Cyberduck Mountain Duck CLI

#3084 closed defect (worksforme)

Amazon S3 mac

Reported by: billsingl@… Owned by: dkocher
Priority: normal Milestone:
Component: s3 Version: 3.1.1
Severity: normal Keywords:
Cc: Architecture:
Platform:

Description

I can not connect to my S3 account?? What do I have to do to connect I have tried both user name and pass word as well as my key in the Cyber duck open connection. Thank you

Change History (4)

comment:1 Changed on Mar 25, 2009 at 9:47:24 AM by dkocher

  • Component changed from core to s3
  • Resolution set to worksforme
  • Status changed from new to closed

Plesae refer to this wiki page.

comment:2 follow-up: Changed on Apr 2, 2009 at 12:01:51 AM by javamate

It might be useful to indicate on the Wiki page that your Amazon Access Key goes in the username field and your secret key goes in the password field. When I did this, it worked, but it was not clear at first. I did notice that in the username field it indicated to enter your AWS access key, which was the tipoff, but even still I was reluctant to put my secret access key as the password, since AWS indicates specifically that your secret key should never be sent with requests to AWS.

This brings up a question: what does Cyberduck do with the secret key?

comment:3 in reply to: ↑ 2 Changed on Apr 2, 2009 at 7:23:54 AM by dkocher

Replying to javamate:

It might be useful to indicate on the Wiki page that your Amazon Access Key goes in the username field and your secret key goes in the password field. When I did this, it worked, but it was not clear at first.

I have added this information to the wiki. Feel free to clarify it further from your experience. Sometimes as a developer it is difficult to know what is clear and what is not.

I did notice that in the username field it indicated to enter your AWS access key, which was the tipoff, but even still I was reluctant to put my secret access key as the password, since AWS indicates specifically that your secret key should never be sent with requests to AWS.

From the S3 documentation: To prove that you are the owner of the account making the request, you must include a signature. For all requests, you calculate the signature with your Secret Access Key. AWS uses the Access Key ID in the request to look up your Secret Access Key and then calculates a signature with the key. If the calculated signature matches the signature you sent, the request is considered authentic. Otherwise, the request fails authentication and is not processed.

This brings up a question: what does Cyberduck do with the secret key?

So, we need the Secret Access Kez to calculate the signature.

Note: See TracTickets for help on using tickets.
swiss made software