Cyberduck Mountain Duck CLI

#11059 closed defect (worksforme)

My credentials are not being read

Reported by: maeglin Owned by:
Priority: normal Milestone:
Component: cli Version: 7.3.1
Severity: normal Keywords: credentials unreadable
Cc: Architecture: Intel
Platform: Linux

Description (last modified by maeglin)

I've made a question on SuperUser just in case I get a resolution there: https://superuser.com/questions/1556379/cyberduck-no-login-credentials-could-be-found-in-the-keychain-despite-being-th

Please see it for details on this issue.

To summarise: I run duck --list <s3 address here> and it prompts for the key and pass which are supplied, I confirm <y> to save my details and those details are stored in ~/.duck/credentials successfully with perms 664 with .duck perms 775 both owned by my user and the credentials appear to have been written successfully into the credentials file. But when I run a similar operation (in this case exactly the same request to list the dir), it prompts me again having told me it can't find the credentials.

Listing directory path…
Login s3.amazonaws.com. Login s3.amazonaws.com – S3 with username and password. No login credentials could be found in the Keychain.
Access Key ID:

Change History (14)

comment:1 Changed on May 26, 2020 at 11:48:18 AM by maeglin

  • Description modified (diff)

comment:2 Changed on May 26, 2020 at 11:48:35 AM by maeglin

  • Description modified (diff)

comment:3 Changed on May 26, 2020 at 11:48:59 AM by maeglin

  • Description modified (diff)

comment:4 Changed on May 26, 2020 at 11:49:19 AM by maeglin

  • Description modified (diff)

comment:5 Changed on May 26, 2020 at 11:49:40 AM by maeglin

  • Description modified (diff)

comment:6 Changed on May 26, 2020 at 11:51:50 AM by maeglin

  • Description modified (diff)

comment:7 Changed on May 30, 2020 at 1:40:53 PM by TobyEggitt

I find the exact same thing. Also Ubuntu Linux (18.04), duck 7.4.0. Credentials file contains an https string that has my credentials embedded in it, but I'm prompted every time.

Also, @maeglin, I don't see your "askubuntu" page, is the URL correct?

comment:8 follow-up: Changed on May 30, 2020 at 1:43:45 PM by TobyEggitt

However, I am able to specify credentials on the command line using the -u and -p options.

(side note, I tried using -i <my access key> and also using -i <path to file containing my key> and both forms result in: "Login s3.amazonaws.com. Login failed. The AWS Access Key Id you provided does not exist in our records." I presume I misunderstand what -i is intended for?)

Last edited on May 30, 2020 at 1:45:49 PM by TobyEggitt (previous) (diff)

comment:10 Changed on Jun 1, 2020 at 8:30:54 AM by maeglin

  • Description modified (diff)

comment:11 in reply to: ↑ 8 Changed on Jun 1, 2020 at 8:35:19 AM by maeglin

The -i flag is intended for an SSH key, the kind you generate with the command ssh-keygen that gets saved to ~/.ssh/. We could make our lives easier by using the -u username/access key and -p password flags in the mean time.

Last edited on Jun 1, 2020 at 8:36:51 AM by maeglin (previous) (diff)

comment:12 follow-up: Changed on Jun 4, 2020 at 3:46:49 PM by dkocher

  • Component changed from s3 to cli

Please try to include the -u argument in the command. Without the username argument there is no lookup in the credentials store.

comment:13 in reply to: ↑ 12 Changed on Jun 4, 2020 at 3:53:53 PM by maeglin

Replying to dkocher:

Please try to include the -u argument in the command. Without the username argument there is no lookup in the credentials store.

But this makes no sense, you still have to put the access key in every request?

comment:14 Changed on Jun 5, 2020 at 1:44:22 PM by dkocher

  • Resolution set to worksforme
  • Status changed from new to closed

Our implementations for saving the password in macOS Keychain, Windows Credentials Store and this plain file implementation require the lookup by username/access key.

Note: See TracTickets for help on using tickets.
swiss made software