You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@camel.apache.org by Martin Stiborský <ma...@gmail.com> on 2013/02/14 10:37:30 UTC

camel-ssh - SSH keys authentication

Hello guys,
I need to use camel-ssh in my route, also, I need authentication with SSH
keys to the remote server.
I can't figure out how to configure the SSH producer in Camel.

Now I started digging in camel-ssh source codes, but that is a long trip
for me right now :(

First of all, I'm not sure, what is difference between "certFilename" and
"keyPairProvider" options for the ssh endpoint?

Then, the private key have to be provided for the ssh endpoint, right? The
public key is configured on the remote server account...
Also, in which format the SSH private key should be? PEM?
Like this?

openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem

I guess so, because it's like this here:
https://github.com/apache/camel/blob/trunk/components/camel-ssh/src/test/resources/hostkey.pem

I'm not even sure if the key is loaded properly in the Java code from
resources directory, because the exception I see there is:

==========
Caused by: java.io.IOException: Error performing public key authentication
at
org.apache.sshd.client.auth.UserAuthPublicKey.<init>(UserAuthPublicKey.java:86)
at
org.apache.sshd.client.session.ClientSessionImpl.authPublicKey(ClientSessionImpl.java:146)
at
org.apache.camel.component.ssh.SshEndpoint.sendExecCommand(SshEndpoint.java:113)
at org.apache.camel.component.ssh.SshProducer.process(SshProducer.java:38)
... 72 more
Caused by: java.lang.NullPointerException
at
org.apache.sshd.client.auth.UserAuthPublicKey.<init>(UserAuthPublicKey.java:59)
... 75 more
==========

Note the NullPointerException ...

But I tried to follow this (
https://github.com/apache/camel/blob/trunk/components/camel-ssh/src/test/java/org/apache/camel/component/ssh/SshComponentSecurityTest.java)
test,
so I guess it should work...

Could you give me at least some hint?
I promise I'll extend Camel wiki related to this topic definitely :P

-- 
S pozdravem / Best regards
Martin Stiborský

Jabber: stibi@njs.netlab.cz
Twitter: http://www.twitter.com/stibi

Re: camel-ssh - SSH keys authentication

Posted by Scott Cranton <sc...@cranton.com>.

Claus,

Thanks for the nudge.

Are you thinking if we took something like the existing certFilename
option, which internally uses a FileKeyPairProvider, and created a new
option say certificatePath and used the ResourceHelper and
ResourceKeyPairProvider internally that would make it simpler for the
majority case where people want provide their own key pair provider?

Makes sense for me...

