camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Stiborský <martin.stibor...@gmail.com>
Subject Re: camel-ssh - SSH keys authentication
Date Fri, 15 Feb 2013 08:01:03 GMT
One more weird thing, from the log file:

2013-02-15 08:58:22,582 | INFO  | NioProcessor-21  | ClientSessionImpl
           | 24 - org.apache.sshd.core - 0.8.0 | Session
null@my-git.server.com/10.xx.xx.xx:22 closed

The "null"…I assume there should be username :)


On Fri, Feb 15, 2013 at 8:40 AM, Martin Stiborský <
martin.stiborsky@gmail.com> wrote:

> So, maybe the problem is really in the camel-ssh component, because, it's
> possible to get the key from resources, like that:
>
>         from("cxfrs:bean:gitServer")
>                 .routeId("GitRoutes")
>                 .choice()
>
> .when(header(CxfConstants.OPERATION_NAME).isEqualTo("getRepositories"))
>                 .setBody(constant("info"))
>                 .process(new Processor() {
>                     @Override
>                     public void process(Exchange exchange) throws
> Exception {
>                         InputStream is =
> getClass().getResourceAsStream("/gitkeys/mykey.pem");
>                         String myString = IOUtils.toString(is, "UTF-8");
>
>                         exchange.getOut().setBody(myString);
>                     }
>                 });
>
> So, no OSGi trouble here I guess…
>
>
> On Thu, Feb 14, 2013 at 9:06 PM, Martin Stiborský <
> martin.stiborsky@gmail.com> wrote:
>
>> Ok, so camel-ssh needs some love, to make it better…ok.
>> But without modifications in camel-ssh, I'm just not able to use it with
>> my SSH key, I tried like all possible combinations now.
>>
>>         SshComponent sshGitComponent = new SshComponent();
>>         sshGitComponent.setHost("localhost");
>>         sshGitComponent.setPort(22);
>>         sshGitComponent.setUsername("git");
>>         sshGitComponent.setKeyPairProvider(new FileKeyPairProvider(new
>> String[]{"gitkeys/mykey.pem"}));
>>         sshGitComponent.setKeyType(KeyPairProvider.SSH_RSA);
>>
>>         getContext().removeComponent("ssh");
>>         getContext().addComponent("ssh", sshGitComponent);
>>
>>         from("cxfrs:bean:gitServer")
>>                 .routeId("GitRoutes")
>>                 .choice()
>>
>> .when(header(CxfConstants.OPERATION_NAME).isEqualTo("getRepositories"))
>>                     .setBody(constant("info"))
>>                     .to("ssh:git@localhost");
>>
>> Why the removeComponent and the addComponent? I'd like to add new
>> instance of SshComponent, under different id, but when I do that,
>> Camel stucks on start, trying to find this new component…so I'm doing
>> something wrong there probably…
>>
>> In src/main/resources/gitkeys/mykey.pem is the key…but as I said, it
>> doesn't work for me, or I missed the correct combination…I tried also
>> classpath and file prefix, but no luck.
>>
>> The unit test works fine…problem is in the OSGi I guess…some classpath
>> issue? I don't know, I have quite a headache from this already, need a
>> break.
>>
>>
>> On Thu, Feb 14, 2013 at 3:13 PM, Claus Ibsen <claus.ibsen@gmail.com>wrote:
>>
>>> On Thu, Feb 14, 2013 at 2:57 PM, Martin Stiborský
>>> <martin.stiborsky@gmail.com> wrote:
>>> > Still one problem…the unit test was fine, but now in OSGi environment,
>>> > there are more troubles…
>>> > Is there some trick how to get resource from a bundle? I can't get a
>>> > reference to the key file stored in src/main/resources :(
>>> >
>>>
>>> I guess maybe camel-ssh should load the cert file like we do in other
>>> components using ResourceHelper.
>>> Then we can load from classpath (osgi and the rest of the world), files
>>> etc.
>>>
>>> eg prefix with classpath: or file:
>>>
>>>
>>> >
>>> > On Thu, Feb 14, 2013 at 12:25 PM, Martin Stiborský <
>>> > martin.stiborsky@gmail.com> wrote:
>>> >
>>> >> I can try help there as well. I was looking for a chance to make my
>>> "first
>>> >> camel commit" anyway :)
>>> >>
>>> >>
>>> >> On Thu, Feb 14, 2013 at 12:00 PM, Scott Cranton <scott@cranton.com>
>>> wrote:
>>> >>
>>> >>> Glad you figured it out. Yeah, the camel-ssh page does need some
>>> >>> attention. Thanks for the feedback, and I look forward to seeing
your
>>> >>> suggested updates to the doc.
>>> >>>
>>> >>> The certFilename is just a shorthand for creating a
>>> >>> FileKeyPairProvider, which is identical to what the
>>> >>> SshComponentSecurityTest is doing
>>> >>>
>>> >>>     sshComponent.setKeyPairProvider(new FileKeyPairProvider(new
>>> >>> String[]{"src/test/resources/hostkey.pem"}));
>>> >>>
>>> >>> but I see in the tests, I'm using the same resource for both producer
>>> >>> and consumer, so to your point about when public key, when private,
I
