author of git-remote-gcrypt was GitHub user bluss. + +The de facto maintainer in 2013 and 2014 was Joey Hess. + +The current maintainer is Sean Whitton <spwhitton@spwhitton.name>. + License ======= |