[NIFI-1956] Add "keyboard-interactive" option to SFTPTransfer - ASF JIRA

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.0.0, 0.7.0
Fix Version/s: 1.0.0, 0.7.0, 1.0.0-Beta
Component/s: None
Labels:
None

Description

With RFC-4256 some SSH servers may no longer support or enable "password" as a valid authentication option in favor of "keyboard-interactive".
This results in

Exception in thread "main" com.jcraft.jsch.JSchException: Auth fail

And even though the spec discusses the authentication mechanism where user will be prompted for a password, JSch provides an authentication provider which handles such prompt behind the scenes as long as user sets password in a session.
Belo code shows how to reproduce the issue (at least in osx):

public static void main(String[] args) throws Exception {
        JSch jsch = new JSch();
        Session session = jsch.getSession("<user>", "localhost", 22);
        session.setPassword("<password>");
        Properties properties = new Properties();
        properties.setProperty("StrictHostKeyChecking", "no");
        //properties.setProperty("PreferredAuthentications", "publickey,password,keyboard-interactive");
        properties.setProperty("PreferredAuthentications", "publickey,password");
        session.setConfig(properties);
        session.connect();
        System.out.println("connected");
    }