starred/s3fs-fuse

Fork 0

mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-25 21:35:58 +03:00

. - try to connect to swift storage #627

New issue

Closed

opened 2026-03-04 01:47:19 +03:00 by kerem · 4 comments

kerem commented

2026-03-04 01:47:19 +03:00

Owner

Originally created by @amitkertis17 on GitHub (Oct 28, 2019).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1187

Version of s3fs being used (s3fs --version)
V1.85

Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse)
Package: fuse
Status: install ok installed
Priority: optional
Section: utils
Installed-Size: 104
Maintainer: Ubuntu Developers ubuntu-devel-discuss@lists.ubuntu.com
Architecture: amd64
Version: 2.9.4-1ubuntu3.1

Kernel information (uname -r)
4.4.0-165-generic

i am trying to mount swift storage
and i get this error

[ERR] curl.cpp:CheckBucket(3423): Check bucket failed, S3 response: <?xml version='1.0' encoding='UTF-8'?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><RequestId>tx5efdac9e174f4793b0c28-005db6b1c6</RequestId><AWSAccessKeyId>cc2e88e44dae42e9bb0f3e2b363f47f2</AWSAccessKeyId><CanonicalRequest>GET
/aaa12345/

its probable related to the pass file
i try many ACCESS_KEY_ID:SECRET_ACCESS_KEY options that i can think about but....
i probable have a mistake here

can someone please help and give a user guide how i get those value from swift storage

this is the command i am sending

sudo s3fs aaa12345 /mnt/s3test2 -o passwd_file=/home/ccloud/.passwd-s3fs -o url=https://objectstore-3.eu-nl-1.cloud.sap:443/ -o use_path_request_style -o endpoint=eu-nl-1 -o dbglevel=info -f -o curldbg

i try to generate a ACCESS_KEY_ID:SECRET_ACCESS_KEY by this command

openstack application credential create --role swiftoperator s3fs -c id -c secret -f value

but still as i said nothing work

this is the full output i get

ccloud@amitkertes-s3fs-new:~$ sudo s3fs aaa12345 /mnt/s3 -o passwd_file=/home/ccloud/.passwd-s3fs -o url=https://objectstore-3.eu-nl-1.cloud.sap:443/ -o use_path_request_style -o endpoint=eu-nl-1  -o dbglevel=info -f -o curldbg
[CRT] s3fs.cpp:set_s3fs_log_level(297): change debug level from [CRT] to [INF] 
[INF]     s3fs.cpp:set_mountpoint_attribute(4382): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755)
[INF] s3fs.cpp:s3fs_init(3474): init v1.85(commit:0e815c2) with OpenSSL
[INF] s3fs.cpp:s3fs_check_service(3809): check services.
[INF]       curl.cpp:CheckBucket(3397): check a bucket.
[WAN] curl.cpp:ResetHandle(2042): The S3FS_CURLOPT_KEEP_SENDING_ON_ERROR option could not be set. For maximize performance you need to enable this option and you should use libcurl 7.51.0 or later.
[INF]       curl.cpp:prepare_url(4685): URL is https://objectstore-3.eu-nl-1.cloud.sap:443/aaa12345/
[INF]       curl.cpp:prepare_url(4717): URL changed is https://objectstore-3.eu-nl-1.cloud.sap:443/aaa12345/
[INF]       curl.cpp:insertV4Headers(2745): computing signature [GET] [/] [] []
[INF]       curl.cpp:url_to_host(99): url is https://objectstore-3.eu-nl-1.cloud.sap:443
*   Trying 147.204.33.18...
* Connected to objectstore-3.eu-nl-1.cloud.sap (147.204.33.18) port 443 (#0)
* found 150 certificates in /etc/ssl/certs/ca-certificates.crt
* found 600 certificates in /etc/ssl/certs
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* 	 server certificate verification OK
* 	 server certificate status verification SKIPPED
* 	 common name: objectstore-3.eu-nl-1.cloud.sap (matched)
* 	 server certificate expiration date OK
* 	 server certificate activation date OK
* 	 certificate public key: RSA
* 	 certificate version: #3
* 	 subject: C=DE,ST=Baden-Wuerttemberg,L=Walldorf,O=SAP SE,OU=Infrastructure Automization,CN=objectstore-3.eu-nl-1.cloud.sap
* 	 start date: Wed, 05 Dec 2018 00:00:00 GMT
* 	 expire date: Fri, 06 Dec 2019 12:00:00 GMT
* 	 issuer: C=US,O=DigiCert Inc,CN=DigiCert SHA2 Secure Server CA
* 	 compression: NULL
> GET /aaa12345/ HTTP/1.1
host: objectstore-3.eu-nl-1.cloud.sap:443
User-Agent: s3fs/1.85 (commit hash 0e815c2; OpenSSL)
Accept: */*
Authorization: AWS4-HMAC-SHA256 Credential=cc2e88e44dae42e9bb0f3e2b363f47f2/20191028/eu-nl-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=6fa8e4a34e659e6428b225934e641d73a15917dab013c1bb8f263499e9fbdcd9
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date: 20191028T093051Z

