From: Patrick R McDonald <marlowe@antagonism.org>
Date: Thu, 19 Jan 2012 18:15:21 +0000 (-0500)
Subject: Added information on accounts.url directive
X-Git-Url: https://git.rkrishnan.org/CLI.txt?a=commitdiff_plain;h=ee9d28f20ba44125f2e589ebbbf82eb07742cee5;p=tahoe-lafs%2Ftahoe-lafs.git

Added information on accounts.url directive
---

diff --git a/docs/frontends/FTP-and-SFTP.rst b/docs/frontends/FTP-and-SFTP.rst
index d0adefa0..ed52e745 100644
--- a/docs/frontends/FTP-and-SFTP.rst
+++ b/docs/frontends/FTP-and-SFTP.rst
@@ -73,6 +73,19 @@ these strings.
 Now add an 'accounts.file' directive to your tahoe.cfg file, as described in
 the next sections.
 
+accounts.url Directive
+======================
+
+The accounts.url directive should point to a secure, preferably
+localhost-only service.  This makes it harder for attackers to brute force
+the password or use DNS poisoning to cause the Tahoe-LAFS gateway to talk
+with the wrong server, thereby revealing the username and passwords.
+
+Tahoe-LAFS will send the credentials, email address and password to the
+URI specified in the accounts.url directive.  If the credentials are correct,
+the server will return a rootcap string.  Otherwise, it returns the string
+"0" which means bad username and/or password.
+
 Configuring FTP Access
 ======================