Shibboleth authentication to a git repository?

Rod Widdowson rdw at
Thu Apr 2 06:31:42 EDT 2020

> Not unless you get ECP support added to the client (all clients) and
> also the server, I think.

ISTR that there was an experimental OpenSSL client that spoke OpenSAML via an RFC proposal kitten-sasl-saml-ec which I believe that
the Shibboleth SP does support.

At least on windows you get to chose which SSH client you use (hence Pageant)

So all the tools are there, but you'd be using some pretty far out stuff.  So I'm with peter

> Don't re-invent the wheel. The world has settled on using a
> (SAML-enabled) web application to provision local accounts and SSH
> public keys and then using those SSH public keys for git access.


More information about the users mailing list