How to force authentication at git lfs server side

[Mais316]

We have found that any one can push to the lfs server even if no credential entered or when we close write permission on lfs directory for certain group seems its not even depending on file system permission only http is there any way to force authentication so its not none as below

[user@test]$ git lfs env git-lfs/1.1.1 (GitHub; linux amd64; go 1.5.3; git 7de0397) git version 2.7.0

Endpoint=http://ip_address:port (auth=none) LocalWorkingDir=

Kindly help

[artemkin]

Adding of authentication is in TODO list for a long time, so yes, it grants access to everyone. It is time to fix it. I've just added support of PAM authentication. I will re-check this one more time tomorrow, and create a new release.

PAM is universal, so you'll be able to use any authentication method.

Also, take into account that Git LFS client uses HTTP Basic authentication, so it sends plain login:password to a server in every request. I would rather use https endpoint to secure credentials.

[artemkin]

I've finally published the release with PAM authentication. Please, have a look.

[Mais316]

Hi artemkin I will test it and inform you thanks :)

[Mais316]

Hi artemkin,

As we are currently implementing the old implementation and your new one is working and authentication is fine :)

We have push around 200 GB of elements if we started a new process at the same old path but with the new implementation will it impact the current objects and bare repository

[artemkin]

Are you asking about backward compatibility? If so, yes, you can use a new version of LFS server with the existing repository.