[
https://issues.apache.org/jira/browse/NIFI-1956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15317051#comment-15317051
]
Oleg Zhurakousky commented on NIFI-1956:
----------------------------------------
[~mosermw] Yes, that is the idea. Just to elaborate on it a little more; Most
SSH servers do support "keyboard-interactive". That is what allows us to login
using userid and prompted for a password. The actual "password" authentication
method means (if I understand it correctly) the ability to provide password
right away. I am assuming something like this _ssh user:password@host_. That
would imply the password would go out in clear text. The
"keyboard-authentication" will actually prompt you for a password and that is
what RFC-4256 is all about and most SSH servers support it, otherwise we
wouldn't be able to connect to it using password. That said, to avoid being
prompted JSch provides the the authentication provider implementation which
will intercept the prompt and will use password provided via properties
essentially accomplishing the same thing as "password" method.
> Add "keyboard-interactive" option to SFTPTransfer
> -------------------------------------------------
>
> Key: NIFI-1956
> URL: https://issues.apache.org/jira/browse/NIFI-1956
> Project: Apache NiFi
> Issue Type: Improvement
> Affects Versions: 1.0.0, 0.7.0
> Reporter: Oleg Zhurakousky
> Assignee: Oleg Zhurakousky
> Fix For: 1.0.0, 0.7.0
>
>
> With RFC-4256 some SSH servers may no longer support or enable "password" as
> a valid authentication option in favor of "keyboard-interactive".
> This results in
> {code}
> Exception in thread "main" com.jcraft.jsch.JSchException: Auth fail
> {code}
> And even though the spec discusses the authentication mechanism where user
> will be prompted for a password, JSch provides an authentication provider
> which handles such prompt behind the scenes as long as user sets password in
> a session.
> Belo code shows how to reproduce the issue (at least in osx):
> {code}
> public static void main(String[] args) throws Exception {
> JSch jsch = new JSch();
> Session session = jsch.getSession("<user>", "localhost", 22);
> session.setPassword("<password>");
> Properties properties = new Properties();
> properties.setProperty("StrictHostKeyChecking", "no");
> //properties.setProperty("PreferredAuthentications",
> "publickey,password,keyboard-interactive");
> properties.setProperty("PreferredAuthentications",
> "publickey,password");
> session.setConfig(properties);
> session.connect();
> System.out.println("connected");
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
