Tue Jan 24 20:31:26 GMT 2012 Brian Warner <warner@lothar.com>

author Daira Hopwood <daira@jacaranda.org>

Thu, 5 Sep 2013 16:39:08 +0000 (17:39 +0100)

committer Daira Hopwood <daira@jacaranda.org>

Thu, 5 Sep 2013 16:39:08 +0000 (17:39 +0100)
author Daira Hopwood <daira@jacaranda.org>
Thu, 5 Sep 2013 16:39:08 +0000 (17:39 +0100)
committer Daira Hopwood <daira@jacaranda.org>
Thu, 5 Sep 2013 16:39:08 +0000 (17:39 +0100)
diff --git a/docs/frontends/FTP-and-SFTP.rst b/docs/frontends/FTP-and-SFTP.rst

index d0adefa01890f86c20d69c4a8509b09e7c3d6218..ed52e74567283f22c8c3a03861d2b622e767be94 100644 (file)
--- a/docs/frontends/FTP-and-SFTP.rst
+++ b/docs/frontends/FTP-and-SFTP.rst
@@ -73,6 +73,19 @@ these strings.
  Now add an 'accounts.file' directive to your tahoe.cfg file, as described in
  the next sections.
  
+accounts.url Directive
+======================
+
+The accounts.url directive should point to a secure, preferably
+localhost-only service.  This makes it harder for attackers to brute force
+the password or use DNS poisoning to cause the Tahoe-LAFS gateway to talk
+with the wrong server, thereby revealing the username and passwords.
+
+Tahoe-LAFS will send the credentials, email address and password to the
+URI specified in the accounts.url directive.  If the credentials are correct,
+the server will return a rootcap string.  Otherwise, it returns the string
+"0" which means bad username and/or password.
+
  Configuring FTP Access
  ======================
author	Daira Hopwood <daira@jacaranda.org>
	Thu, 5 Sep 2013 16:39:08 +0000 (17:39 +0100)
committer	Daira Hopwood <daira@jacaranda.org>
	Thu, 5 Sep 2013 16:39:08 +0000 (17:39 +0100)