starred/s3fs-fuse
1
0
Fork 0
mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-25 13:26:00 +03:00
Code Issues 305 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #2513] About automatic downgrade to sigv2 on failed authentication attempts #1225

New issue
Open
opened 2026-03-04 01:52:23 +03:00 by kerem · 1 comment
kerem commented 2026-03-04 01:52:23 +03:00
Owner
Copy link

Originally created by @ggtakec on GitHub (Aug 17, 2024).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/2513

About downgrade to sigv2 automatically

When s3fs checks authentication at startup, if sigv2/sigv4 is not specified intentionally and authentication fails, it downgrades to sigv2 and retries.
We would like to consider whether or not to continue supporting this function.

If all AWS regions have switched to sigv4, automatic downgrade seems unnecessary.

However, the situation of compatible S3 products other than AWS will also need to be taken into consideration. (I think this can be avoided by forcing the specification of either sigv2 or sigv4.)

Originally created by @ggtakec on GitHub (Aug 17, 2024). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/2513 ### About downgrade to sigv2 automatically When s3fs checks authentication at startup, if sigv2/sigv4 is not specified intentionally and authentication fails, it downgrades to sigv2 and retries. We would like to consider whether or not to continue supporting this function. If all AWS regions have switched to sigv4, automatic downgrade seems unnecessary. However, the situation of compatible S3 products other than AWS will also need to be taken into consideration. (I think this can be avoided by forcing the specification of either sigv2 or sigv4.)
kerem commented 2026-03-04 01:52:23 +03:00
Author
Owner
Copy link

@gaul commented on GitHub (Aug 24, 2024):

I also dislike the existing behavior of falling back to v2 which can confuse error reporting. I prefer that s3fs defaults to -o sigv4 and allow users to override with -o sigv2. This will upset and break some users but v4 signatures should be well-supported 10 years after they were introduced. I also believe there are some security advantages to v4-only.

<!-- gh-comment-id:2308397952 --> @gaul commented on GitHub (Aug 24, 2024): I also dislike the existing behavior of falling back to v2 which can confuse error reporting. I prefer that s3fs defaults to `-o sigv4` and allow users to override with `-o sigv2`. This will upset and break some users but v4 signatures should be well-supported 10 years after they were introduced. I also believe there are some security advantages to v4-only.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.97
v1.96
v1.95
v1.94
v1.93
v1.92
v1.91
v1.90
v1.89
v1.88
v1.87
v1.86
v1.85
v1.84
v1.83
v1.82
v1.81
v1.80
v1.79
v1.78
Pre-v1.78
v1.77
v1.76
v1.75
v1.74
Labels
Clear labels   
bug

   
bug

   
dataloss

   
duplicate

   
enhancement

   
feature request

   
help wanted

   
invalid

   
need info

   
performance

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
testing
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/s3fs-fuse#1225
No description provided.