DOCSLIB.ORG

Tahoe-Lafs-1.13.0.Tar.Bz2 Collecting

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Tahoe-Lafs-1.13.0.Tar.Bz2 Collecting Tahoe-LAFS Documentation Release 1.x The Tahoe-LAFS Developers Mar 03, 2021 Contents 1 Welcome to Tahoe-LAFS! 3 1.1 What is Tahoe-LAFS?..........................................3 1.2 What is “provider-independent security”?................................3 1.3 Access Control..............................................4 1.4 Get Started................................................4 1.5 License..................................................5 2 Installing Tahoe-LAFS 7 2.1 First: In Case Of Trouble.........................................7 2.2 Pre-Packaged Versions..........................................7 2.3 Preliminaries...............................................7 2.4 Install the Latest Tahoe-LAFS Release.................................9 2.5 Running the tahoe executable..................................... 10 2.6 Running the Self-Tests.......................................... 10 2.7 Common Problems............................................ 11 2.8 Using Tahoe-LAFS............................................ 11 3 How To Run Tahoe-LAFS 13 3.1 Introduction............................................... 13 3.2 Do Stuff With It............................................. 15 3.3 Socialize................................................. 16 3.4 Complain................................................. 16 4 Magic Wormhole Invites 17 4.1 Magic Wormhole............................................. 17 4.2 Invites and Joins............................................. 17 4.3 Tahoe-LAFS Secret Exchange...................................... 18 5 Configuring a Tahoe-LAFS node 19 5.1 Node Types................................................ 20 5.2 Overall Node Configuration....................................... 20 5.3 Connection Management......................................... 24 5.4 Client Configuration........................................... 27 5.5 Frontend Configuration......................................... 28 5.6 Storage Server Configuration...................................... 29 5.7 Running A Helper............................................ 30 5.8 Running An Introducer.......................................... 30 i 5.9 Other Files in BASEDIR......................................... 30 5.10 Additional Introducer Definitions.................................... 32 5.11 Static Server Definitions......................................... 32 5.12 Other files................................................ 34 5.13 Example................................................. 34 5.14 Old Configuration Files......................................... 35 6 Tahoe-LAFS Architecture 37 6.1 Overview................................................. 37 6.2 The Key-Value Store........................................... 38 6.3 File Encoding............................................... 38 6.4 Capabilities................................................ 39 6.5 Server Selection............................................. 39 6.6 Swarming Download, Trickling Upload................................. 41 6.7 The File Store Layer........................................... 41 6.8 Leases, Refreshing, Garbage Collection................................. 41 6.9 File Repairer............................................... 42 6.10 Security.................................................. 43 6.11 Reliability................................................ 43 7 The Tahoe-LAFS CLI commands 45 7.1 Overview................................................. 45 7.2 CLI Command Overview........................................ 45 7.3 Node Management............................................ 46 7.4 File Store Manipulation......................................... 47 7.5 Storage Grid Maintenance........................................ 53 7.6 Debugging................................................ 54 8 The Tahoe REST-ful Web API 55 8.1 Enabling the web-API port........................................ 56 8.2 Basic Concepts: GET, PUT, DELETE, POST.............................. 56 8.3 URLs................................................... 57 8.4 Slow Operations, Progress, and Cancelling............................... 59 8.5 Programmatic Operations........................................ 60 8.6 Browser Operations: Human-oriented interfaces............................ 69 8.7 Other Useful Pages............................................ 81 8.8 Static Files in /public_html........................................ 84 8.9 Safety and Security Issues – Names vs. URIs.............................. 84 8.10 Concurrency Issues............................................ 85 8.11 Access Blacklist............................................. 85 8.12 URLs and HTTP and UTF-8....................................... 86 9 Tahoe-LAFS SFTP and FTP Frontends 89 9.1 SFTP/FTP Background......................................... 89 9.2 Tahoe-LAFS Support........................................... 90 9.3 Creating an Account File......................................... 90 9.4 Running An Account Server (accounts.url)............................... 90 9.5 Configuring SFTP Access........................................ 91 9.6 Configuring FTP Access......................................... 92 9.7 Dependencies............................................... 92 9.8 Immutable and Mutable Files...................................... 92 9.9 Known Issues............................................... 93 10 Tahoe-LAFS Magic Folder Frontend 95 10.1 Introduction............................................... 95 ii 10.2 Configuration............................................... 95 10.3 Known Issues and Limitations With Magic-Folder........................... 96 11 Download status 99 11.1 Introduction............................................... 99 11.2 What’s involved in a download?..................................... 99 11.3 Data on the download-status page.................................... 100 12 Known Issues 103 12.1 Known Issues in Tahoe-LAFS v1.10.3, released 30-Mar-2016..................... 103 12.2 Known Issues in Tahoe-LAFS v1.9.0, released 31-Oct-2011...................... 107 12.3 Known Issues in Tahoe-LAFS v1.8.2, released 30-Jan-2011...................... 107 13 How To Configure A Server 109 13.1 Manual Configuration.......................................... 109 13.2 Automatic Configuration......................................... 110 13.3 Deployment Scenarios.......................................... 110 14 The Tahoe Upload Helper 113 14.1 Overview................................................. 