< HTTP/1.1 403 Forbidden
< Server: nginx/1.14.0
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Connection: keep-alive
< x-amz-id-2: tx7e96a60621284f799b80d-005db6b54b
< x-amz-request-id: tx7e96a60621284f799b80d-005db6b54b
< X-Trans-Id: tx7e96a60621284f799b80d-005db6b54b
< X-Openstack-Request-Id: tx7e96a60621284f799b80d-005db6b54b
< Date: Mon, 28 Oct 2019 09:30:51 GMT
< 
* Connection #0 to host objectstore-3.eu-nl-1.cloud.sap left intact
[ERR] curl.cpp:RequestPerform(2428): HTTP response code 403, returning EPERM. Body Text: <?xml version='1.0' encoding='UTF-8'?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><RequestId>tx7e96a60621284f799b80d-005db6b54b</RequestId><AWSAccessKeyId>cc2e88e44dae42e9bb0f3e2b363f47f2</AWSAccessKeyId><CanonicalRequest>GET
/aaa12345/

host:objectstore-3.eu-nl-1.cloud.sap
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20191028T093051Z

host;x-amz-content-sha256;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</CanonicalRequest><CanonicalRequestBytes>47 45 54 0a 2f 61 61 61 31 32 33 34 35 2f 0a 0a 68 6f 73 74 3a 6f 62 6a 65 63 74 73 74 6f 72 65 2d 33 2e 65 75 2d 6e 6c 2d 31 2e 63 6c 6f 75 64 2e 73 61 70 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 39 31 30 32 38 54 30 39 33 30 35 31 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35</CanonicalRequestBytes><StringToSign>AWS4-HMAC-SHA256
20191028T093051Z
20191028/eu-nl-1/s3/aws4_request
639bafc339a93215f0442ad7ba9fa587b5ab4c51674958730af4c311be39b869</StringToSign><SignatureProvided>6fa8e4a34e659e6428b225934e641d73a15917dab013c1bb8f263499e9fbdcd9</SignatureProvided><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 39 31 30 32 38 54 30 39 33 30 35 31 5a 0a 32 30 31 39 31 30 32 38 2f 65 75 2d 6e 6c 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 36 33 39 62 61 66 63 33 33 39 61 39 33 32 31 35 66 30 34 34 32 61 64 37 62 61 39 66 61 35 38 37 62 35 61 62 34 63 35 31 36 37 34 39 35 38 37 33 30 61 66 34 63 33 31 31 62 65 33 39 62 38 36 39</StringToSignBytes></Error>
[ERR] curl.cpp:CheckBucket(3423): Check bucket failed, S3 response: <?xml version='1.0' encoding='UTF-8'?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><RequestId>tx7e96a60621284f799b80d-005db6b54b</RequestId><AWSAccessKeyId>cc2e88e44dae42e9bb0f3e2b363f47f2</AWSAccessKeyId><CanonicalRequest>GET
/aaa12345/

host:objectstore-3.eu-nl-1.cloud.sap
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20191028T093051Z

