Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-5816

SFTP cannot connect due to JSch limitations

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 1.8.0
    • 1.10.0
    • Extensions
    • None

    Description

      Hi,

      The JSch library used for SFTP does not support HostKeyAlgorithms=ed25519 whereas it is the current standard. This make SFTP / SSH unusable when dealing with recent openssh config.

      On dbeaver project they switched to sshj.

      https://github.com/dbeaver/dbeaver/issues/2202

      https://community.hortonworks.com/answers/226377/view.html

       https://stackoverflow.com/questions/2003419/com-jcraft-jsch-jschexception-unknownhostkey

      One more argument against JSch is that it does not support rsa key length other than default (2048).

      ssh-keygen -o -t rsa -b 4096 -f id_rsa -> does not work with nifi

      ssh-keygen -t rsa -f id_rsa -> works with nifi

      Thanks and regards

      JL

      PS : sorry but I do not know nifi deep enough to fill all fields.

       

       

      Attachments

        Issue Links

          Activity

            People

              bbende Bryan Bende
              julienlau Laurenceau Julien
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h
                  1h