mirror of
https://github.com/tahoe-lafs/tahoe-lafs.git
synced 2024-12-24 15:16:41 +00:00
5 lines
379 B
Plaintext
5 lines
379 B
Plaintext
The SFTP server no longer accepts password-based credentials for authentication.
|
|
Public/private key-based credentials are now the only supported authentication type.
|
|
This removes plaintext password storage from the SFTP credentials file.
|
|
It also removes a possible timing side-channel vulnerability which might have allowed attackers to discover an account's plaintext password.
|