camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bengt Rodehav <be...@rodehav.com>
Subject Re: sftp with privateKeyFile using camel-ftp
Date Wed, 23 Jun 2010 06:18:50 GMT
Hi Claus,

Unfortunately I get nothing in the log. If it were the 256 limit I was kind
of expecting some kind of Exception. I've also been "bitten" by it in the
past and normally you get some kind of security related exception. Maybe
it's caught somewhere...

To be sure I'll download the updated policy files and also try a separate
client like you suggest.

Thanks,

/Bengt

2010/6/23 Claus Ibsen <claus.ibsen@gmail.com>

> Hi
>
> The key length restriction have bitten me in the past. You had to
> download a special extension and override some files in the JRE to be
> able to use longer keys. I think the restriction was very low at the
> time, like 256 or so.
>
> Since its JCraft that does the SFTP stuff you may have to google a bit
> and try reading some of their documentation how to do this. Maybe
> there is some help there.
>
> And I assume you dont get any errors or the likes in the log / console?
> And have you tried outside OSGi, eg from a plain unit test also?
>
>
>
> On Tue, Jun 22, 2010 at 11:08 PM, Bengt Rodehav <bengt@rodehav.com> wrote:
> > I'm trying to get sftp private key authentication to work with sftp with
> no
> > luck. I have a route similar to the following:
> >
> > from("file:datadir").to("sftp://user@localhost
> > /datadir?password=password&privateKeyFile=user.key");
> >
> > The sftp server is Serv-U. I generate key pairs using Serv-U. The public
> key
> > is used by Serv-U while camel-ftp is configured with the private key.
> Camel
> > manages to connect to Serv-U but never to log in. The key type is DSA and
> > the key length is 1024. The private key looks lilke this:
> >
> > -----BEGIN DSA PRIVATE KEY-----
> > MIIBugIBAAKBgQCR+zLyBwj0gcvNh6xmauvc2YdYYEjjoXdIUpzb01zmwFzqia9q
> > nWCTL5t3iwqgBrZIxOa75M322OsG99+7JsBn1YaTxDJ4hSnX0dyheS620HsMFbP1
> > 27LjYFX2mee8jeZN8GIUAdPLDHPkvGnlGfFFvj8f/IKfjAexECrBhlyhyQIVAI+1
> > CU2hfXqiLDuIPKruy17wrzyVAoGAB7qCoD8vJPq4jMZ77Scv4dfWgz6F+LMImcl8
> > QOIh+3f3JhJvR9f+hw1MGsg3l/z57GlfgXkqt420vTPI6OghELv/hauFNSExCKqv
> > kJW+J7Hyoa0sGuf7Ihy9vC6PJnoNkopqqecwpAUUpvKahcZ1uvNnGfRDc5SGmuzn
> > ZhKHy5ICgYBv94YBWdxGXWwcUKAmJrC+u3Xdnb8t1RY0RcrbKYqQe5Eekza4gh8B
> > iGdLMBdX3CZlXINJRhsK0UU7E+edEIk+aCtAnFE2+S4zPqtpFGOLIjOQ+i2W5XZv
> > MOHoxrse7qNvstZRc0BMaEKuKd9DW4wy9JMMZC7xChF8590rCaWA5gIURVR0jghL
> > lZpwVaJtN6Yo7kUe9S8=
> > -----END DSA PRIVATE KEY-----
> >
> > Is this a format that camel-ftp recognises? Can anyone suggest how to
> create
> > a key pair that camel-ftp will recognise. I can then try to see if Serv-U
> > also supports that?
> >
> > To verify that Serv-U works, I tried connecting with Filezilla client. It
> > converted the private key to Putty format but then it worked.
> >
> > Could it have anything to do with US export limitations? Is the key to
> long?
> >
> > /Bengt
> >
>
>
>
> --
> Claus Ibsen
> Apache Camel Committer
>
> Author of Camel in Action: http://www.manning.com/ibsen/
> Open Source Integration: http://fusesource.com
> Blog: http://davsclaus.blogspot.com/
> Twitter: http://twitter.com/davsclaus
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message