nifi-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Moser (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (NIFI-1956) Add "keyboard-interactive" option to SFTPTransfer
Date Mon, 06 Jun 2016 19:13:21 GMT

    [ https://issues.apache.org/jira/browse/NIFI-1956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15317028#comment-15317028
] 

Michael Moser commented on NIFI-1956:
-------------------------------------

For what it's worth, I tested this change against an SSH server that worked with the old code
and it continues to work with the new code.  I intended to run another test with an SSH server
whose /etc/ssh/sshd_config had "PasswordAuthentication no" set, but didn't get sysadmin help
to set this up yet.  This caused the old code to fail, and I assume the new code will work
in this scenario.

> Add "keyboard-interactive" option to SFTPTransfer
> -------------------------------------------------
>
>                 Key: NIFI-1956
>                 URL: https://issues.apache.org/jira/browse/NIFI-1956
>             Project: Apache NiFi
>          Issue Type: Improvement
>    Affects Versions: 1.0.0, 0.7.0
>            Reporter: Oleg Zhurakousky
>            Assignee: Oleg Zhurakousky
>             Fix For: 1.0.0, 0.7.0
>
>
> With RFC-4256 some SSH servers may no longer support or enable "password" as a valid
authentication option in favor of "keyboard-interactive". 
> This results in 
> {code}
> Exception in thread "main" com.jcraft.jsch.JSchException: Auth fail
> {code}
> And even though the spec discusses the authentication mechanism where user will be prompted
for a password, JSch provides an authentication provider which handles such prompt behind
the scenes as long as user sets password in a session.
> Belo code shows how to reproduce the issue (at least in osx):
> {code}
> public static void main(String[] args) throws Exception {
>         JSch jsch = new JSch();
>         Session session = jsch.getSession("<user>", "localhost", 22);
>         session.setPassword("<password>");
>         Properties properties = new Properties();
>         properties.setProperty("StrictHostKeyChecking", "no");
>         //properties.setProperty("PreferredAuthentications", "publickey,password,keyboard-interactive");
>         properties.setProperty("PreferredAuthentications", "publickey,password");
>         session.setConfig(properties);
>         session.connect();
>         System.out.println("connected");
>     }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message