Bazaar only ssh, is bzr_ssh_path_limiter secure? or should I use sftp?

Question

I would like to allow some users to read/write Bazaar repositories on a server using ssh.

I read about using bzr_ssh_path_limiter (with restricted ssh keys) which is a nice tool and seems to do the work. I've also seen that it is possible to use sftp for bazaar.

Is bazaar ("bzr serve") secure enough that the client cannot execute any shell commands?
Should I use sftp? Can I restrict access to a folder? and disallow shell commands?

score 0 · Accepted Answer · answered Jul 18 '10 at 20:04

Well, while I am inclined to trust the combination of bzr serve and ssh, there is still a lot less "moving parts" in an OpenSSH SFTP chroot. Hence, a lot less thing which could go wrong, or which could be exploited.

The potential problem with running bazaar against SFTP is that is relatively slow. Whatever that is a problem or not depends on what kind of repositories you will be sharing. Yet, if you are worried about security, then I think you should at least try the SFTP-chroot solution, to see whatever it is feasible or not.

Bazaar only ssh, is bzr_ssh_path_limiter secure? or should I use sftp?

1 Answers1