>>> >>> should check that, update the tests, and most importantly update
the
>>> >>> docs as it isn't clear...
>>> >>>
>>> >>> Thanks,
>>> >>> Scott
>>> >>>
>>> >>>
>>> >>>
>>> >>> On Thu, Feb 14, 2013 at 5:48 AM, Martin Stiborský
>>> >>> <martin.stiborsky@gmail.com> wrote:
>>> >>> > As usually, problem solved few minutes after I posted this
"call
>>> for
>>> >>> help
>>> >>> > message".
>>> >>> > Really there was a problem with loading the private key from
>>> resources.
>>> >>> >
>>> >>> > Now it works...my next message will be about updating the camel-ssh
>>> >>> wiki :)
>>> >>> >
>>> >>> >
>>> >>> > On Thu, Feb 14, 2013 at 10:37 AM, Martin Stiborský <
>>> >>> > martin.stiborsky@gmail.com> wrote:
>>> >>> >
>>> >>> >> Hello guys,
>>> >>> >> I need to use camel-ssh in my route, also, I need authentication
>>> with
>>> >>> SSH
>>> >>> >> keys to the remote server.
>>> >>> >> I can't figure out how to configure the SSH producer in
Camel.
>>> >>> >>
>>> >>> >> Now I started digging in camel-ssh source codes, but that
is a
>>> long
>>> >>> trip
>>> >>> >> for me right now :(
>>> >>> >>
>>> >>> >> First of all, I'm not sure, what is difference between
>>> "certFilename"
>>> >>> and
>>> >>> >> "keyPairProvider" options for the ssh endpoint?
>>> >>> >>
>>> >>> >> Then, the private key have to be provided for the ssh endpoint,
>>> right?
>>> >>> The
>>> >>> >> public key is configured on the remote server account...
>>> >>> >> Also, in which format the SSH private key should be? PEM?
>>> >>> >> Like this?
>>> >>> >>
>>> >>> >> openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem
>>> >>> >>
>>> >>> >> I guess so, because it's like this here:
>>> >>> >>
>>> >>>
>>> https://github.com/apache/camel/blob/trunk/components/camel-ssh/src/test/resources/hostkey.pem
>>> >>> >>
>>> >>> >> I'm not even sure if the key is loaded properly in the
Java code
>>> from
>>> >>> >> resources directory, because the exception I see there
is:
>>> >>> >>
>>> >>> >> ==========
>>> >>> >> Caused by: java.io.IOException: Error performing public
key
>>> >>> authentication
>>> >>> >> at
>>> >>> >>
>>> >>>
>>> org.apache.sshd.client.auth.UserAuthPublicKey.<init>(UserAuthPublicKey.java:86)
>>> >>> >>  at
>>> >>> >>
>>> >>>
>>> org.apache.sshd.client.session.ClientSessionImpl.authPublicKey(ClientSessionImpl.java:146)
>>> >>> >> at
>>> >>> >>
>>> >>>
>>> org.apache.camel.component.ssh.SshEndpoint.sendExecCommand(SshEndpoint.java:113)
>>> >>> >>  at
>>> >>> >>
>>> org.apache.camel.component.ssh.SshProducer.process(SshProducer.java:38)
>>> >>> >> ... 72 more
>>> >>> >> Caused by: java.lang.NullPointerException
>>> >>> >>  at
>>> >>> >>
>>> >>>
>>> org.apache.sshd.client.auth.UserAuthPublicKey.<init>(UserAuthPublicKey.java:59)
>>> >>> >> ... 75 more
>>> >>> >> ==========
>>> >>> >>
>>> >>> >> Note the NullPointerException ...
>>> >>> >>
>>> >>> >> But I tried to follow this (
>>> >>> >>
>>> >>>
>>> https://github.com/apache/camel/blob/trunk/components/camel-ssh/src/test/java/org/apache/camel/component/ssh/SshComponentSecurityTest.java
>>> )
>>> >>> test,
>>> >>> >> so I guess it should work...
>>> >>> >>
>>> >>> >> Could you give me at least some hint?
>>> >>> >> I promise I'll extend Camel wiki related to this topic
definitely
>>> :P
>>> >>> >>
>>> >>> >> --
>>> >>> >> S pozdravem / Best regards
>>> >>> >> Martin Stiborský
>>> >>> >>
>>> >>> >> Jabber: stibi@njs.netlab.cz
>>> >>> >> Twitter: http://www.twitter.com/stibi
>>> >>> >>
>>> >>> >
>>> >>> >
>>> >>> >
>>> >>> > --
>>> >>> > S pozdravem / Best regards
>>> >>> > Martin Stiborský
>>> >>> >
>>> >>> > Jabber: stibi@njs.netlab.cz
>>> >>> > Twitter: http://www.twitter.com/stibi
>>> >>>
>>> >>
>>> >>
>>> >>
>>> >> --
>>> >> S pozdravem / Best regards
>>> >> Martin Stiborský
>>> >>
>>> >> Jabber: stibi@njs.netlab.cz
>>> >> Twitter: http://www.twitter.com/stibi
>>> >>
>>> >
>>> >
>>> >
>>> > --
>>> > S pozdravem / Best regards
>>> > Martin Stiborský
>>> >
>>> > Jabber: stibi@njs.netlab.cz
>>> > Twitter: http://www.twitter.com/stibi
>>>
>>>
>>>
>>> --
>>> Claus Ibsen
>>> -----------------
>>> Red Hat, Inc.
>>> FuseSource is now part of Red Hat
>>> Email: cibsen@redhat.com
>>> Web: http://fusesource.com
>>> Twitter: davsclaus
>>> Blog: http://davsclaus.com
>>> Author of Camel in Action: http://www.manning.com/ibsen
>>>
>>
>>
>>
>> --
>> S pozdravem / Best regards
>> Martin Stiborský
>>
>> Jabber: stibi@njs.netlab.cz
>> Twitter: http://www.twitter.com/stibi
>>
>
>
>
> --
> S pozdravem / Best regards
> Martin Stiborský
>
> Jabber: stibi@njs.netlab.cz
> Twitter: http://www.twitter.com/stibi
>



-- 
S pozdravem / Best regards
Martin Stiborský

Jabber: stibi@njs.netlab.cz
Twitter: http://www.twitter.com/stibi

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message