Security in Git

Our entitydb is on codeberg.org, a free Git server based on Gitea.

Two-factor authentication

Two-factor authentication requires entering a one-time code or using a physical security key in addition to the password when logging into Codeberg. If the password is compressed, an attacker cannot log in to the account.

• Setting up two-factor authentication
• Free authenticator apps on F-Droid

Integrity of the connection to Codeberg

When connecting to Codeberg, an SSH connection is often used. To prevent MITM attacks, you can verify the SSH fingerprint.

• Verifying you’re connected to Codeberg using SSH fingerprints

Sign the commits

To verify the authenticity and integrity of commits, it is recommended to sign them with GPG.

• Signing Your Work
• Signing commits