[NIFI-5816] SFTP cannot connect due to JSch limitations - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.8.0
Fix Version/s: 1.10.0
Component/s: Extensions
Labels:
None

Description

Hi,

The JSch library used for SFTP does not support HostKeyAlgorithms=ed25519 whereas it is the current standard. This make SFTP / SSH unusable when dealing with recent openssh config.

On dbeaver project they switched to sshj.

https://github.com/dbeaver/dbeaver/issues/2202

https://community.hortonworks.com/answers/226377/view.html

https://stackoverflow.com/questions/2003419/com-jcraft-jsch-jschexception-unknownhostkey

One more argument against JSch is that it does not support rsa key length other than default (2048).

ssh-keygen -o -t rsa -b 4096 -f id_rsa -> does not work with nifi

ssh-keygen -t rsa -f id_rsa -> works with nifi

Thanks and regards

PS : sorry but I do not know nifi deep enough to fill all fields.

Attachments

Issue Links

causes

NIFI-8711 Support keyboard-interactive authentication for SFTP

Resolved

fixes

NIFI-1415 FetchSFTP should not require password or private key passphrase

Resolved

links to

GitHub Pull Request #3726

Activity

People

Assignee:: Bryan Bende

Reporter:: Laurenceau Julien

Votes:: 1 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 12/Nov/18 19:30

Updated:: 16/Jun/21 17:29

Resolved:: 20/Sep/19 02:04

Time Tracking

Estimated:

Not Specified

Remaining:

Logged: