0

I am using git-svn to develop code that is hosted on a SVN+SSH repository. I do not have to input my ssh password on the server every time I dcommit/update/rebase, so I assume it is cached somewhere.

Where are my credentials saved? Inside the .git directory, or globally in some dot-file in my home directory?

I ask because my git repository is public-readable on my home directory (we have a homes-are-readable policy in our laboratory), and I am afraid that this might leak my ssh credentials to all the lab.

Thanks.

Improve this question
0

2 Answers 2

Reset to default
1

As noted in Does Git-Svn Store Svn Passwords?, they are stored in ~/.subversion, so as long as your home directory itself is not public readable you shouldn't have a problem (though as I've just read your last line a bit more thoroughly, you may have a problem).

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

+1 for the purely password-based link (I had the key-based approach in mind)
Even if $HOME is publicly readable, readability of ~/.subversion can be limited to the owner.
Hopefully, yes. If the lab doesn't have something ensuring that the whole of your home directory is public, then Federico could remove word readability on that directory.
The permissions of ~/.subversion/auth are already drwx------: apparently subversion sets the default permissions right even in this scenario. So problem solved, there is a sensible default.
0

Have you configured your SSH server to use key-based authentication? It's likely that your private key (password protected or not) is in ~/.ssh/id_rsa or ~/.ssh/id_dsa (the public key being the .pub file associated with them). You should definitely protect those directories, although, in most cases, ssh won't even let it work if they're readable by someone else (other than root).

Improve this answer

1 Comment

as a side note to your comment that "ssh won't let it work" - I've fallen foul of that problem - it took me a fair while before I tried ssh -vvv to see that ssh was protecting me from dangerous permissions in my home directory - I think it was the fact that $HOME was actually group writable - which in turn makes $HOME/.ssh vulnerable.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.