What is the problem you are having with rclone?
I'm unsure how to authenticate using the
rclone serve sftp command with
--auth-proxy when you are only provided the
public_key on stdin.
To do proper public key authentication, you would need to authenticate against the clients' private key, which is unavailable.
What is your rclone version (output from
v1.53.3 on Debian 11
Which cloud storage system are you using? (eg Google Drive)
Google Cloud Storage (as the dynamic backend)
The command you were trying to run (eg
rclone copy /tmp remote:tmp)
rclone -v --gcs-bucket-policy-only --auth-proxy ./test_proxy.py serve sftp
Auth proxy implemented similar to here, with root being a GCS object path
The rclone config contents with secrets removed.
Provided above on command line
A log from the command with the
No logs as a design question rather than a bug
You should find that rclone has done this already (over the ssh protocol) by the time it calls the auth proxy.
So rclone has checked that the user has the private part of the public key you've been passed. Its up to you to check that a) that the public key is OK to use and b) the user name is valid.
Normally rclone would check in the authorized keys file to see if the user is a valid user, but using the auth proxy you need to do that yourself.
Does that make sense?
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.