I'm looking for a part-time remote job.

Hire me


I'm the author of:

Mastering Redmine is a comprehensive guide with tips, tricks and best practices, and an easy-to-learn structure.

Check the book's project or

Buy the book

Social pages of the book:

By buying this book you also donate to Redmine (see this page).


Follow me:

Improvement #2431

Fix location of known_hosts for www-data

Added by Andriy Lesyuk almost 2 years ago.

Status:
New
Priority:
Normal
Assignee:
Category:
-
Start date:
Due date:
% Done:

0%


Description

To mirror code onto GitHub, I call git under the www-data user. Git, in turn, is using SSH, which needs to store known_hosts file somewhere. Currently, it’s stored in www-data's “home” directory /var/www, what is not very secure (probably - no, it’s not accessible via web, but).

Git 2.3+ supports the special environmental variable GIT_SSH_COMMAND, that allows to specify parameters for SSH. This variable can be used to specify a different location for the known_hosts file as follows: ssh -o UserKnownHostsFile=/path/to/file. However, I’m using Debian jessie for now, in which Git is of the version 2.1.

I create this ticket to remind me about the need to fix this, after I upgrade my server.

Also available in: Atom PDF

Terms of use | Privacy policy