From 1c6b56a9c88a72bb43cc69db6cc4148b889636ef Mon Sep 17 00:00:00 2001
From: daira <>
Date: Thu, 23 May 2013 16:30:39 +0000
Subject: [PATCH] update information on rekeying bug and Twisted compatibility
 for Tahoe-LAFS v1.10

[Imported from Trac: page SftpFrontend, version 85]
---
 SftpFrontend.md | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/SftpFrontend.md b/SftpFrontend.md
index 52f7553..8e99b78 100644
--- a/SftpFrontend.md
+++ b/SftpFrontend.md
@@ -26,11 +26,9 @@ Deleting a directory via the SFTP frontend will not check that it is empty. The
 
 The '`ctime`' and '`mtime`' attributes will always be the same, and are set from the Tahoe `linkmotime` timestamp, which is changed only when the link from the parent directory is modified (see the ['About the metadata' section of webapi.rst](http://tahoe-lafs.org/trac/tahoe-lafs/browser/docs/frontends/webapi.rst#about-the-metadata)). These fields are not updated when the contents of a mutable file are changed. The SFTP protocol and the server are able to represent dates up to the year 2106, but some clients may print dates incorrectly after 2037.
 
-Versions of Twisted before 11.0 have [a bug in support for rekeying](http://twistedmatrix.com/trac/ticket/4395). This might cause a hang or 100% CPU usage by the gateway when a client tries to rekey. Depending on the client, rekeying may be triggered based on a time interval or the amount of data sent (for example, 1 GiB to 4 GiB for the openssh client), so this problem may not happen immediately when testing. Tahoe-LAFS v1.10 will require Twisted >= 11.0 to avoid this problem; in the meantime, we recommend that you either:
-* Install Twisted 11.0 or later manually (if it is not already installed), or
-* Use an option in your client to disable rekeying. For example in WinSCP, in the Key exchange section of the options under SSH, set both 'Max minutes before rekey' and 'Max data before rekey' to 0. Note that OpenSSH and sshfs do not seem to have an option to do this that works, contrary to what a previous version of this page said.
+Versions of Twisted before 11.0 have [a bug in support for rekeying](http://twistedmatrix.com/trac/ticket/4395). Tahoe-LAFS v1.10.0 requires a later version of Twisted and so will not be affected by this problem. For earlier versions of Tahoe-LAFS, it is recommended to install a version of Twisted between v11.0 and v12.2 inclusive (and use `tahoe --version` to check that it is being used); otherwise, this bug might cause a hang or 100% CPU usage by the gateway when a client tries to rekey. Depending on the client, rekeying may be triggered based on a time interval or the amount of data sent (for example, 1 GiB to 4 GiB for the openssh client), so this problem may not happen immediately when testing.
 
-Disabling rekeying [might introduce cryptographic weaknesses](http://winscp.net/eng/docs/ui_login_kex#reexchange), so updating Twisted is the preferred solution.
+Version v12.3 of Twisted is incompatible with the SFTP frontend (#1926, #1525). Upgrade to Tahoe-LAFS v1.10 to fix this problem.
 
 
 # Unicode filenames