On Wed, 08 Jun 2016, Alexandre Viau wrote: > On 08/06/16 07:57 AM, Alexander Wirt wrote: > > On Wed, 08 Jun 2016, Antonio Terceiro wrote: > > > >> On Wed, Jun 08, 2016 at 09:47:56AM +0200, Alexander Wirt wrote: > >> for authentication, I think you should probably use the Debian SSO with > >> client certificates: > >> https://wiki.debian.org/DebianSingleSignOn > > Nope, thats http only and doesn't cover ssh. Client certificates also have > > several problems, see enricos mails for details about it. > > Alioth accounts are first created on the web interface and then users > upload their SSH keys. I don't see why we wouldn't do the same with gitlab? You will just end with a second tool for ssh keys. I dream of some central self service tool (maybe like freeipa) which can be used as a source for authentication.
> I can see the following: > - DDs login with Debian SSO and upload their public key on the web inteface > - Debian Contributors are able to create -guest a account and upload > theur public key on the web interface I personally think it sucks to have another identity provider. So if you use svn for one team and git(lab) for another, you will have to maintain your stuff twice. I would like to prevent that. Just my 2 cent Alex
signature.asc
Description: PGP signature