Scott

On Sat, Mar 2, 2013 at 12:46 PM, Claus Ibsen <cl...@gmail.com> wrote:
> Hi
>
> I logged a ticket to make this easier out of the box
> https://issues.apache.org/jira/browse/CAMEL-6120
>
> On Fri, Feb 15, 2013 at 9:33 PM, Scott Cranton <sc...@cranton.com> wrote:
>> I've created an example showing camel-ssh deployed in Karaf using
>> classpath and file based public key security.
>>
>> https://github.com/scranton/example-security-camel-ssh
>>
>> I'll try to clean it up shortly, and submit to camel either updating
>> existing camel-ssh example, or adding as a new example...
>>
>> Then look to update the doc...
>>
>> On Fri, Feb 15, 2013 at 6:53 AM, Scott Cranton <sc...@cranton.com> wrote:
>>> Excellent! thanks for the QA ;-)
>>>
>>> The camel-ssh doc clearly needs help, so any thoughts you have on how
>>> to update based on your recent experience would be most appreciated...
>>>
>>> On Fri, Feb 15, 2013 at 6:48 AM, Martin Stiborský
>>> <ma...@gmail.com> wrote:
>>>> Woohoo, victory, thanks for the hint, Scott. ClassLoader was the magical
>>>> thing.
>>>>
>>>> ResourceKeyPairProvider keyPairProvider = new ResourceKeyPairProvider(
>>>>                 new String[]{pathToTheKey}, null,
>>>> this.getClass().getClassLoader());
>>>>
>>>> And camel-crypto, as new dependency, because org.bouncycastle.openssl ...
>>>>
>>>> Thanks a lot guys.
>>>>
>>>>
>>>> On Fri, Feb 15, 2013 at 11:34 AM, Scott Cranton <sc...@cranton.com> wrote:
>>>>
>>>>> Have you tried setting the keyPairProvider to an instance of
>>>>> org.apache.sshd.common.keyprovider.ResourceKeyPairProvider? That
>>>>> should work better in OSGi, though I haven't tried it recently...
>>>>>
>>>>> Re mulitple ids: you can add multiple component instances with
>>>>> different ids (e.g. sshGit) and reference them from Camel by those
>>>>> ids.
>>>>>
>>>>> addComponent("sshGit", sshGitComponent)
>>>>>
>>>>> .to("sshGit:git@localhost)
>>>>>
>>>>> On Fri, Feb 15, 2013 at 4:26 AM, Martin Stiborský
>>>>> <ma...@gmail.com> wrote:
>>>>> > Often I found solution for a problem in few minutes after posting to
>>>>> > mailing list, so let's try the luck now :)
>>>>> >
>>>>> > Currently I'm digging in the camel-ssh, because definitely there is
>>>>> problem
>>>>> > with referencing the key file from resources.
>>>>> > The very first thing I should do was enabling debug for camel-ssh
>>>>> component
>>>>> > (surprise surprise...), because this:
>>>>> >
>>>>> > 2013-02-15 10:21:46,261 | INFO  | qtp724367630-92  | FileKeyPairProvider
>>>>> >            | 24 - org.apache.sshd.core - 0.8.0 | Unable to read key
>>>>> > /gitkeys/mykey.pem: java.io.FileNotFoundException: /gitkeys/mykey.pem (No
>>>>> > such file or directory)
>>>>> >
>>>>> > I'll follow advice from Claus Ibsen and check ResourceHelper and how it
>>>>> > could be used in camel-ssh...
>>>>> >
>>>>> >
>>>>> > On Fri, Feb 15, 2013 at 9:01 AM, Martin Stiborský <
>>>>> > martin.stiborsky@gmail.com> wrote:
>>>>> >
>>>>> >> One more weird thing, from the log file:
>>>>> >>
>>>>> >> 2013-02-15 08:58:22,582 | INFO  | NioProcessor-21  | ClientSessionImpl
>>>>> >>            | 24 - org.apache.sshd.core - 0.8.0 | Session
>>>>> >> null@my-git.server.com/10.xx.xx.xx:22 closed
>>>>> >>
>>>>> >> The "null"…I assume there should be username :)
>>>>> >>
>>>>> >>
>>>>> >> On Fri, Feb 15, 2013 at 8:40 AM, Martin Stiborský <
>>>>> >> martin.stiborsky@gmail.com> wrote:
>>>>> >>
>>>>> >>> So, maybe the problem is really in the camel-ssh component, because,
>>>>> it's
>>>>> >>> possible to get the key from resources, like that:
>>>>> >>>
>>>>> >>>         from("cxfrs:bean:gitServer")
>>>>> >>>                 .routeId("GitRoutes")
>>>>> >>>                 .choice()
>>>>> >>>
>>>>> >>> .when(header(CxfConstants.OPERATION_NAME).isEqualTo("getRepositories"))
>>>>> >>>                 .setBody(constant("info"))
>>>>> >>>                 .process(new Processor() {
