[Cyberduck-trac] [Cyberduck] #3084: Amazon S3 mac
Cyberduck
trac at trac.cyberduck.ch
Thu Apr 2 09:23:55 CEST 2009
#3084: Amazon S3 mac
---------------------------------+------------------------------------------
Reporter: billsingl@… | Owner: dkocher
Type: defect | Status: closed
Priority: normal | Milestone:
Component: s3 | Version: 3.1.1
Severity: normal | Resolution: worksforme
Keywords: |
---------------------------------+------------------------------------------
Comment(by dkocher):
Replying to [comment:2 javamate]:
> It might be useful to indicate on the Wiki page that your Amazon Access
Key goes in the username field and your secret key goes in the password
field. When I did this, it worked, but it was not clear at first.
I have added this information to the wiki. Feel free to clarify it further
from your experience. Sometimes as a developer it is difficult to know
what is clear and what is not.
> I did notice that in the username field it indicated to enter your AWS
access key, which was the tipoff, but even still I was reluctant to put my
secret access key as the password, since AWS indicates specifically that
your secret key should never be sent with requests to AWS.
From the S3 documentation:
''To prove that you are the owner of the account making the request, you
must include a signature. For all requests, you calculate the signature
with your Secret Access Key. AWS uses the Access Key ID in the request to
look up your Secret Access Key and then calculates a signature with the
key. If the calculated signature matches the signature you sent, the
request is considered authentic. Otherwise, the request fails
authentication and is not processed.''
>
> This brings up a question: what does Cyberduck do with the secret key?
So, we need the Secret Access Kez to calculate the signature.
--
Ticket URL: <http://trac.cyberduck.ch/ticket/3084#comment:3>
Cyberduck <http://cyberduck.ch>
FTP, SFTP, WebDAV, Cloud Files and Amazon S3 Browser for Mac OS X.
More information about the Cyberduck-trac
mailing list