While true, in most cases the username is simply “git” and not a specific username tied to the pub/priv keypair
- 0 Posts
- 16 Comments
Joined 7 months ago
Cake day: November 23rd, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
When authenticating with git over SSH, the private key should be considered secret and well protected.
That means the corresponding public key that was uploaded to the git server is enough to authenticate and no username is required. However, a password protected privare key is possible and extra layers of security can be added to the authentication mechanism.
As far as resource based attacks based on public key searching, I doubt many servers have significant enough public keys on a single host to even notice. Most repos are siloed and have specific teams/individuals assigned to them, so only a small number of public keys even gets loaded.
I dont know enough about the server side mechanics to be sure, but imo the attack surface is pretty small.
5·3 months agoIts not FOSS anyways, its Source Available
Dickety!
Then users need to spin up their own instance, right? Then all their posts stay backed up if they choose?
Seems like a mediocre problem to get bent out of shape enough to move to a centralized platform.
It seems like a nice way to say “Bluesky moderates everything, so we get to curate your feed!”
Can you not just backup the instance on Mastodon?
I always disregarded it since it came as bloatware on my old samasung phones
Its fancy IRC with voice channel support, etc
woohoo! we got moderated content!!! cant wait for all the “organic” ads that pop up in my feed from users spouting the benefits of Tide^TM brand soap!!!
FOSS 4 Life, bb!
neither of you are looking at all the data harvesting that occurs on platforms like Meta and Reddit. Telemetry, keystrokes (not just submitted, but any key typed iincluding backspaced ones), and more, and NONE of that is harvested on this platform.
Could be non native speaker
Let the web2 exodus, BEGIN!!!
Aggregators will come out eventually too
Interesting breakdown, thank you.
Do you happen to know if the containerization is similar to docker containers? Or more like android apps?