>>>>> >>>                     @Override
>>>>> >>>                     public void process(Exchange exchange) throws
>>>>> >>> Exception {
>>>>> >>>                         InputStream is =
>>>>> >>> getClass().getResourceAsStream("/gitkeys/mykey.pem");
>>>>> >>>                         String myString = IOUtils.toString(is,
>>>>> "UTF-8");
>>>>> >>>
>>>>> >>>                         exchange.getOut().setBody(myString);
>>>>> >>>                     }
>>>>> >>>                 });
>>>>> >>>
>>>>> >>> So, no OSGi trouble here I guess…
>>>>> >>>
>>>>> >>>
>>>>> >>> On Thu, Feb 14, 2013 at 9:06 PM, Martin Stiborský <
>>>>> >>> martin.stiborsky@gmail.com> wrote:
>>>>> >>>
>>>>> >>>> Ok, so camel-ssh needs some love, to make it better…ok.
>>>>> >>>> But without modifications in camel-ssh, I'm just not able to use it
>>>>> with
>>>>> >>>> my SSH key, I tried like all possible combinations now.
>>>>> >>>>
>>>>> >>>>         SshComponent sshGitComponent = new SshComponent();
>>>>> >>>>         sshGitComponent.setHost("localhost");
>>>>> >>>>         sshGitComponent.setPort(22);
>>>>> >>>>         sshGitComponent.setUsername("git");
>>>>> >>>>         sshGitComponent.setKeyPairProvider(new FileKeyPairProvider(new
>>>>> >>>> String[]{"gitkeys/mykey.pem"}));
>>>>> >>>>         sshGitComponent.setKeyType(KeyPairProvider.SSH_RSA);
>>>>> >>>>
>>>>> >>>>         getContext().removeComponent("ssh");
>>>>> >>>>         getContext().addComponent("ssh", sshGitComponent);
>>>>> >>>>
>>>>> >>>>         from("cxfrs:bean:gitServer")
>>>>> >>>>                 .routeId("GitRoutes")
>>>>> >>>>                 .choice()
>>>>> >>>>
>>>>> >>>>
>>>>> .when(header(CxfConstants.OPERATION_NAME).isEqualTo("getRepositories"))
>>>>> >>>>                     .setBody(constant("info"))
>>>>> >>>>                     .to("ssh:git@localhost");
>>>>> >>>>
>>>>> >>>> Why the removeComponent and the addComponent? I'd like to add new
>>>>> >>>> instance of SshComponent, under different id, but when I do that,
>>>>> >>>> Camel stucks on start, trying to find this new component…so I'm doing
>>>>> >>>> something wrong there probably…
>>>>> >>>>
>>>>> >>>> In src/main/resources/gitkeys/mykey.pem is the key…but as I said, it
>>>>> >>>> doesn't work for me, or I missed the correct combination…I tried also
>>>>> >>>> classpath and file prefix, but no luck.
>>>>> >>>>
>>>>> >>>> The unit test works fine…problem is in the OSGi I guess…some classpath
>>>>> >>>> issue? I don't know, I have quite a headache from this already, need a
>>>>> >>>> break.
>>>>> >>>>
>>>>> >>>>
>>>>> >>>> On Thu, Feb 14, 2013 at 3:13 PM, Claus Ibsen <claus.ibsen@gmail.com
>>>>> >wrote:
>>>>> >>>>
>>>>> >>>>> On Thu, Feb 14, 2013 at 2:57 PM, Martin Stiborský
>>>>> >>>>> <ma...@gmail.com> wrote:
>>>>> >>>>> > Still one problem…the unit test was fine, but now in OSGi
>>>>> environment,
>>>>> >>>>> > there are more troubles…
>>>>> >>>>> > Is there some trick how to get resource from a bundle? I can't get
>>>>> a
>>>>> >>>>> > reference to the key file stored in src/main/resources :(
>>>>> >>>>> >
>>>>> >>>>>
>>>>> >>>>> I guess maybe camel-ssh should load the cert file like we do in other
>>>>> >>>>> components using ResourceHelper.
>>>>> >>>>> Then we can load from classpath (osgi and the rest of the world),
>>>>> files
>>>>> >>>>> etc.
>>>>> >>>>>
>>>>> >>>>> eg prefix with classpath: or file:
>>>>> >>>>>
>>>>> >>>>>
>>>>> >>>>> >
>>>>> >>>>> > On Thu, Feb 14, 2013 at 12:25 PM, Martin Stiborský <
>>>>> >>>>> > martin.stiborsky@gmail.com> wrote:
>>>>> >>>>> >
>>>>> >>>>> >> I can try help there as well. I was looking for a chance to make
>>>>> my
>>>>> >>>>> "first
>>>>> >>>>> >> camel commit" anyway :)
>>>>> >>>>> >>
>>>>> >>>>> >>
>>>>> >>>>> >> On Thu, Feb 14, 2013 at 12:00 PM, Scott Cranton <
>>>>> scott@cranton.com>
>>>>> >>>>> wrote:
>>>>> >>>>> >>
