S3 V2 api signature

Hi all,
is it possibile to use V2 api signature versions for S3 compatible backup backend instead of V4?

That should be possible using a MINIO_SHARED_CREDENTIALS_FILE. Set the environment variable or place the configuration at ~/.mc/config.json. The configuration should then look similar to the following:

	"version": "10",
	"aliases": {
		"s3": {
			"url": "",
			"accessKey": "accessKey",
			"secretKey": "secretKey",
			"api": "S3v2",

If you also set MINIO_ALIAS, then you can use an alias different than s3.

I’m using rpm on Centos 7 (restic-0.9.6-1.ns7.x86_64). Is your suggestion valid for this environment?
Thank you

I’m getting this:

[root@hosting ~]# restic -r s3:r1-it.storage.cloud.it/qgbackup init
Fatal: create repository at s3:r1-it.storage.cloud.it/qgbackup failed: client.BucketExists: Error response code AuthMethodNotRecognized.

Setted via:


Using the AWS* environment variables always uses auth version 4. I don’t see why my previous suggestion shouldn’t work.

Should I have to configure your suggested file and then relaunch restic -r command? Sorry but I’m new :smiley:

Yes, please fill in the fields in the suggested config.json structure, set the MINIO_SHARED_CREDENTIALS_FILE environment variable, make sure that the AWS_* environment variables are not set. And then run restic again.

Can you give me an example of how to set MINIO_SHARED_CREDENTIALS_FILE variable?

export MINIO_SHARED_CREDENTIALS_FILE=path/to/config.json


[root@hosting .mc]# pwd
[root@hosting .mc]# ls -l
total 4
-rw-r--r-- 1 root root 174 Dec 23 23:15 config.json


export MINIO_SHARED_CREDENTIALS_FILE=/root/.mc/config.json

Launch backup:

[root@hosting .mc]# restic -r s3:r1-it.storage.cloud.it/qgbackup init
enter password for new repository:
enter password again:
Fatal: create key in repository at s3:r1-it.storage.cloud.it/qgbackup failed: client.PutObject: Access Denied

Content of config.json:

[root@hosting .mc]# cat config.json
        "version": "10",
        "aliases": {
                "s3": {
                        "url": "r1-it.storage.cloud.it",
                        "accessKey": "myaccesskey",
                        "secretKey": "mypassword",
                        "api": "S3v2",

What is wrong?

@MichaelEischer how can I check if config file has been loaded properly?

Ok, I understand what you suggested. But this is my problem.

I have bought a compatible-s3 space that seems to works only with v2 signature. It is possible in restic to use v2 signature also if it’s deprecated?

I tried with s3cmd and it works by forcing v2 signature, but I think it’s not possible to create restic repo with s3cmd; or not?

The error message is a different one now. I’d suggest you try whether you can create a bucket and files within our using generic S3 tools (like mc) first to rule out any other problems such as ACL. Once that works you could continue with restic.

In addition I’d recommend to either convince cloud.it to support an up-to-date S3 interface or to switch to a different provider who does. There are plenty of choices out there so there is really no need to struggle with such problems.

I found a working configuration via rclone. I think I’ll use it. Thank you.