Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Amazon S3 mac #3084

Closed
cyberduck opened this issue Mar 25, 2009 · 4 comments
Closed

Amazon S3 mac #3084

cyberduck opened this issue Mar 25, 2009 · 4 comments
Assignees
Labels
bug s3 AWS S3 Protocol Implementation worksforme

Comments

@cyberduck
Copy link
Collaborator

b8dbe6d created the issue

I can not connect to my S3 account?? What do I have to do to connect I have tried both user name and pass word as well as my key in the Cyber duck open connection. Thank you

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Plesae refer to this wiki page.

@cyberduck
Copy link
Collaborator Author

javamate commented

It might be useful to indicate on the Wiki page that your Amazon Access Key goes in the username field and your secret key goes in the password field. When I did this, it worked, but it was not clear at first. I did notice that in the username field it indicated to enter your AWS access key, which was the tipoff, but even still I was reluctant to put my secret access key as the password, since AWS indicates specifically that your secret key should never be sent with requests to AWS.

This brings up a question: what does Cyberduck do with the secret key?

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Replying to [comment:2 javamate]:

It might be useful to indicate on the Wiki page that your Amazon Access Key goes in the username field and your secret key goes in the password field. When I did this, it worked, but it was not clear at first.

I have added this information to the wiki. Feel free to clarify it further from your experience. Sometimes as a developer it is difficult to know what is clear and what is not.

I did notice that in the username field it indicated to enter your AWS access key, which was the tipoff, but even still I was reluctant to put my secret access key as the password, since AWS indicates specifically that your secret key should never be sent with requests to AWS.

From the S3 documentation:
To prove that you are the owner of the account making the request, you must include a signature. For all requests, you calculate the signature with your Secret Access Key. AWS uses the Access Key ID in the request to look up your Secret Access Key and then calculates a signature with the key. If the calculated signature matches the signature you sent, the request is considered authentic. Otherwise, the request fails authentication and is not processed.

This brings up a question: what does Cyberduck do with the secret key?

So, we need the Secret Access Kez to calculate the signature.

@cyberduck
Copy link
Collaborator Author

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug s3 AWS S3 Protocol Implementation worksforme
Projects
None yet
Development

No branches or pull requests

2 participants