>>>>> >>>>> >>> Glad you figured it out. Yeah, the camel-ssh page does need some
>>>>> >>>>> >>> attention. Thanks for the feedback, and I look forward to seeing
>>>>> >>>>> your
>>>>> >>>>> >>> suggested updates to the doc.
>>>>> >>>>> >>>
>>>>> >>>>> >>> The certFilename is just a shorthand for creating a
>>>>> >>>>> >>> FileKeyPairProvider, which is identical to what the
>>>>> >>>>> >>> SshComponentSecurityTest is doing
>>>>> >>>>> >>>
>>>>> >>>>> >>>     sshComponent.setKeyPairProvider(new FileKeyPairProvider(new
>>>>> >>>>> >>> String[]{"src/test/resources/hostkey.pem"}));
>>>>> >>>>> >>>
>>>>> >>>>> >>> but I see in the tests, I'm using the same resource for both
>>>>> >>>>> producer
>>>>> >>>>> >>> and consumer, so to your point about when public key, when
>>>>> private,
>>>>> >>>>> I
>>>>> >>>>> >>> should check that, update the tests, and most importantly update
>>>>> the
>>>>> >>>>> >>> docs as it isn't clear...
>>>>> >>>>> >>>
>>>>> >>>>> >>> Thanks,
>>>>> >>>>> >>> Scott
>>>>> >>>>> >>>
>>>>> >>>>> >>>
>>>>> >>>>> >>>
>>>>> >>>>> >>> On Thu, Feb 14, 2013 at 5:48 AM, Martin Stiborský
>>>>> >>>>> >>> <ma...@gmail.com> wrote:
>>>>> >>>>> >>> > As usually, problem solved few minutes after I posted this
>>>>> "call
>>>>> >>>>> for
>>>>> >>>>> >>> help
>>>>> >>>>> >>> > message".
>>>>> >>>>> >>> > Really there was a problem with loading the private key from
>>>>> >>>>> resources.
>>>>> >>>>> >>> >
>>>>> >>>>> >>> > Now it works...my next message will be about updating the
>>>>> >>>>> camel-ssh
>>>>> >>>>> >>> wiki :)
>>>>> >>>>> >>> >
>>>>> >>>>> >>> >
>>>>> >>>>> >>> > On Thu, Feb 14, 2013 at 10:37 AM, Martin Stiborský <
>>>>> >>>>> >>> > martin.stiborsky@gmail.com> wrote:
>>>>> >>>>> >>> >
>>>>> >>>>> >>> >> Hello guys,
>>>>> >>>>> >>> >> I need to use camel-ssh in my route, also, I need
>>>>> authentication
>>>>> >>>>> with
>>>>> >>>>> >>> SSH
>>>>> >>>>> >>> >> keys to the remote server.
>>>>> >>>>> >>> >> I can't figure out how to configure the SSH producer in Camel.
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> Now I started digging in camel-ssh source codes, but that is a
>>>>> >>>>> long
>>>>> >>>>> >>> trip
>>>>> >>>>> >>> >> for me right now :(
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> First of all, I'm not sure, what is difference between
>>>>> >>>>> "certFilename"
>>>>> >>>>> >>> and
>>>>> >>>>> >>> >> "keyPairProvider" options for the ssh endpoint?
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> Then, the private key have to be provided for the ssh
>>>>> endpoint,
>>>>> >>>>> right?
>>>>> >>>>> >>> The
>>>>> >>>>> >>> >> public key is configured on the remote server account...
>>>>> >>>>> >>> >> Also, in which format the SSH private key should be? PEM?
>>>>> >>>>> >>> >> Like this?
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> I guess so, because it's like this here:
>>>>> >>>>> >>> >>
>>>>> >>>>> >>>
>>>>> >>>>>
>>>>> https://github.com/apache/camel/blob/trunk/components/camel-ssh/src/test/resources/hostkey.pem
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> I'm not even sure if the key is loaded properly in the Java
>>>>> code
>>>>> >>>>> from
>>>>> >>>>> >>> >> resources directory, because the exception I see there is:
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> ==========
>>>>> >>>>> >>> >> Caused by: java.io.IOException: Error performing public key
>>>>> >>>>> >>> authentication
>>>>> >>>>> >>> >> at
>>>>> >>>>> >>> >>
>>>>> >>>>> >>>
>>>>> >>>>>
>>>>> org.apache.sshd.client.auth.UserAuthPublicKey.<init>(UserAuthPublicKey.java:86)
>>>>> >>>>> >>> >>  at
>>>>> >>>>> >>> >>
>>>>> >>>>> >>>
>>>>> >>>>>
>>>>> org.apache.sshd.client.session.ClientSessionImpl.authPublicKey(ClientSessionImpl.java:146)
>>>>> >>>>> >>> >> at
>>>>> >>>>> >>> >>
>>>>> >>>>> >>>
>>>>> >>>>>
>>>>> org.apache.camel.component.ssh.SshEndpoint.sendExecCommand(SshEndpoint.java:113)
