Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have setup git server via ssh (one git account and many different public/private keys). Everything works fine, but I am concerned about security, as everybody may change their name and email, e.g. make a forged commit.
How can I ensure that everybody is committing under their names and not somebody’s other name?
At work we use Gerrit to manage our repositories. One of its features is that all communication with Gerrit is done over SSH using public/private key authentication (Gerrit has a built-in SSH server). You can set up the permissions so that normal users can’t push commits that have a different committer (or author) name than the one they’re logged in with.
The other benefit of using Gerrit, of course, is that you get a really good code review system.