[jira] [Commented] (VFS-283) SFTP can not use private keys protected by pass phrase

Sat, 20 Oct 2012 18:28:17 -0700 

    [ 
https://issues.apache.org/jira/browse/VFS-283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13480869#comment-13480869
 ] 

Antonio Sanchez commented on VFS-283:
-------------------------------------

The attached patch gives my solution.  I created an SftpIdentityAuthenticator 
interface and object that attempts to "authenticate" a private key if it has 
the ability to.  This way, you can write your own authenticator and add it to 
the FileSystemOptions to be used for certain key files (for example, an 
interactive authenticator might prompt for a passphrase).  It uses the existing 
UserAuthenticationData structure to pass around the password information.

I don't think it makes much sense to add public/private keys to 
UserAuthenticationData, since no other provider uses private keys.

Here is how you might use this:

{code:java}
FileSystemOptions opts = new FileSystemOptions();
File sshKey = new File("private_rsa");
SftpFileSystemConfigBuilder.getInstance().setIdentities(opts, new 
File[]{sshKey});
SftpStaticIdentityAuthenticator keyAuth = new 
SftpStaticIdentityAuthenticator(sshKey, "password");
SftpFileSystemConfigBuilder.getInstance().setIdentityAuthenticators(opts, new 
SftpStaticIdentityAuthenticator[] {keyAuth});
{code}
                
> SFTP can not use private keys protected by pass phrase
> ------------------------------------------------------
>
>                 Key: VFS-283
>                 URL: https://issues.apache.org/jira/browse/VFS-283
>             Project: Commons VFS
>          Issue Type: Improvement
>    Affects Versions: 1.0
>         Environment: Java client running on Windows XP. OpenSSH server 
> running on CentOS Linux.
>            Reporter: Torben Putkonen
>         Attachments: vfs-283.patch, vfspassphrase.patch
>
>
> It is not possible to authenticate an SFTP connection with public key 
> authentication if the private key is protected by a pass phrase.
> There is no code in org.apache.commons.vfs.provider.sftp.SftpClientFactory 
> that deals with pas phrases.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to