>>>>> >>>>> >>> >>  at
>>>>> >>>>> >>> >>
>>>>> >>>>>
>>>>> org.apache.camel.component.ssh.SshProducer.process(SshProducer.java:38)
>>>>> >>>>> >>> >> ... 72 more
>>>>> >>>>> >>> >> Caused by: java.lang.NullPointerException
>>>>> >>>>> >>> >>  at
>>>>> >>>>> >>> >>
>>>>> >>>>> >>>
>>>>> >>>>>
>>>>> org.apache.sshd.client.auth.UserAuthPublicKey.<init>(UserAuthPublicKey.java:59)
>>>>> >>>>> >>> >> ... 75 more
>>>>> >>>>> >>> >> ==========
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> Note the NullPointerException ...
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> But I tried to follow this (
>>>>> >>>>> >>> >>
>>>>> >>>>> >>>
>>>>> >>>>>
>>>>> https://github.com/apache/camel/blob/trunk/components/camel-ssh/src/test/java/org/apache/camel/component/ssh/SshComponentSecurityTest.java
>>>>> >>>>> )
>>>>> >>>>> >>> test,
>>>>> >>>>> >>> >> so I guess it should work...
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> Could you give me at least some hint?
>>>>> >>>>> >>> >> I promise I'll extend Camel wiki related to this topic
>>>>> >>>>> definitely :P
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> --
>>>>> >>>>> >>> >> S pozdravem / Best regards
>>>>> >>>>> >>> >> Martin Stiborský
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >> Jabber: stibi@njs.netlab.cz
>>>>> >>>>> >>> >> Twitter: http://www.twitter.com/stibi
>>>>> >>>>> >>> >>
>>>>> >>>>> >>> >
>>>>> >>>>> >>> >
>>>>> >>>>> >>> >
>>>>> >>>>> >>> > --
>>>>> >>>>> >>> > S pozdravem / Best regards
>>>>> >>>>> >>> > Martin Stiborský
>>>>> >>>>> >>> >
>>>>> >>>>> >>> > Jabber: stibi@njs.netlab.cz
>>>>> >>>>> >>> > Twitter: http://www.twitter.com/stibi
>>>>> >>>>> >>>
>>>>> >>>>> >>
>>>>> >>>>> >>
>>>>> >>>>> >>
>>>>> >>>>> >> --
>>>>> >>>>> >> S pozdravem / Best regards
>>>>> >>>>> >> Martin Stiborský
>>>>> >>>>> >>
>>>>> >>>>> >> Jabber: stibi@njs.netlab.cz
>>>>> >>>>> >> Twitter: http://www.twitter.com/stibi
>>>>> >>>>> >>
>>>>> >>>>> >
>>>>> >>>>> >
>>>>> >>>>> >
>>>>> >>>>> > --
>>>>> >>>>> > S pozdravem / Best regards
>>>>> >>>>> > Martin Stiborský
>>>>> >>>>> >
>>>>> >>>>> > Jabber: stibi@njs.netlab.cz
>>>>> >>>>> > Twitter: http://www.twitter.com/stibi
>>>>> >>>>>
>>>>> >>>>>
>>>>> >>>>>
>>>>> >>>>> --
>>>>> >>>>> Claus Ibsen
>>>>> >>>>> -----------------
>>>>> >>>>> Red Hat, Inc.
>>>>> >>>>> FuseSource is now part of Red Hat
>>>>> >>>>> Email: cibsen@redhat.com
>>>>> >>>>> Web: http://fusesource.com
>>>>> >>>>> Twitter: davsclaus
>>>>> >>>>> Blog: http://davsclaus.com
>>>>> >>>>> Author of Camel in Action: http://www.manning.com/ibsen
>>>>> >>>>>
>>>>> >>>>
>>>>> >>>>
>>>>> >>>>
>>>>> >>>> --
>>>>> >>>> S pozdravem / Best regards
>>>>> >>>> Martin Stiborský
>>>>> >>>>
>>>>> >>>> Jabber: stibi@njs.netlab.cz
>>>>> >>>> Twitter: http://www.twitter.com/stibi
>>>>> >>>>
>>>>> >>>
>>>>> >>>
>>>>> >>>
>>>>> >>> --
>>>>> >>> S pozdravem / Best regards
>>>>> >>> Martin Stiborský
>>>>> >>>
>>>>> >>> Jabber: stibi@njs.netlab.cz
>>>>> >>> Twitter: http://www.twitter.com/stibi
>>>>> >>>
>>>>> >>
>>>>> >>
>>>>> >>
>>>>> >> --
>>>>> >> S pozdravem / Best regards
>>>>> >> Martin Stiborský
>>>>> >>
>>>>> >> Jabber: stibi@njs.netlab.cz
>>>>> >> Twitter: http://www.twitter.com/stibi
>>>>> >>
>>>>> >
>>>>> >
>>>>> >
>>>>> > --
>>>>> > S pozdravem / Best regards
>>>>> > Martin Stiborský
>>>>> >
>>>>> > Jabber: stibi@njs.netlab.cz
>>>>> > Twitter: http://www.twitter.com/stibi
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> S pozdravem / Best regards
>>>> Martin Stiborský
>>>>
>>>> Jabber: stibi@njs.netlab.cz
>>>> Twitter: http://www.twitter.com/stibi
>
>
>
> --
> Claus Ibsen
> -----------------
> Red Hat, Inc.
> FuseSource is now part of Red Hat
> Email: cibsen@redhat.com
> Web: http://fusesource.com
> Twitter: davsclaus
> Blog: http://davsclaus.com
> Author of Camel in Action: http://www.manning.com/ibsen

