nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matt Hagenbuch (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (NIFI-5816) SFTP cannot connect due to JSch limitations
Date Tue, 02 Jul 2019 13:49:00 GMT

    [ https://issues.apache.org/jira/browse/NIFI-5816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16876986#comment-16876986
] 

Matt Hagenbuch commented on NIFI-5816:
--------------------------------------

The JSch limitation also applies to the NiFi Registry GitFlowPersistenceProvider.  Basically,
modern OpenSSH keys cannot be used to authenticate with Git servers using this library as discussed
here [https://www.eclipse.org/forums/index.php/t/1095599/]

 

> SFTP cannot connect due to JSch limitations
> -------------------------------------------
>
>                 Key: NIFI-5816
>                 URL: https://issues.apache.org/jira/browse/NIFI-5816
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Extensions
>    Affects Versions: 1.8.0
>            Reporter: Laurenceau Julien
>            Priority: Minor
>
> Hi,
> The JSch library used for SFTP does not support HostKeyAlgorithms=ed25519 whereas it
is the current standard. This make SFTP / SSH unusable when dealing with recent openssh config.
> On dbeaver project they switched to sshj.
> [https://github.com/dbeaver/dbeaver/issues/2202]
> [https://community.hortonworks.com/answers/226377/view.html]
>  https://stackoverflow.com/questions/2003419/com-jcraft-jsch-jschexception-unknownhostkey
> One more argument against JSch is that it does not support rsa key length other than
default (2048).
> ssh-keygen -o -t rsa -b 4096 -f id_rsa -> does not work with nifi
> ssh-keygen -t rsa -f id_rsa -> works with nifi
> Thanks and regards
> JL
> PS : sorry but I do not know nifi deep enough to fill all fields.
>  
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message