FTP-and-SFTP.txt: remove description of public key format that is not actually implemented. Document that SFTP does not support server private keys with passphrases, and that FTP cannot list directories containing mutable files.

This commit is contained in:
david-sarah 2010-06-18 17:17:38 -07:00
parent a92a23fe34
commit e05c6c2c7d

View File

@ -39,12 +39,9 @@ Since Tahoe does not use user accounts or passwords, the FTP/SFTP servers
must be configured with a way to first authenticate a user (confirm that a
prospective client has a legitimate claim to whatever authorities we might
grant a particular user), and second to decide what root directory cap should
be granted to the authenticated username. FTP uses a username and password
for this purpose. SFTP can either use a username and password, or a username
and an RSA or DSA public key (SSH servers are frequently configured to
require public key logins and reject passwords, to remove the threat of
password-guessing attacks, at the expense of requiring users to carry their
private keys around with them).
be granted to the authenticated username. A username and password is used
for this purpose. (The SFTP protocol is also capable of using client
RSA or DSA public keys, but this is not currently implemented.)
Tahoe provides two mechanisms to perform this user-to-rootcap mapping. The
first is a simple flat file with one account per line. The second is an
@ -57,23 +54,19 @@ rootcaps.
To use the first form, create a file (probably in
BASEDIR/private/ftp.accounts) in which each non-comment/non-blank line is a
space-separated line of (USERNAME, PASSWORD/PUBKEY, ROOTCAP), like so:
space-separated line of (USERNAME, PASSWORD, ROOTCAP), like so:
% cat BASEDIR/private/ftp.accounts
# This is a password line, (username, password, rootcap)
alice password URI:DIR2:ioej8xmzrwilg772gzj4fhdg7a:wtiizszzz2rgmczv4wl6bqvbv33ag4kvbr6prz3u6w3geixa6m6a
bob sekrit URI:DIR2:6bdmeitystckbl9yqlw7g56f4e:serp5ioqxnh34mlbmzwvkp3odehsyrr7eytt5f64we3k9hhcrcja
# and this is a public key line (username, pubkey, rootcap)
carol ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAv2xHRVBoXnwxHLzthRD1wOWtyZ08b8n9cMZfJ58CBdBwAYP2NVNXc0XjRvswm5hnnAO+jyWPVNpXJjm9XllzYhODSNtSN+TXuJlUjhzA/T+ZwdgsgSAeHuuMQBoWt4Qc9HV6rHCdAeMhcnyqm6Q0sRAsfA/wfwiIgbvE7+cWpFa2anB6WeAnvK8+dMN0nvnkPE7GNyf/WFR1Ffuh9ifKdRB6yDNp17bQAqA3OWSFjch6fGPhp94y4g2jmTHlEUTyVsilgGqvGOutOVYnmOMnFijugU1Vu33G39GGzXWla6+fXwTk/oiVPiCYD7A7WFKes3nqMg8iVN6a6sxujrhnHQ== warner@fluxx URI:DIR2:6bdmeitystckbl9yqlw7g56f4e:serp5ioqxnh34mlbmzwvkp3odehsyrr7eytt5f64we3k9hhcrcja
Future versions of Tahoe may support using client public keys for SFTP.
The words "ssh-rsa" and "ssh-dsa" after the username are reserved to specify
the public key format, so users cannot have a password equal to either of
these strings.
[TODO: the PUBKEY form is not yet supported]
Note that if the second word of the line is "ssh-rsa" or "ssh-dss", the rest
of the line is parsed differently, so users cannot have a password equal to
either of these strings.
Then add an 'accounts.file' directive to your tahoe.cfg file, as described
Now add an 'accounts.file' directive to your tahoe.cfg file, as described
in the next sections.
@ -118,6 +111,8 @@ standard openssh client distribution):
% cd BASEDIR
% ssh-keygen -f private/ssh_host_rsa_key
The server private key file must not have a passphrase.
Then, to enable the SFTP server with an accounts file, add the following
lines to the BASEDIR/tahoe.cfg file:
@ -198,4 +193,5 @@ read-only.
If SFTP is used to write to an existing mutable file, it will publish a
new version when the file handle is closed.
Mutable files are not supported by the FTP frontend.
Mutable files are not supported by the FTP frontend (ticket #680). Currently,
a directory containing mutable files cannot even be listed over FTP.