Re: camel-ssh - SSH keys authentication

Posted by Claus Ibsen <cl...@gmail.com>.

Hi

I logged a ticket to make this easier out of the box
https://issues.apache.org/jira/browse/CAMEL-6120

On Fri, Feb 15, 2013 at 9:33 PM, Scott Cranton <sc...@cranton.com> wrote:
> I've created an example showing camel-ssh deployed in Karaf using
> classpath and file based public key security.
>
> https://github.com/scranton/example-security-camel-ssh
>
> I'll try to clean it up shortly, and submit to camel either updating
> existing camel-ssh example, or adding as a new example...
>
> Then look to update the doc...
>
> On Fri, Feb 15, 2013 at 6:53 AM, Scott Cranton <sc...@cranton.com> wrote:
>> Excellent! thanks for the QA ;-)
>>
>> The camel-ssh doc clearly needs help, so any thoughts you have on how
>> to update based on your recent experience would be most appreciated...
>>
>> On Fri, Feb 15, 2013 at 6:48 AM, Martin Stiborský
>> <ma...@gmail.com> wrote:
>>> Woohoo, victory, thanks for the hint, Scott. ClassLoader was the magical
>>> thing.
>>>
>>> ResourceKeyPairProvider keyPairProvider = new ResourceKeyPairProvider(
>>>                 new String[]{pathToTheKey}, null,
>>> this.getClass().getClassLoader());
>>>
>>> And camel-crypto, as new dependency, because org.bouncycastle.openssl ...
>>>
>>> Thanks a lot guys.
>>>
>>>
>>> On Fri, Feb 15, 2013 at 11:34 AM, Scott Cranton <sc...@cranton.com> wrote:
>>>
>>>> Have you tried setting the keyPairProvider to an instance of
>>>> org.apache.sshd.common.keyprovider.ResourceKeyPairProvider? That
>>>> should work better in OSGi, though I haven't tried it recently...
>>>>
>>>> Re mulitple ids: you can add multiple component instances with
>>>> different ids (e.g. sshGit) and reference them from Camel by those
>>>> ids.
>>>>
>>>> addComponent("sshGit", sshGitComponent)
>>>>
>>>> .to("sshGit:git@localhost)
>>>>
>>>> On Fri, Feb 15, 2013 at 4:26 AM, Martin Stiborský
>>>> <ma...@gmail.com> wrote:
>>>> > Often I found solution for a problem in few minutes after posting to
>>>> > mailing list, so let's try the luck now :)
>>>> >
>>>> > Currently I'm digging in the camel-ssh, because definitely there is
>>>> problem
>>>> > with referencing the key file from resources.
>>>> > The very first thing I should do was enabling debug for camel-ssh
>>>> component
>>>> > (surprise surprise...), because this:
>>>> >
>>>> > 2013-02-15 10:21:46,261 | INFO  | qtp724367630-92  | FileKeyPairProvider
>>>> >            | 24 - org.apache.sshd.core - 0.8.0 | Unable to read key
>>>> > /gitkeys/mykey.pem: java.io.FileNotFoundException: /gitkeys/mykey.pem (No
>>>> > such file or directory)
>>>> >
>>>> > I'll follow advice from Claus Ibsen and check ResourceHelper and how it
>>>> > could be used in camel-ssh...
>>>> >
>>>> >
>>>> > On Fri, Feb 15, 2013 at 9:01 AM, Martin Stiborský <
>>>> > martin.stiborsky@gmail.com> wrote:
>>>> >
>>>> >> One more weird thing, from the log file:
>>>> >>
>>>> >> 2013-02-15 08:58:22,582 | INFO  | NioProcessor-21  | ClientSessionImpl
>>>> >>            | 24 - org.apache.sshd.core - 0.8.0 | Session
>>>> >> null@my-git.server.com/10.xx.xx.xx:22 closed
>>>> >>
>>>> >> The "null"…I assume there should be username :)
>>>> >>
>>>> >>
>>>> >> On Fri, Feb 15, 2013 at 8:40 AM, Martin Stiborský <
>>>> >> martin.stiborsky@gmail.com> wrote:
>>>> >>
>>>> >>> So, maybe the problem is really in the camel-ssh component, because,
>>>> it's
>>>> >>> possible to get the key from resources, like that:
>>>> >>>
>>>> >>>         from("cxfrs:bean:gitServer")
>>>> >>>                 .routeId("GitRoutes")
>>>> >>>                 .choice()
>>>> >>>
>>>> >>> .when(header(CxfConstants.OPERATION_NAME).isEqualTo("getRepositories"))
>>>> >>>                 .setBody(constant("info"))
>>>> >>>                 .process(new Processor() {
>>>> >>>                     @Override
