[
https://issues.apache.org/jira/browse/VFS-283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13109811#comment-13109811
]
Iqbal Yusuf commented on VFS-283:
---------------------------------
I have a patch or workaround for this bug. I've never committed to ASF so don't
know how to submit a patch. Here is the code snippet that will solve this
problem.
I'm going to use and Java system environment variable named
"vfs.sftp.ssh.privatekeyfile.passphrase".
You will need to set it to the passphrase of your ssh private key file.
I'm pasting re-written code here from package
"org.apache.commons.vfs2.provider.sftp" for class named "SftpClientFactory"
Here is the changed code inside method named "SftpClientFactory()" around line
number 100
if (identities != null)
{
for (int iterIdentities = 0; iterIdentities < identities.length;
iterIdentities++)
{
final File privateKeyFile = identities[iterIdentities];
try
{
//iyusuf
String passPhrase;
passPhrase =
System.getProperty("vfs.sftp.ssh.privatekeyfile.passphrase");
if (passPhrase != null){
jsch.addIdentity(privateKeyFile.getAbsolutePath(),passPhrase);
}else {
jsch.addIdentity(privateKeyFile.getAbsolutePath());
}
}
catch (final JSchException e)
{
throw new
FileSystemException("vfs.provider.sftp/load-private-key.error", privateKeyFile,
e);
}
}
}
else
{
if (sshDir == null)
{
sshDir = findSshDir();
}
// Load the private key (rsa-key only)
final File privateKeyFile = new File(sshDir, "id_rsa");
if (privateKeyFile.isFile() && privateKeyFile.canRead())
{
try
{
//iyusuf
String passPhrase;
passPhrase =
System.getProperty("vfs.sftp.ssh.privatekeyfile.passphrase");
if (passPhrase != null){
jsch.addIdentity(privateKeyFile.getAbsolutePath(),passPhrase);
}else {
jsch.addIdentity(privateKeyFile.getAbsolutePath());
}
}
catch (final JSchException e)
{
throw new
FileSystemException("vfs.provider.sftp/load-private-key.error", privateKeyFile,
e);
}
}
}
> SFTP can not use private keys protected by pass phrase
> ------------------------------------------------------
>
> Key: VFS-283
> URL: https://issues.apache.org/jira/browse/VFS-283
> Project: Commons VFS
> Issue Type: Improvement
> Affects Versions: 1.0
> Environment: Java client running on Windows XP. OpenSSH server
> running on CentOS Linux.
> Reporter: Torben Putkonen
>
> It is not possible to authenticate an SFTP connection with public key
> authentication if the private key is protected by a pass phrase.
> There is no code in org.apache.commons.vfs.provider.sftp.SftpClientFactory
> that deals with pas phrases.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
