From: Patrick R McDonald Date: Thu, 19 Jan 2012 18:15:21 +0000 (-0500) Subject: Added information on accounts.url directive X-Git-Url: https://git.rkrishnan.org/specifications/%5B/%5D%20/flags/provisioning?a=commitdiff_plain;h=ee9d28f20ba44125f2e589ebbbf82eb07742cee5;p=tahoe-lafs%2Ftahoe-lafs.git Added information on accounts.url directive --- diff --git a/docs/frontends/FTP-and-SFTP.rst b/docs/frontends/FTP-and-SFTP.rst index d0adefa0..ed52e745 100644 --- a/docs/frontends/FTP-and-SFTP.rst +++ b/docs/frontends/FTP-and-SFTP.rst @@ -73,6 +73,19 @@ these strings. Now add an 'accounts.file' directive to your tahoe.cfg file, as described in the next sections. +accounts.url Directive +====================== + +The accounts.url directive should point to a secure, preferably +localhost-only service. This makes it harder for attackers to brute force +the password or use DNS poisoning to cause the Tahoe-LAFS gateway to talk +with the wrong server, thereby revealing the username and passwords. + +Tahoe-LAFS will send the credentials, email address and password to the +URI specified in the accounts.url directive. If the credentials are correct, +the server will return a rootcap string. Otherwise, it returns the string +"0" which means bad username and/or password. + Configuring FTP Access ======================