From 092eef58943e592a79c4a01f215b1da0e2435c3a Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 4 Feb 2015 15:00:33 -0400 Subject: [PATCH] comment and close; bug reporter is using old version and is also mistaken about how S3 security works --- ...ps_for_Google_cloud_storage_remote__63__.mdwn | 2 ++ ...t_2_c01a47b9df3167c9af8e5e43ec138401._comment | 16 ++++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__/comment_2_c01a47b9df3167c9af8e5e43ec138401._comment diff --git a/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__.mdwn b/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__.mdwn index 5b0eff50fe..7a96ff6c7e 100644 --- a/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__.mdwn +++ b/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__.mdwn @@ -27,3 +27,5 @@ I tried to persuade `git annex` to use a SSL connection but without encouraging Debian wheezy, git-annex version: 5.20141024~bpo70+1 ### Please provide any additional information below. + +> [[done]]; port=443 supported since 5.20141203. --[[Joey]] diff --git a/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__/comment_2_c01a47b9df3167c9af8e5e43ec138401._comment b/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__/comment_2_c01a47b9df3167c9af8e5e43ec138401._comment new file mode 100644 index 0000000000..9006486df3 --- /dev/null +++ b/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__/comment_2_c01a47b9df3167c9af8e5e43ec138401._comment @@ -0,0 +1,16 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 2""" + date="2015-02-04T18:55:50Z" + content=""" +You need to upgrade to git-annex 5.20141203. With that version, +you can pass port=443 to git-annex initremote and it will then use +https. + +The old version you're using does not support this. + +Also, AFAIK, S3 does not send passwords over the wire; it uses a +challange-response, which proves to the S3 server that you possess the +access keys. This would not be susceptable to attackers in the way you +think it is. +"""]]