host;x-amz-content-sha256;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</CanonicalRequest><CanonicalRequestBytes>47 45 54 0a 2f 61 61 61 31 32 33 34 35 2f 0a 0a 68 6f 73 74 3a 6f 62 6a 65 63 74 73 74 6f 72 65 2d 33 2e 65 75 2d 6e 6c 2d 31 2e 63 6c 6f 75 64 2e 73 61 70 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 39 31 30 32 38 54 30 39 33 30 35 31 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35</CanonicalRequestBytes><StringToSign>AWS4-HMAC-SHA256
20191028T093051Z
20191028/eu-nl-1/s3/aws4_request
639bafc339a93215f0442ad7ba9fa587b5ab4c51674958730af4c311be39b869</StringToSign><SignatureProvided>6fa8e4a34e659e6428b225934e641d73a15917dab013c1bb8f263499e9fbdcd9</SignatureProvided><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 39 31 30 32 38 54 30 39 33 30 35 31 5a 0a 32 30 31 39 31 30 32 38 2f 65 75 2d 6e 6c 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 36 33 39 62 61 66 63 33 33 39 61 39 33 32 31 35 66 30 34 34 32 61 64 37 62 61 39 66 61 35 38 37 62 35 61 62 34 63 35 31 36 37 34 39 35 38 37 33 30 61 66 34 63 33 31 31 62 65 33 39 62 38 36 39</StringToSignBytes></Error>
[CRT] s3fs.cpp:s3fs_check_service(3864): Failed to connect by sigv4, so retry to connect by signature version 2.
[INF] curl.cpp:ReturnHandler(318): Pool full: destroy the oldest handler
[INF]       curl.cpp:CheckBucket(3397): check a bucket.
[INF]       curl.cpp:prepare_url(4685): URL is https://objectstore-3.eu-nl-1.cloud.sap:443/aaa12345/
[INF]       curl.cpp:prepare_url(4717): URL changed is https://objectstore-3.eu-nl-1.cloud.sap:443/aaa12345/
* Found bundle for host objectstore-3.eu-nl-1.cloud.sap: 0x7fa9dc00afb0 [can pipeline]
* Re-using existing connection! (#0) with host objectstore-3.eu-nl-1.cloud.sap
* Connected to objectstore-3.eu-nl-1.cloud.sap (147.204.33.18) port 443 (#0)
> GET /aaa12345/ HTTP/1.1
Host: objectstore-3.eu-nl-1.cloud.sap
User-Agent: s3fs/1.85 (commit hash 0e815c2; OpenSSL)
Accept: */*
Authorization: AWS cc2e88e44dae42e9bb0f3e2b363f47f2:GVEFqVDnVJlMMcpU1/95qgq7zG0=
Date: Mon, 28 Oct 2019 09:30:51 GMT

< HTTP/1.1 403 Forbidden
< Server: nginx/1.14.0
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Connection: keep-alive
< x-amz-id-2: tx374fe6f7b5914527928c1-005db6b54b
< x-amz-request-id: tx374fe6f7b5914527928c1-005db6b54b
< X-Trans-Id: tx374fe6f7b5914527928c1-005db6b54b
< X-Openstack-Request-Id: tx374fe6f7b5914527928c1-005db6b54b
< Date: Mon, 28 Oct 2019 09:30:51 GMT
< 
* Connection #0 to host objectstore-3.eu-nl-1.cloud.sap left intact
[ERR] curl.cpp:RequestPerform(2428): HTTP response code 403, returning EPERM. Body Text: <?xml version='1.0' encoding='UTF-8'?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><RequestId>tx374fe6f7b5914527928c1-005db6b54b</RequestId><StringToSignBytes>47 45 54 0a 0a 0a 4d 6f 6e 2c 20 32 38 20 4f 63 74 20 32 30 31 39 20 30 39 3a 33 30 3a 35 31 20 47 4d 54 0a 2f 61 61 61 31 32 33 34 35 2f</StringToSignBytes><StringToSign>GET


Mon, 28 Oct 2019 09:30:51 GMT
/aaa12345/</StringToSign><SignatureProvided>GVEFqVDnVJlMMcpU1/95qgq7zG0=</SignatureProvided><AWSAccessKeyId>cc2e88e44dae42e9bb0f3e2b363f47f2</AWSAccessKeyId></Error>
[ERR] curl.cpp:CheckBucket(3423): Check bucket failed, S3 response: <?xml version='1.0' encoding='UTF-8'?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><RequestId>tx374fe6f7b5914527928c1-005db6b54b</RequestId><StringToSignBytes>47 45 54 0a 0a 0a 4d 6f 6e 2c 20 32 38 20 4f 63 74 20 32 30 31 39 20 30 39 3a 33 30 3a 35 31 20 47 4d 54 0a 2f 61 61 61 31 32 33 34 35 2f</StringToSignBytes><StringToSign>GET


