[
https://issues.apache.org/jira/browse/NIFI-1956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oleg Zhurakousky updated NIFI-1956:
-----------------------------------
Description:
With RFC-4256 some SSH servers may no longer support or enable "password" as a
valid authentication option in favor of "keyboard-interactive".
This results in
{code}
Exception in thread "main" com.jcraft.jsch.JSchException: Auth fail
{code}
And even though the spec discusses the authentication mechanism where user will
be prompted for a password, JSch provides an authentication provider which
handles such prompt behind the scenes as long as user sets password in a
session.
Belo code shows how to reproduce the issue (at least in osx):
{code}
public static void main(String[] args) throws Exception {
JSch jsch = new JSch();
Session session = jsch.getSession("<user>", "localhost", 22);
session.setPassword("<password>");
Properties properties = new Properties();
properties.setProperty("StrictHostKeyChecking", "no");
//properties.setProperty("PreferredAuthentications",
"publickey,password,keyboard-interactive");
properties.setProperty("PreferredAuthentications",
"publickey,password");
session.setConfig(properties);
session.connect();
System.out.println("connected");
}
{code}
was:
With RFC-4256 some SSH servers may no longer support or enable "password" as a
valid authentication option in favor of "keyboard-interactive".
This results in
{code}
Exception in thread "main" com.jcraft.jsch.JSchException: Auth fail
{code}
And even though the spec discusses the authentication mechanism where user will
be prompted for a password, JSch provides an authentication provider which
handles such prompt behind the scenes as long as user sets password in a
session.
Belo code shows how to reproduce the issue (at least in osx):
{code}
public static void main(String[] args) throws Exception {
JSch jsch = new JSch();
Session session = jsch.getSession("<user>", "localhost", 22);
session.setPassword("<password>");
Properties properties = new Properties();
properties.setProperty("StrictHostKeyChecking", "no");
//properties.setProperty("PreferredAuthentications",
"publickey,password,keyboard-interactive");
properties.setProperty("PreferredAuthentications",
"publickey,password");
session.setConfig(properties);
session.connect();
System.out.println("connected");
}
> Add "keyboard-interactive" option to SFTPTransfer
> -------------------------------------------------
>
> Key: NIFI-1956
> URL: https://issues.apache.org/jira/browse/NIFI-1956
> Project: Apache NiFi
> Issue Type: Improvement
> Affects Versions: 1.0.0, 0.7.0
> Reporter: Oleg Zhurakousky
> Assignee: Oleg Zhurakousky
>
> With RFC-4256 some SSH servers may no longer support or enable "password" as
> a valid authentication option in favor of "keyboard-interactive".
> This results in
> {code}
> Exception in thread "main" com.jcraft.jsch.JSchException: Auth fail
> {code}
> And even though the spec discusses the authentication mechanism where user
> will be prompted for a password, JSch provides an authentication provider
> which handles such prompt behind the scenes as long as user sets password in
> a session.
> Belo code shows how to reproduce the issue (at least in osx):
> {code}
> public static void main(String[] args) throws Exception {
> JSch jsch = new JSch();
> Session session = jsch.getSession("<user>", "localhost", 22);
> session.setPassword("<password>");
> Properties properties = new Properties();
> properties.setProperty("StrictHostKeyChecking", "no");
> //properties.setProperty("PreferredAuthentications",
> "publickey,password,keyboard-interactive");
> properties.setProperty("PreferredAuthentications",
> "publickey,password");
> session.setConfig(properties);
> session.connect();
> System.out.println("connected");
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
