camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bengt Rodehav <be...@rodehav.com>
Subject Re: sftp with privateKeyFile using camel-ftp
Date Wed, 23 Jun 2010 11:01:14 GMT
Logging patch is now attached to the JIRA.

/Bengt

2010/6/23 Bengt Rodehav <bengt@rodehav.com>

> Claus,
>
> I'll try to get some help regarding this on the Jsch mailing list.
>
> Remember I told you nothing turns up in the log. I've looked at the source
> code for camel-ftp (SftpOperations.java) and there is no logger attached to
> Jsch. I created a JIRA for that:
> https://issues.apache.org/activemq/browse/CAMEL-2842
>
> <https://issues.apache.org/activemq/browse/CAMEL-2842>I have a patch that
> I'll attach to the JIRA. I need to do a SVN update locally to be able to
> create a diff file but I cant currently connect to the SVN repository. I'll
> attach the patch as soon as possible.
>
> /Bengt
>
> 2010/6/23 Bengt Rodehav <bengt@rodehav.com>
>
> Hi Claus,
>>
>> Unfortunately I get nothing in the log. If it were the 256 limit I was
>> kind of expecting some kind of Exception. I've also been "bitten" by it in
>> the past and normally you get some kind of security related exception. Maybe
>> it's caught somewhere...
>>
>> To be sure I'll download the updated policy files and also try a separate
>> client like you suggest.
>>
>> Thanks,
>>
>> /Bengt
>>
>> 2010/6/23 Claus Ibsen <claus.ibsen@gmail.com>
>>
>> Hi
>>>
>>> The key length restriction have bitten me in the past. You had to
>>> download a special extension and override some files in the JRE to be
>>> able to use longer keys. I think the restriction was very low at the
>>> time, like 256 or so.
>>>
>>> Since its JCraft that does the SFTP stuff you may have to google a bit
>>> and try reading some of their documentation how to do this. Maybe
>>> there is some help there.
>>>
>>> And I assume you dont get any errors or the likes in the log / console?
>>> And have you tried outside OSGi, eg from a plain unit test also?
>>>
>>>
>>>
>>> On Tue, Jun 22, 2010 at 11:08 PM, Bengt Rodehav <bengt@rodehav.com>
>>> wrote:
>>> > I'm trying to get sftp private key authentication to work with sftp
>>> with no
>>> > luck. I have a route similar to the following:
>>> >
>>> > from("file:datadir").to("sftp://user@localhost
>>> > /datadir?password=password&privateKeyFile=user.key");
>>> >
>>> > The sftp server is Serv-U. I generate key pairs using Serv-U. The
>>> public key
>>> > is used by Serv-U while camel-ftp is configured with the private key.
>>> Camel
>>> > manages to connect to Serv-U but never to log in. The key type is DSA
>>> and
>>> > the key length is 1024. The private key looks lilke this:
>>> >
>>> > -----BEGIN DSA PRIVATE KEY-----
>>> > MIIBugIBAAKBgQCR+zLyBwj0gcvNh6xmauvc2YdYYEjjoXdIUpzb01zmwFzqia9q
>>> > nWCTL5t3iwqgBrZIxOa75M322OsG99+7JsBn1YaTxDJ4hSnX0dyheS620HsMFbP1
>>> > 27LjYFX2mee8jeZN8GIUAdPLDHPkvGnlGfFFvj8f/IKfjAexECrBhlyhyQIVAI+1
>>> > CU2hfXqiLDuIPKruy17wrzyVAoGAB7qCoD8vJPq4jMZ77Scv4dfWgz6F+LMImcl8
>>> > QOIh+3f3JhJvR9f+hw1MGsg3l/z57GlfgXkqt420vTPI6OghELv/hauFNSExCKqv
>>> > kJW+J7Hyoa0sGuf7Ihy9vC6PJnoNkopqqecwpAUUpvKahcZ1uvNnGfRDc5SGmuzn
>>> > ZhKHy5ICgYBv94YBWdxGXWwcUKAmJrC+u3Xdnb8t1RY0RcrbKYqQe5Eekza4gh8B
>>> > iGdLMBdX3CZlXINJRhsK0UU7E+edEIk+aCtAnFE2+S4zPqtpFGOLIjOQ+i2W5XZv
>>> > MOHoxrse7qNvstZRc0BMaEKuKd9DW4wy9JMMZC7xChF8590rCaWA5gIURVR0jghL
>>> > lZpwVaJtN6Yo7kUe9S8=
>>> > -----END DSA PRIVATE KEY-----
>>> >
>>> > Is this a format that camel-ftp recognises? Can anyone suggest how to
>>> create
>>> > a key pair that camel-ftp will recognise. I can then try to see if
>>> Serv-U
>>> > also supports that?
>>> >
>>> > To verify that Serv-U works, I tried connecting with Filezilla client.
>>> It
>>> > converted the private key to Putty format but then it worked.
>>> >
>>> > Could it have anything to do with US export limitations? Is the key to
>>> long?
>>> >
>>> > /Bengt
>>> >
>>>
>>>
>>>
>>> --
>>> Claus Ibsen
>>> Apache Camel Committer
>>>
>>> Author of Camel in Action: http://www.manning.com/ibsen/
>>> Open Source Integration: http://fusesource.com
>>> Blog: http://davsclaus.blogspot.com/
>>> Twitter: http://twitter.com/davsclaus
>>>
>>
>>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message