You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@camel.apache.org by "Jonathan Anstey (JIRA)" <ji...@apache.org> on 2008/11/25 18:39:05 UTC

[jira] Commented: (CAMEL-1118) SFTP endpoint does not peform host key verification

    [ https://issues.apache.org/activemq/browse/CAMEL-1118?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=47609#action_47609 ] 

Jonathan Anstey commented on CAMEL-1118:
----------------------------------------

Sending        camel-ftp/src/main/java/org/apache/camel/component/file/remote/RemoteFileConfiguration.java
Sending        camel-ftp/src/main/java/org/apache/camel/component/file/remote/SftpEndpoint.java
Sending        camel-ftp/src/test/java/org/apache/camel/component/file/remote/UriConfigurationTest.java
Transmitting file data ...
Committed revision 720547.

Also should mention that Dave Stanley came up with the fix for this. Many thanks Dave!

> SFTP endpoint does not peform host key verification
> ---------------------------------------------------
>
>                 Key: CAMEL-1118
>                 URL: https://issues.apache.org/activemq/browse/CAMEL-1118
>             Project: Apache Camel
>          Issue Type: Bug
>    Affects Versions: 1.5.0
>            Reporter: Jonathan Anstey
>            Assignee: Jonathan Anstey
>             Fix For: 1.5.1, 2.0.0
>
>
> Camel does allow users to configure JSch with a known_hosts file. This makes the users vulnerable to man in the middle type attacks.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.