From e05c6c2c7d25db66379d8fe3cf1e030a4b657875 Mon Sep 17 00:00:00 2001 From: david-sarah Date: Fri, 18 Jun 2010 17:17:38 -0700 Subject: [PATCH] FTP-and-SFTP.txt: remove description of public key format that is not actually implemented. Document that SFTP does not support server private keys with passphrases, and that FTP cannot list directories containing mutable files. --- docs/frontends/FTP-and-SFTP.txt | 30 +++++++++++++----------------- 1 file changed, 13 insertions(+), 17 deletions(-) diff --git a/docs/frontends/FTP-and-SFTP.txt b/docs/frontends/FTP-and-SFTP.txt index df6c4c0d..b00d399c 100644 --- a/docs/frontends/FTP-and-SFTP.txt +++ b/docs/frontends/FTP-and-SFTP.txt @@ -39,12 +39,9 @@ Since Tahoe does not use user accounts or passwords, the FTP/SFTP servers must be configured with a way to first authenticate a user (confirm that a prospective client has a legitimate claim to whatever authorities we might grant a particular user), and second to decide what root directory cap should -be granted to the authenticated username. FTP uses a username and password -for this purpose. SFTP can either use a username and password, or a username -and an RSA or DSA public key (SSH servers are frequently configured to -require public key logins and reject passwords, to remove the threat of -password-guessing attacks, at the expense of requiring users to carry their -private keys around with them). +be granted to the authenticated username. A username and password is used +for this purpose. (The SFTP protocol is also capable of using client +RSA or DSA public keys, but this is not currently implemented.) Tahoe provides two mechanisms to perform this user-to-rootcap mapping. The first is a simple flat file with one account per line. The second is an @@ -57,23 +54,19 @@ rootcaps. To use the first form, create a file (probably in BASEDIR/private/ftp.accounts) in which each non-comment/non-blank line is a -space-separated line of (USERNAME, PASSWORD/PUBKEY, ROOTCAP), like so: +space-separated line of (USERNAME, PASSWORD, ROOTCAP), like so: % cat BASEDIR/private/ftp.accounts # This is a password line, (username, password, rootcap) alice password URI:DIR2:ioej8xmzrwilg772gzj4fhdg7a:wtiizszzz2rgmczv4wl6bqvbv33ag4kvbr6prz3u6w3geixa6m6a bob sekrit URI:DIR2:6bdmeitystckbl9yqlw7g56f4e:serp5ioqxnh34mlbmzwvkp3odehsyrr7eytt5f64we3k9hhcrcja - # and this is a public key line (username, pubkey, rootcap) - carol ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAv2xHRVBoXnwxHLzthRD1wOWtyZ08b8n9cMZfJ58CBdBwAYP2NVNXc0XjRvswm5hnnAO+jyWPVNpXJjm9XllzYhODSNtSN+TXuJlUjhzA/T+ZwdgsgSAeHuuMQBoWt4Qc9HV6rHCdAeMhcnyqm6Q0sRAsfA/wfwiIgbvE7+cWpFa2anB6WeAnvK8+dMN0nvnkPE7GNyf/WFR1Ffuh9ifKdRB6yDNp17bQAqA3OWSFjch6fGPhp94y4g2jmTHlEUTyVsilgGqvGOutOVYnmOMnFijugU1Vu33G39GGzXWla6+fXwTk/oiVPiCYD7A7WFKes3nqMg8iVN6a6sxujrhnHQ== warner@fluxx URI:DIR2:6bdmeitystckbl9yqlw7g56f4e:serp5ioqxnh34mlbmzwvkp3odehsyrr7eytt5f64we3k9hhcrcja +Future versions of Tahoe may support using client public keys for SFTP. +The words "ssh-rsa" and "ssh-dsa" after the username are reserved to specify +the public key format, so users cannot have a password equal to either of +these strings. -[TODO: the PUBKEY form is not yet supported] - -Note that if the second word of the line is "ssh-rsa" or "ssh-dss", the rest -of the line is parsed differently, so users cannot have a password equal to -either of these strings. - -Then add an 'accounts.file' directive to your tahoe.cfg file, as described +Now add an 'accounts.file' directive to your tahoe.cfg file, as described in the next sections. @@ -118,6 +111,8 @@ standard openssh client distribution): % cd BASEDIR % ssh-keygen -f private/ssh_host_rsa_key +The server private key file must not have a passphrase. + Then, to enable the SFTP server with an accounts file, add the following lines to the BASEDIR/tahoe.cfg file: @@ -198,4 +193,5 @@ read-only. If SFTP is used to write to an existing mutable file, it will publish a new version when the file handle is closed. -Mutable files are not supported by the FTP frontend. +Mutable files are not supported by the FTP frontend (ticket #680). Currently, +a directory containing mutable files cannot even be listed over FTP. -- 2.45.2