113 14.2 Setting Up A Helper........................................... 114 14.3 Using a Helper.............................................. 114 14.4 Other Helper Modes........................................... 115 15 The Convergence Secret 117 15.1 What Is It?................................................ 117 15.2 What If I Change My Convergence Secret?............................... 118 15.3 How To Use It.............................................. 118 16 Garbage Collection in Tahoe 119 16.1 Overview................................................. 119 16.2 Client-side Renewal........................................... 120 16.3 Server Side Expiration.......................................... 120 16.4 Expiration Progress........................................... 122 16.5 Future Directions............................................. 122 17 Statement on Backdoors 125 18 Donations 127 18.1 Governance................................................ 127 18.2 Transparent Accounting......................................... 127 18.3 Expenditure Addresses.......................................... 128 18.4 Historical Donation Addresses...................................... 128 18.5 Validation................................................. 128 19 Storage Server Donations 129 19.1 Sending Donations............................................ 129 19.2 Receiving Donations........................................... 130 19.3 Further Reading............................................. 130 20 Expenses paid by donated BTC 131 20.1 Budget Items............................................... 131 21 Things To Be Careful About As We Venture Boldly Forth 135 21.1 Timing Attacks.............................................. 135 iii 22 Avoiding Write Collisions in Tahoe 137 23 Magic Folder Set-up Howto 139 23.1 This document.............................................. 139 23.2 Setting up a local test grid........................................ 139 23.3 Setting up Magic Folder......................................... 141 23.4 Testing.................................................. 141 23.5 Configuration............................................... 142 24 The Tahoe BackupDB 143 24.1 Overview................................................. 143 24.2 Schema.................................................. 144 24.3 Upload Operation............................................ 144 24.4 Directory Operations........................................... 145 25 Using Tahoe-LAFS with an anonymizing network: Tor, I2P 147 25.1 Overview................................................. 147 25.2 Use cases................................................. 147 25.3 Software Dependencies......................................... 148 25.4 Connection configuration........................................ 149 25.5 Anonymity configuration......................................... 149 25.6 Performance and security issues..................................... 151 26 Node Keys in Tahoe-LAFS 155 26.1 Why Announcements Are Signed...................................
Load more

Recommended publications
  • Guidelines and Strategies for Secure Interaction Design
    ,ch13.10831 Page 253 Friday, August 5, 2005 10:12 PM Chapter 13 CHAPTER THIRTEEN Guidelines and Strategies for Secure Interaction Design KA-PING YEE ALTHOUGH A RELIABLE, USABLE AUTHENTICATION METHOD IS ESSENTIAL, it is far from the only human interface concern. After a user signs in to a system, the system has to carry out the user’s wishes correctly in order to be considered secure. The question of secure inter- action design, addressed in this and the other chapters in this part of the book, is: How can we design a computer system to protect the interests of its legitimate user? To give you a sense of how important it is to look beyond authentication, consider some of today’s most serious security problems. Viruses are a leading contender, with email viruses making up a large part. Spyware is growing into a nightmare for home users and IT staff. Identity theft is becoming widespread, perpetrated in part through “phishing” scams in which forged email messages entice people to give away private information. None of these problems is caused by defeating a login mechanism. They would be better described as failures of computers to behave as their users expect. This chapter suggests some guidelines for designing and evaluating usable secure software and proposes two strategies for getting security and usability to work in harmony: security by designation and user-assigned identifiers. I’ll begin by providing a little background for our discussion, then present the guidelines and strategies, and finally look at real design problems to show how these strategies can be applied in practice.
    [Show full text]
  • Human Factors and Usability Issues Have Traditionally Played a Limited Role in Security Research and Secure Systems Development
    Security and Usability By Lorrie Faith Cranor, Simson Garfinkel ............................................... Publisher: O'Reilly Pub Date: August 2005 ISBN: 0-596-00827-9 Pages: 738 Table of Contents | Index Human factors and usability issues have traditionally played a limited role in security research and secure systems development. Security experts have largely ignored usability issues--both because they often failed to recognize the importance of human factors and because they lacked the expertise to address them. But there is a growing recognition that today's security problems can be solved only by addressing issues of usability and human factors. Increasingly, well-publicized security breaches are attributed to human errors that might have been prevented through more usable software. Indeed, the world's future cyber-security depends upon the deployment of security technology that can be broadly used by untrained computer users. Still, many people believe there is an inherent tradeoff between computer security and usability. It's true that a computer without passwords is usable, but not very secure. A computer that makes you authenticate every five minutes with a password and a fresh drop of blood might be very secure, but nobody would use it. Clearly, people need computers, and if they can't use one that's secure, they'll use one that isn't. Unfortunately, unsecured systems aren't usable for long, either. They get hacked, compromised, and otherwise rendered useless. There is increasing agreement that we need to design secure systems that people can actually use, but less agreement about how to reach this goal. Security & Usability is the first book-length work describing the current state of the art in this emerging field.