>>>> >>>                     public void process(Exchange exchange) throws
>>>> >>> Exception {
>>>> >>>                         InputStream is =
>>>> >>> getClass().getResourceAsStream("/gitkeys/mykey.pem");
>>>> >>>                         String myString = IOUtils.toString(is,
>>>> "UTF-8");
>>>> >>>
>>>> >>>                         exchange.getOut().setBody(myString);
>>>> >>>                     }
>>>> >>>                 });
>>>> >>>
>>>> >>> So, no OSGi trouble here I guess…
>>>> >>>
>>>> >>>
>>>> >>> On Thu, Feb 14, 2013 at 9:06 PM, Martin Stiborský <
>>>> >>> martin.stiborsky@gmail.com> wrote:
>>>> >>>
>>>> >>>> Ok, so camel-ssh needs some love, to make it better…ok.
>>>> >>>> But without modifications in camel-ssh, I'm just not able to use it
>>>> with
>>>> >>>> my SSH key, I tried like all possible combinations now.
>>>> >>>>
>>>> >>>>         SshComponent sshGitComponent = new SshComponent();
>>>> >>>>         sshGitComponent.setHost("localhost");
>>>> >>>>         sshGitComponent.setPort(22);
>>>> >>>>         sshGitComponent.setUsername("git");
>>>> >>>>         sshGitComponent.setKeyPairProvider(new FileKeyPairProvider(new
>>>> >>>> String[]{"gitkeys/mykey.pem"}));
>>>> >>>>         sshGitComponent.setKeyType(KeyPairProvider.SSH_RSA);
>>>> >>>>
>>>> >>>>         getContext().removeComponent("ssh");
>>>> >>>>         getContext().addComponent("ssh", sshGitComponent);
>>>> >>>>
>>>> >>>>         from("cxfrs:bean:gitServer")
>>>> >>>>                 .routeId("GitRoutes")
>>>> >>>>                 .choice()
>>>> >>>>
>>>> >>>>
>>>> .when(header(CxfConstants.OPERATION_NAME).isEqualTo("getRepositories"))
>>>> >>>>                     .setBody(constant("info"))
>>>> >>>>                     .to("ssh:git@localhost");
>>>> >>>>
>>>> >>>> Why the removeComponent and the addComponent? I'd like to add new
>>>> >>>> instance of SshComponent, under different id, but when I do that,
>>>> >>>> Camel stucks on start, trying to find this new component…so I'm doing
>>>> >>>> something wrong there probably…
>>>> >>>>
>>>> >>>> In src/main/resources/gitkeys/mykey.pem is the key…but as I said, it
>>>> >>>> doesn't work for me, or I missed the correct combination…I tried also
>>>> >>>> classpath and file prefix, but no luck.
>>>> >>>>
>>>> >>>> The unit test works fine…problem is in the OSGi I guess…some classpath
>>>> >>>> issue? I don't know, I have quite a headache from this already, need a
>>>> >>>> break.
>>>> >>>>
>>>> >>>>
>>>> >>>> On Thu, Feb 14, 2013 at 3:13 PM, Claus Ibsen <claus.ibsen@gmail.com
>>>> >wrote:
>>>> >>>>
>>>> >>>>> On Thu, Feb 14, 2013 at 2:57 PM, Martin Stiborský
>>>> >>>>> <ma...@gmail.com> wrote:
>>>> >>>>> > Still one problem…the unit test was fine, but now in OSGi
>>>> environment,
>>>> >>>>> > there are more troubles…
>>>> >>>>> > Is there some trick how to get resource from a bundle? I can't get
>>>> a
>>>> >>>>> > reference to the key file stored in src/main/resources :(
>>>> >>>>> >
>>>> >>>>>
>>>> >>>>> I guess maybe camel-ssh should load the cert file like we do in other
>>>> >>>>> components using ResourceHelper.
>>>> >>>>> Then we can load from classpath (osgi and the rest of the world),
>>>> files
>>>> >>>>> etc.
>>>> >>>>>
>>>> >>>>> eg prefix with classpath: or file:
>>>> >>>>>
>>>> >>>>>
>>>> >>>>> >
>>>> >>>>> > On Thu, Feb 14, 2013 at 12:25 PM, Martin Stiborský <
>>>> >>>>> > martin.stiborsky@gmail.com> wrote:
>>>> >>>>> >
>>>> >>>>> >> I can try help there as well. I was looking for a chance to make
>>>> my
>>>> >>>>> "first
>>>> >>>>> >> camel commit" anyway :)
>>>> >>>>> >>
>>>> >>>>> >>
>>>> >>>>> >> On Thu, Feb 14, 2013 at 12:00 PM, Scott Cranton <
>>>> scott@cranton.com>
>>>> >>>>> wrote:
>>>> >>>>> >>
>>>> >>>>> >>> Glad you figured it out. Yeah, the camel-ssh page does need some
>>>> >>>>> >>> attention. Thanks for the feedback, and I look forward to seeing
>>>> >>>>> your
