Context Navigation

← Previous Ticket
Next Ticket →

Opened at 2011-02-04T03:30:47Z

Last modified at 2021-03-30T18:40:19Z

#1356 assigned enhancement

SFTP and FTP: allow logging in with an arbitrary cap URI as root directory

Reported by:	davidsarah	Owned by:	davidsarah
Priority:	major	Milestone:	soon
Component:	code-frontend-ftp-sftp	Version:	1.8.2
Keywords:	sftp sshfs usability test-needed	Cc:
Launchpad Bug:

Description (last modified by daira)

The SFTP and FTP frontends should allow logging in with username uri, and password an arbitrary cap URI.

Implementing this for SFTP can then be used to support a tahoe mount command (#1357), as suggested in ticket:1353#comment:3. For both SFTP and FTP, it is potentially useful to be able to log in with a root URI without having set up an account for it in the ftp.accounts file. (SFTP and FTP use the same code in src/allmydata/frontends/auth.py to handle logins, so it is simpler for them to behave the same.)

Note that you can already access an arbitrary cap URI via the /uri/ directory, but that does not have nearly as nice usability properties, because you can't access aliases that way. (Allowing access to aliases would provide ambient authority and so is not capability-secure.)

Attachments (1)

uri-login.darcs.2.patch (31.1 KB) - added by davidsarah at 2011-02-04T22:49:39Z.: SFTP and FTP: allow logging in with an arbitrary cap URI as root directory. refs #1356

Download all attachments as: .zip

Change History (17)

comment:1 Changed at 2011-02-04T04:03:22Z by davidsarah

Description modified (diff)
Owner set to davidsarah
Status changed from new to assigned
Summary changed from SFTP: allow logging in with an arbitrary cap URI as root to SFTP: allow logging in with an arbitrary cap URI as root directory

comment:2 Changed at 2011-02-04T22:34:22Z by davidsarah

Description modified (diff)
Keywords test-needed design-review-needed added
Summary changed from SFTP: allow logging in with an arbitrary cap URI as root directory to SFTP and FTP: allow logging in with an arbitrary cap URI as root directory

Changed at 2011-02-04T22:49:39Z by davidsarah

Attachment uri-login.darcs.2.patch added

SFTP and FTP: allow logging in with an arbitrary cap URI as root directory. refs #1356

comment:3 follow-up: ↓ 4 Changed at 2011-02-04T23:43:54Z by davidsarah

I have manually tested that this patch works for SFTP with FileZilla, and the OpenSSH command-line sftp client. I have not yet checked that it works with sshfs. I have not checked FTP (which I can't get to work at all because of #1360).

Note that if you give an incorrect root URI as the password, the login will succeed but subsequent operations will fail. This is the same behaviour as when an incorrect root URI is given for the account in the ftp.accounts file. Perhaps the login should fail in both cases.

comment:4 in reply to: ↑ 3 Changed at 2011-06-05T02:20:46Z by Zarutian

Keywords design-reviewed added; design-review-needed removed

Replying to davidsarah:

-snip-

Note that if you give an incorrect root URI as the password, the login will succeed but subsequent operations will fail. This is the same behaviour as when an incorrect root URI is given for the account in the ftp.accounts file. Perhaps the login should fail in both cases.

It is a good behaviour to fail the soonest when some problem occurs. If login failed then it should be reported there and then and not at the next operation. So, I say Aye to the last sentance in the quoted comment.

comment:5 Changed at 2011-06-23T21:20:52Z by zooko

Keywords design-reviewed removed

Removing the tag design-reviewed because it matches this search for reviewed: http://tahoe-lafs.org/trac/tahoe-lafs/query?status=!closed&keywords=~reviewed&order=priority , which query I use to find patches that I should apply to trunk.