Update docs for SFTP public key auth. refs #1411

Signed-off-by: Daira Hopwood <daira@jacaranda.org>

diff --git a/docs/frontends/FTP-and-SFTP.rst b/docs/frontends/FTP-and-SFTP.rst
index 4d174d59ade7e578c4118e9d52d11e90bb2d164f..f8c9e3505a1fbe03ba2536807c0329d69587dbc8 100644 (file)
--- a/docs/frontends/FTP-and-SFTP.rst
+++ b/docs/frontends/FTP-and-SFTP.rst
@@ -51,13 +51,12 @@ servers must be configured with a way to first authenticate a user (confirm
 that a prospective client has a legitimate claim to whatever authorities we
 might grant a particular user), and second to decide what directory cap
 should be used as the root directory for a log-in by the authenticated user.
-A username and password is used for this purpose. (The SFTP protocol is also
-capable of using client RSA or DSA public keys, but this is not currently
-implemented in Tahoe-LAFS.)
+A username and password can be used; as of Tahoe-LAFS v1.11, RSA or DSA
+public key authentication is also supported.
 
-Tahoe-LAFS provides two mechanisms to perform this user-to-cap mapping. The
-first is a simple flat file with one account per line. The second is an
-HTTP-based login mechanism, backed by simple PHP script and a database.
+Tahoe-LAFS provides two mechanisms to perform this user-to-cap mapping.
+The first (recommended) is a simple flat file with one account per line.
+The second is an HTTP-based login mechanism.
 
 Creating an Account File
 ========================
@@ -67,14 +66,17 @@ in which each non-comment/non-blank line is a space-separated line of
 (USERNAME, PASSWORD, ROOTCAP), like so::
 
  % cat BASEDIR/private/accounts
- # This is a password line, (username, password, cap)
+ # This is a password line: username password cap
  alice password URI:DIR2:ioej8xmzrwilg772gzj4fhdg7a:wtiizszzz2rgmczv4wl6bqvbv33ag4kvbr6prz3u6w3geixa6m6a
  bob sekrit URI:DIR2:6bdmeitystckbl9yqlw7g56f4e:serp5ioqxnh34mlbmzwvkp3odehsyrr7eytt5f64we3k9hhcrcja
 
-Future versions of Tahoe-LAFS may support using client public keys for SFTP.
-The words "ssh-rsa" and "ssh-dsa" after the username are reserved to specify
-the public key format, so users cannot have a password equal to either of
-these strings.
+ # This is a public key line: username keytype pubkey cap
+ # (Tahoe-LAFS v1.11 or later)
+ carol ssh-rsa AAAA... URI:DIR2:ovjy4yhylqlfoqg2vcze36dhde:4d4f47qko2xm5g7osgo2yyidi5m4muyo2vjjy53q4vjju2u55mfa
+
+For public key authentication, the keytype may be either "ssh-rsa" or "ssh-dsa".
+To avoid ambiguity between passwords and public key types, a password cannot
+start with "ssh-".
 
 Now add an ``accounts.file`` directive to your ``tahoe.cfg`` file, as described in
 the next sections.
@@ -90,8 +92,7 @@ password to a Tahoe-LAFS directory cap. The service will receive a
 multipart/form-data POST, just like one created with a <form> and <input>
 fields, with three parameters:
 
-• action: "authenticate" (this is a static string, for backwards
-  compatibility with the old AllMyData authentication service)
+• action: "authenticate" (this is a static string)
 • email: USERNAME (Tahoe-LAFS has no notion of email addresses, but the
   authentication service uses them as account names, so the interface
   presents this argument as "email" rather than "username").
@@ -105,6 +106,8 @@ makes it harder for attackers to brute force the password or use DNS
 poisoning to cause the Tahoe-LAFS gateway to talk with the wrong server,
 thereby revealing the usernames and passwords.
 
+Public key authentication is not supported when an account server is used.
+
 Configuring SFTP Access
 =======================
 
@@ -201,6 +204,8 @@ if you connect to the FTP server remotely. The examples above include
 ":interface=127.0.0.1" in the "port" option, which causes the server to only
 accept connections from localhost.
 
+Public key authentication is not supported for FTP.
+
 Dependencies
 ============