1# git-secure-export contrib23Scripts for using `git-secure-export` as a git remote-helper.45## Architecture67The client-side git remote helper (`git-remote-secure`) connects using8`ssh(1)` to the git server and spawns the `git-secure-receive` command9on this server. Afterwards, remote helper commands are piped to it. Data10send to the server is encrypted using `git-secure-export`, data received11from the server is decrypted using `git-secure-import`.1213## Limitations1415Every git push effectively has `--force`.1617## Installation1819This setup requires install one script on the server and the client.2021### Server2223Copy `git-secure-receive` to your `$PATH`, make sure you can invoke it24from `ssh(1)` as `ssh <host> git-secure-receive`.2526### Client2728Copy `git-remote-secure` to your `$PATH`. Start using29`git-remote-secure` for your repository by adding a secure remote using:3031 git remote add secure://<git server>:<path to git repo on server>3233Afterwards, you can push/pull your repository as you would normally34while data is transparently encrypted/decrypted by the remote helper.35You can verify that the plaintext is not stored on the server by cloning36your encrypted repository over ssh without using `git-remote-secure`.3738## Usage3940Example initialization of a new repository on both client and server:4142 $ mkdir testrepo && cd testrepo43 $ git init44 Initialized empty Git repository in /tmp/testrepo45 $ git secure-init46 Initialized symmetric key in .git/git-secure-key47 $ ssh example.org 'mkdir -p testrepo && git -C testrepo init'48 Initialized empty Git repository in /home/user/testrepo/.git/49 $ git remote add secure://example.org:repos/testrepo5051Afterwards files can be committed and pushed as usual.