Mon, 28 Oct 2019 09:30:51 GMT
/aaa12345/</StringToSign><SignatureProvided>GVEFqVDnVJlMMcpU1/95qgq7zG0=</SignatureProvided><AWSAccessKeyId>cc2e88e44dae42e9bb0f3e2b363f47f2</AWSAccessKeyId></Error>
[CRT] s3fs.cpp:s3fs_check_service(3879): invalid credentials(host=https://objectstore-3.eu-nl-1.cloud.sap:443) - result of checking service.
[ERR] s3fs.cpp:s3fs_exit_fuseloop(3464): Exiting FUSE event loop due to errors

[INF] s3fs.cpp:s3fs_destroy(3527): destroy
ccloud@amitkertes-s3fs-new:~$

please help :):):)

Originally created by @amitkertis17 on GitHub (Oct 28, 2019). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1187 Version of s3fs being used (s3fs --version) V1.85 Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse) Package: fuse Status: install ok installed Priority: optional Section: utils Installed-Size: 104 Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> Architecture: amd64 Version: 2.9.4-1ubuntu3.1 Kernel information (uname -r) 4.4.0-165-generic i am trying to mount swift storage and i get this error ``` [ERR] curl.cpp:CheckBucket(3423): Check bucket failed, S3 response: <?xml version='1.0' encoding='UTF-8'?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><RequestId>tx5efdac9e174f4793b0c28-005db6b1c6</RequestId><AWSAccessKeyId>cc2e88e44dae42e9bb0f3e2b363f47f2</AWSAccessKeyId><CanonicalRequest>GET /aaa12345/ ``` its probable related to the pass file i try many ACCESS_KEY_ID:SECRET_ACCESS_KEY options that i can think about but.... i probable have a mistake here can someone please help and give a user guide how i get those value from swift storage this is the command i am sending ``` sudo s3fs aaa12345 /mnt/s3test2 -o passwd_file=/home/ccloud/.passwd-s3fs -o url=https://objectstore-3.eu-nl-1.cloud.sap:443/ -o use_path_request_style -o endpoint=eu-nl-1 -o dbglevel=info -f -o curldbg ``` i try to generate a ACCESS_KEY_ID:SECRET_ACCESS_KEY by this command openstack application credential create --role swiftoperator s3fs -c id -c secret -f value but still as i said nothing work this is the full output i get ``` ccloud@amitkertes-s3fs-new:~$ sudo s3fs aaa12345 /mnt/s3 -o passwd_file=/home/ccloud/.passwd-s3fs -o url=https://objectstore-3.eu-nl-1.cloud.sap:443/ -o use_path_request_style -o endpoint=eu-nl-1 -o dbglevel=info -f -o curldbg [CRT] s3fs.cpp:set_s3fs_log_level(297): change debug level from [CRT] to [INF] [INF] s3fs.cpp:set_mountpoint_attribute(4382): PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755) [INF] s3fs.cpp:s3fs_init(3474): init v1.85(commit:0e815c2) with OpenSSL [INF] s3fs.cpp:s3fs_check_service(3809): check services. [INF] curl.cpp:CheckBucket(3397): check a bucket. [WAN] curl.cpp:ResetHandle(2042): The S3FS_CURLOPT_KEEP_SENDING_ON_ERROR option could not be set. For maximize performance you need to enable this option and you should use libcurl 7.51.0 or later. [INF] curl.cpp:prepare_url(4685): URL is https://objectstore-3.eu-nl-1.cloud.sap:443/aaa12345/ [INF] curl.cpp:prepare_url(4717): URL changed is https://objectstore-3.eu-nl-1.cloud.sap:443/aaa12345/ [INF] curl.cpp:insertV4Headers(2745): computing signature [GET] [/] [] [] [INF] curl.cpp:url_to_host(99): url is https://objectstore-3.eu-nl-1.cloud.sap:443 * Trying 147.204.33.18... * Connected to objectstore-3.eu-nl-1.cloud.sap (147.204.33.18) port 443 (#0) * found 150 certificates in /etc/ssl/certs/ca-certificates.crt * found 600 certificates in /etc/ssl/certs * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256 * server certificate verification OK * server certificate status verification SKIPPED * common name: objectstore-3.eu-nl-1.cloud.sap (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: C=DE,ST=Baden-Wuerttemberg,L=Walldorf,O=SAP SE,OU=Infrastructure Automization,CN=objectstore-3.eu-nl-1.cloud.sap * start date: Wed, 05 Dec 2018 00:00:00 GMT * expire date: Fri, 06 Dec 2019 12:00:00 GMT * issuer: C=US,O=DigiCert Inc,CN=DigiCert SHA2 Secure Server CA * compression: NULL > GET /aaa12345/ HTTP/1.1 host: objectstore-3.eu-nl-1.cloud.sap:443 User-Agent: s3fs/1.85 (commit hash 0e815c2; OpenSSL) Accept: */* Authorization: AWS4-HMAC-SHA256 Credential=cc2e88e44dae42e9bb0f3e2b363f47f2/20191028/eu-nl-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=6fa8e4a34e659e6428b225934e641d73a15917dab013c1bb8f263499e9fbdcd9 x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date: 20191028T093051Z < HTTP/1.1 403 Forbidden < Server: nginx/1.14.0 < Content-Type: application/xml < Transfer-Encoding: chunked < Connection: keep-alive < x-amz-id-2: tx7e96a60621284f799b80d-005db6b54b < x-amz-request-id: tx7e96a60621284f799b80d-005db6b54b < X-Trans-Id: tx7e96a60621284f799b80d-005db6b54b < X-Openstack-Request-Id: tx7e96a60621284f799b80d-005db6b54b < Date: Mon, 28 Oct 2019 09:30:51 GMT < * Connection #0 to host objectstore-3.eu-nl-1.cloud.sap left intact [ERR] curl.cpp:RequestPerform(2428): HTTP response code 403, returning EPERM. Body Text: <?xml version='1.0' encoding='UTF-8'?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><RequestId>tx7e96a60621284f799b80d-005db6b54b</RequestId><AWSAccessKeyId>cc2e88e44dae42e9bb0f3e2b363f47f2</AWSAccessKeyId><CanonicalRequest>GET /aaa12345/ host:objectstore-3.eu-nl-1.cloud.sap x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date:20191028T093051Z host;x-amz-content-sha256;x-amz-date e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</CanonicalRequest><CanonicalRequestBytes>47 45 54 0a 2f 61 61 61 31 32 33 34 35 2f 0a 0a 68 6f 73 74 3a 6f 62 6a 65 63 74 73 74 6f 72 65 2d 33 2e 65 75 2d 6e 6c 2d 31 2e 63 6c 6f 75 64 2e 73 61 70 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 39 31 30 32 38 54 30 39 33 30 35 31 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35</CanonicalRequestBytes><StringToSign>AWS4-HMAC-SHA256 20191028T093051Z 20191028/eu-nl-1/s3/aws4_request 639bafc339a93215f0442ad7ba9fa587b5ab4c51674958730af4c311be39b869</StringToSign><SignatureProvided>6fa8e4a34e659e6428b225934e641d73a15917dab013c1bb8f263499e9fbdcd9</SignatureProvided><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 39 31 30 32 38 54 30 39 33 30 35 31 5a 0a 32 30 31 39 31 30 32 38 2f 65 75 2d 6e 6c 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 36 33 39 62 61 66 63 33 33 39 61 39 33 32 31 35 66 30 34 34 32 61 64 37 62 61 39 66 61 35 38 37 62 35 61 62 34 63 35 31 36 37 34 39 35 38 37 33 30 61 66 34 63 33 31 31 62 65 33 39 62 38 36 39</StringToSignBytes></Error> [ERR] curl.cpp:CheckBucket(3423): Check bucket failed, S3 response: <?xml version='1.0' encoding='UTF-8'?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><RequestId>tx7e96a60621284f799b80d-005db6b54b</RequestId><AWSAccessKeyId>cc2e88e44dae42e9bb0f3e2b363f47f2</AWSAccessKeyId><CanonicalRequest>GET /aaa12345/ host:objectstore-3.eu-nl-1.cloud.sap x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date:20191028T093051Z host;x-amz-content-sha256;x-amz-date e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</CanonicalRequest><CanonicalRequestBytes>47 45 54 0a 2f 61 61 61 31 32 33 34 35 2f 0a 0a 68 6f 73 74 3a 6f 62 6a 65 63 74 73 74 6f 72 65 2d 33 2e 65 75 2d 6e 6c 2d 31 2e 63 6c 6f 75 64 2e 73 61 70 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 39 31 30 32 38 54 30 39 33 30 35 31 