    [Show full text]
  • Robust Composition: Towards a Unified Approach To
    Robust Composition: Towards a Uni¯ed Approach to Access Control and Concurrency Control by Mark Samuel Miller A dissertation submitted to Johns Hopkins University in conformity with the requirements for the degree of Doctor of Philosophy. Baltimore, Maryland May, 2006 Copyright °c 2006, Mark Samuel Miller. All rights reserved. Permission is hereby granted to make and distribute verbatim copies of this document without royalty or fee. Permission is granted to quote excerpts from this documented provided the original source is properly cited. ii Abstract When separately written programs are composed so that they may cooperate, they may instead destructively interfere in unanticipated ways. These hazards limit the scale and functionality of the software systems we can successfully compose. This dissertation presents a framework for enabling those interactions between components needed for the cooperation we intend, while minimizing the hazards of destructive interference. Great progress on the composition problem has been made within the object paradigm, chiefly in the context of sequential, single-machine programming among benign components. We show how to extend this success to support robust composi- tion of concurrent and potentially malicious components distributed over potentially malicious machines. We present E, a distributed, persistent, secure programming language, and CapDesk, a virus-safe desktop built in E, as embodiments of the tech- niques we explain. Advisor: Jonathan S. Shapiro, Ph.D. Readers: Scott Smith, Ph.D., Yair Amir, Ph.D. iii iv This dissertation is dedicated to the number \3469" and the letter \E". v vi Acknowledgements Jonathan Shapiro, my advisor, for encouraging me to continue this work in an aca- demic setting, and for providing insight, encouragement, and support way beyond the call of any duty.
    [Show full text]
  • Tahoe-LAFS Documentation Release 1.X
    Tahoe-LAFS Documentation Release 1.x The Tahoe-LAFS Developers Sep 22, 2021 Contents 1 Welcome to Tahoe-LAFS! 3 1.1 What is Tahoe-LAFS?..........................................3 1.2 What is “provider-independent security”?................................3 1.3 Access Control..............................................4 1.4 Get Started................................................4 1.5 License..................................................5 2 Installing Tahoe-LAFS 7 2.1 Microsoft Windows...........................................7 2.2 Linux, BSD, or MacOS.........................................8 3 Building Tahoe-LAFS on Windows9 4 Building Tahoe-LAFS on Linux 11 4.1 Prerequisites............................................... 11 4.2 Install the Latest Tahoe-LAFS Release................................. 12 5 Building Tahoe-LAFS On A Desert Island 13 5.1 How This Works............................................. 14 6 How To Run Tahoe-LAFS 17 6.1 Introduction............................................... 17 6.2 Do Stuff With It............................................. 19 6.3 Socialize................................................. 20 6.4 Complain................................................. 20 7 Magic Wormhole Invites 21 7.1 Magic Wormhole............................................. 21 7.2 Invites and Joins............................................. 21 7.3 Tahoe-LAFS Secret Exchange...................................... 21 8 Configuring a Tahoe-LAFS node 23 8.1 Node Types...............................................
    [Show full text]
  • Mickaël Salaün Intégration De L'utilisateur Au Contrôle D'accès
    THÈSE DE DOCTORAT DE TÉLÉCOM SUDPARIS Spécialité Informatique École doctorale Informatique, Télécommunications et Électronique (Paris) Présentée par Mickaël Salaün Pour obtenir le grade de DOCTEUR de TÉLÉCOM SUDPARIS Sujet de la thèse : Intégration de l’utilisateur au contrôle d’accès : du processus cloisonné à l’interface homme-machine de confiance Soutenue le 2 mars 2018 devant le jury composé de : Président : Gaël Thomas Télécom SudParis Rapporteurs : Michaël Hauspie Université Lille 1, Sciences et Technologies Valérie Viet Triem Tong CentraleSupélec Examinateur : Roland Groz Grenoble INP, Ensimag Directeur de thèse : Hervé Debar Télécom SudParis Co-encadrante : Marion Daubignard ANSSI Invités : Mathieu Blanc CEA Benjamin Morin ANSSI NNT : 2018TELE0006 c 2018 Mickaël Salaün Ce document est placé sous la « Licence Ouverte » publiée par la mission Etalab. Mise à jour du 6 avril 2018 Résumé Cette thèse souhaite fournir des outils pour qu’un utilisateur puisse contribuer activement à la sécurité de son usage d’un système informatique. Les activités de sensibilités différentes d’un utilisateur nécessitent tout d’abord d’être cloisonnées dans des domaines dédiés, par un contrôle d’accès s’ajustant aux besoins de l’utilisateur. Afin de conserver ce cloisonnement, celui-ci doit être en mesure d’identifier de manière fiable les domaines avec lesquels il interagit, à partir de l’interface de sa machine. Dans une première partie, nous proposons un nouveau mécanisme de cloisonnement qui peut s’adapter de manière transparente aux changements d’activité de l’utilisateur, sans altérer le fonctionnement des contrôles d’accès existants, ni dégrader la sécurité du système. Nous en décrivons une première implémentation, nommée StemJail, basée sur les espaces de noms de Linux.
    [Show full text]