<div class="gmail_quote">On Thu, Feb 9, 2012 at 23:50, Satish Balay <span dir="ltr"><<a href="mailto:balay@mcs.anl.gov">balay@mcs.anl.gov</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div></div><div class="h5">On Thu, 9 Feb 2012, Jed Brown wrote:<br>
<br>
> On Thu, Feb 9, 2012 at 23:36, Satish Balay <<a href="mailto:balay@mcs.anl.gov">balay@mcs.anl.gov</a>> wrote:<br>
><br>
> > > > Credential management is simpler because adding/removing keys and<br>
> > similar<br>
> > > > can be done by the user instead of by emailing Satish.<br>
> > ><br>
> > > replaced by 'crate a bitbucket account - and email sean your bitbucket<br>
> > id'<br>
> > ><br>
> > > so eqivalent.<br>
> ><br>
> > ok - I see your point. First step is equivalent. Later change of<br>
> > keys/passwd is up to the user and doesn't involve e-mail [ with<br>
> > bitbucket.]<br>
><br>
> exactly<br>
<br>
</div></div>Just want to mention: this model [each user have their own account,<br>
and access shared repos] is the historical model with vcs [sharinv via<br>
unix group permissions]<br></blockquote><div><br></div><div>This is actually a quite different model.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
And we migrated to ssh key management as superior -and abandoned the<br>
previous model. Firstly because the repos were at mcs - and accounts<br>
were not easy for non mcs folks - and then not dealing with groups was<br>
nicer. And when petsc.cs.iit as deployed [eventhough I could easily<br>
deal with user accounts and groups]- it was preferable to stick with<br>
ssh key model instead of user account model. [with the aversion we<br>
gradually developed for maintaing multiple accounts/multiple paswds<br>
all over].<br></blockquote><div><br></div><div>The permissions issues with this are a mess.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
Now we are back to the original model of user account - and access via<br>
this account [yes - bitbucket makes it easier to crate accounts, and<br>
hopefully better infrastrucutre than 'group permission' for sharing<br>
underneath. [well atleat there is a gui to it].<br></blockquote><div><br></div><div>With Bitbucket, GitHub, and all the others, the web account is *not* a unix account. It's just a way to manage identity/keys. Everyone using ssh has <a href="mailto:hg@bitbucket.org">hg@bitbucket.org</a> (and <a href="mailto:git@github.com">git@github.com</a>, etc).</div>
</div>