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35</CanonicalRequestBytes><StringToSign>AWS4-HMAC-SHA256 20191028T093051Z 20191028/eu-nl-1/s3/aws4_request 639bafc339a93215f0442ad7ba9fa587b5ab4c51674958730af4c311be39b869</StringToSign><SignatureProvided>6fa8e4a34e659e6428b225934e641d73a15917dab013c1bb8f263499e9fbdcd9</SignatureProvided><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 39 31 30 32 38 54 30 39 33 30 35 31 5a 0a 32 30 31 39 31 30 32 38 2f 65 75 2d 6e 6c 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 36 33 39 62 61 66 63 33 33 39 61 39 33 32 31 35 66 30 34 34 32 61 64 37 62 61 39 66 61 35 38 37 62 35 61 62 34 63 35 31 36 37 34 39 35 38 37 33 30 61 66 34 63 33 31 31 62 65 33 39 62 38 36 39</StringToSignBytes></Error> [CRT] s3fs.cpp:s3fs_check_service(3864): Failed to connect by sigv4, so retry to connect by signature version 2. [INF] curl.cpp:ReturnHandler(318): Pool full: destroy the oldest handler [INF] curl.cpp:CheckBucket(3397): check a bucket. [INF] curl.cpp:prepare_url(4685): URL is https://objectstore-3.eu-nl-1.cloud.sap:443/aaa12345/ [INF] curl.cpp:prepare_url(4717): URL changed is https://objectstore-3.eu-nl-1.cloud.sap:443/aaa12345/ * Found bundle for host objectstore-3.eu-nl-1.cloud.sap: 0x7fa9dc00afb0 [can pipeline] * Re-using existing connection! (#0) with host objectstore-3.eu-nl-1.cloud.sap * Connected to objectstore-3.eu-nl-1.cloud.sap (147.204.33.18) port 443 (#0) > GET /aaa12345/ HTTP/1.1 Host: objectstore-3.eu-nl-1.cloud.sap User-Agent: s3fs/1.85 (commit hash 0e815c2; OpenSSL) Accept: */* Authorization: AWS cc2e88e44dae42e9bb0f3e2b363f47f2:GVEFqVDnVJlMMcpU1/95qgq7zG0= Date: Mon, 28 Oct 2019 09:30:51 GMT < HTTP/1.1 403 Forbidden < Server: nginx/1.14.0 < Content-Type: application/xml < Transfer-Encoding: chunked < Connection: keep-alive < x-amz-id-2: tx374fe6f7b5914527928c1-005db6b54b < x-amz-request-id: tx374fe6f7b5914527928c1-005db6b54b < X-Trans-Id: tx374fe6f7b5914527928c1-005db6b54b < X-Openstack-Request-Id: tx374fe6f7b5914527928c1-005db6b54b < Date: Mon, 28 Oct 2019 09:30:51 GMT < * Connection #0 to host objectstore-3.eu-nl-1.cloud.sap left intact [ERR] curl.cpp:RequestPerform(2428): HTTP response code 403, returning EPERM. Body Text: <?xml version='1.0' encoding='UTF-8'?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><RequestId>tx374fe6f7b5914527928c1-005db6b54b</RequestId><StringToSignBytes>47 45 54 0a 0a 0a 4d 6f 6e 2c 20 32 38 20 4f 63 74 20 32 30 31 39 20 30 39 3a 33 30 3a 35 31 20 47 4d 54 0a 2f 61 61 61 31 32 33 34 35 2f</StringToSignBytes><StringToSign>GET Mon, 28 Oct 2019 09:30:51 GMT /aaa12345/</StringToSign><SignatureProvided>GVEFqVDnVJlMMcpU1/95qgq7zG0=</SignatureProvided><AWSAccessKeyId>cc2e88e44dae42e9bb0f3e2b363f47f2</AWSAccessKeyId></Error> [ERR] curl.cpp:CheckBucket(3423): Check bucket failed, S3 response: <?xml version='1.0' encoding='UTF-8'?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><RequestId>tx374fe6f7b5914527928c1-005db6b54b</RequestId><StringToSignBytes>47 45 54 0a 0a 0a 4d 6f 6e 2c 20 32 38 20 4f 63 74 20 32 30 31 39 20 30 39 3a 33 30 3a 35 31 20 47 4d 54 0a 2f 61 61 61 31 32 33 34 35 2f</StringToSignBytes><StringToSign>GET Mon, 28 Oct 2019 09:30:51 GMT /aaa12345/</StringToSign><SignatureProvided>GVEFqVDnVJlMMcpU1/95qgq7zG0=</SignatureProvided><AWSAccessKeyId>cc2e88e44dae42e9bb0f3e2b363f47f2</AWSAccessKeyId></Error> [CRT] s3fs.cpp:s3fs_check_service(3879): invalid credentials(host=https://objectstore-3.eu-nl-1.cloud.sap:443) - result of checking service. [ERR] s3fs.cpp:s3fs_exit_fuseloop(3464): Exiting FUSE event loop due to errors [INF] s3fs.cpp:s3fs_destroy(3527): destroy ccloud@amitkertes-s3fs-new:~$ ``` please help :):):)

kerem

2026-03-04 01:47:19 +03:00

closed this issue
added the
need info
label

kerem commented

2026-03-04 01:47:21 +03:00

Author

Owner

@gaul commented on GitHub (Feb 2, 2020):

Usually this error occurs due to a mismatch between the credentials between the client and server. Do these work when you use another client like the AWS CLI?

@gaul commented on GitHub (Feb 2, 2020): Usually this error occurs due to a mismatch between the credentials between the client and server. Do these work when you use another client like the AWS CLI?

kerem commented

2026-03-04 01:47:21 +03:00

Author

Owner

@blmt commented on GitHub (Mar 25, 2020):

I recently had s3fs to work with our Swift deployment, although with some limitations that I believe are caused by our old version (namely multipart uploads do not work -> maximum file size is limited by the server setting).

If Swift is configured to use Keystone authentication the credentials needed can be generated via:
openstack ec2 credentials create
The "access" and "secret" values are the ones you will need to put in your ~/.passwd-s3fs .
That is assuming your deployment has the correct pipeline in place, more info can be found under the section "AWS S3 Api" here:
https://docs.openstack.org/swift/latest/middleware.html

I used the following command to mount the bucket:
s3fs testbucket mountpoint -o host=https://your-swift-proxy-endpoint -o use_path_request_style -o sigv2 -o nomultipart -o nocopyapi -o norenameapi

@blmt commented on GitHub (Mar 25, 2020): I recently had s3fs to work with our Swift deployment, although with some limitations that I believe are caused by our old version (namely multipart uploads do not work -> maximum file size is limited by the server setting). If Swift is configured to use Keystone authentication the credentials needed can be generated via: `openstack ec2 credentials create` The "access" and "secret" values are the ones you will need to put in your ~/.passwd-s3fs . That is assuming your deployment has the correct pipeline in place, more info can be found under the section "AWS S3 Api" here: https://docs.openstack.org/swift/latest/middleware.html I used the following command to mount the bucket: `s3fs testbucket mountpoint -o host=https://your-swift-proxy-endpoint -o use_path_request_style -o sigv2 -o nomultipart -o nocopyapi -o norenameapi`

kerem commented

2026-03-04 01:47:21 +03:00

Author

Owner

@gaul commented on GitHub (Mar 25, 2020):

Unfortunately authentication errors can be tricky with private S3 implementations. Specifically older Swift S3 support is not good so you may need to do some debugging. Does the AWS CLI work?

@gaul commented on GitHub (Mar 25, 2020): Unfortunately authentication errors can be tricky with private S3 implementations. Specifically older Swift S3 support is not good so you may need to do some debugging. Does the AWS CLI work?

kerem commented

2026-03-04 01:47:21 +03:00

Author

Owner

@gaul commented on GitHub (Jun 5, 2020):

Closing due to inactivity. Please reopen if symptoms persist.

@gaul commented on GitHub (Jun 5, 2020): Closing due to inactivity. Please reopen if symptoms persist.

kerem referenced this issue

2026-03-04 02:01:07 +03:00

[PR #627] [MERGED] Update README.md #1574