>>>> >>>>> >>> suggested updates to the doc.
>>>> >>>>> >>>
>>>> >>>>> >>> The certFilename is just a shorthand for creating a
>>>> >>>>> >>> FileKeyPairProvider, which is identical to what the
>>>> >>>>> >>> SshComponentSecurityTest is doing
>>>> >>>>> >>>
>>>> >>>>> >>>     sshComponent.setKeyPairProvider(new FileKeyPairProvider(new
>>>> >>>>> >>> String[]{"src/test/resources/hostkey.pem"}));
>>>> >>>>> >>>
>>>> >>>>> >>> but I see in the tests, I'm using the same resource for both
>>>> >>>>> producer
>>>> >>>>> >>> and consumer, so to your point about when public key, when
>>>> private,
>>>> >>>>> I
>>>> >>>>> >>> should check that, update the tests, and most importantly update
>>>> the
>>>> >>>>> >>> docs as it isn't clear...
>>>> >>>>> >>>
>>>> >>>>> >>> Thanks,
>>>> >>>>> >>> Scott
>>>> >>>>> >>>
>>>> >>>>> >>>
>>>> >>>>> >>>
>>>> >>>>> >>> On Thu, Feb 14, 2013 at 5:48 AM, Martin Stiborský
>>>> >>>>> >>> <ma...@gmail.com> wrote:
>>>> >>>>> >>> > As usually, problem solved few minutes after I posted this
>>>> "call
>>>> >>>>> for
>>>> >>>>> >>> help
>>>> >>>>> >>> > message".
>>>> >>>>> >>> > Really there was a problem with loading the private key from
>>>> >>>>> resources.
>>>> >>>>> >>> >
>>>> >>>>> >>> > Now it works...my next message will be about updating the
>>>> >>>>> camel-ssh
>>>> >>>>> >>> wiki :)
>>>> >>>>> >>> >
>>>> >>>>> >>> >
>>>> >>>>> >>> > On Thu, Feb 14, 2013 at 10:37 AM, Martin Stiborský <
>>>> >>>>> >>> > martin.stiborsky@gmail.com> wrote:
>>>> >>>>> >>> >
>>>> >>>>> >>> >> Hello guys,
>>>> >>>>> >>> >> I need to use camel-ssh in my route, also, I need
>>>> authentication
>>>> >>>>> with
>>>> >>>>> >>> SSH
>>>> >>>>> >>> >> keys to the remote server.
>>>> >>>>> >>> >> I can't figure out how to configure the SSH producer in Camel.
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> Now I started digging in camel-ssh source codes, but that is a
>>>> >>>>> long
>>>> >>>>> >>> trip
>>>> >>>>> >>> >> for me right now :(
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> First of all, I'm not sure, what is difference between
>>>> >>>>> "certFilename"
>>>> >>>>> >>> and
>>>> >>>>> >>> >> "keyPairProvider" options for the ssh endpoint?
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> Then, the private key have to be provided for the ssh
>>>> endpoint,
>>>> >>>>> right?
>>>> >>>>> >>> The
>>>> >>>>> >>> >> public key is configured on the remote server account...
>>>> >>>>> >>> >> Also, in which format the SSH private key should be? PEM?
>>>> >>>>> >>> >> Like this?
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> I guess so, because it's like this here:
>>>> >>>>> >>> >>
>>>> >>>>> >>>
>>>> >>>>>
>>>> https://github.com/apache/camel/blob/trunk/components/camel-ssh/src/test/resources/hostkey.pem
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> I'm not even sure if the key is loaded properly in the Java
>>>> code
>>>> >>>>> from
>>>> >>>>> >>> >> resources directory, because the exception I see there is:
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> ==========
>>>> >>>>> >>> >> Caused by: java.io.IOException: Error performing public key
>>>> >>>>> >>> authentication
>>>> >>>>> >>> >> at
>>>> >>>>> >>> >>
>>>> >>>>> >>>
>>>> >>>>>
>>>> org.apache.sshd.client.auth.UserAuthPublicKey.<init>(UserAuthPublicKey.java:86)
>>>> >>>>> >>> >>  at
>>>> >>>>> >>> >>
>>>> >>>>> >>>
>>>> >>>>>
>>>> org.apache.sshd.client.session.ClientSessionImpl.authPublicKey(ClientSessionImpl.java:146)
>>>> >>>>> >>> >> at
>>>> >>>>> >>> >>
>>>> >>>>> >>>
>>>> >>>>>
>>>> org.apache.camel.component.ssh.SshEndpoint.sendExecCommand(SshEndpoint.java:113)
>>>> >>>>> >>> >>  at
>>>> >>>>> >>> >>
>>>> >>>>>
>>>> org.apache.camel.component.ssh.SshProducer.process(SshProducer.java:38)
>>>> >>>>> >>> >> ... 72 more
>>>> >>>>> >>> >> Caused by: java.lang.NullPointerException
>>>> >>>>> >>> >>  at
>>>> >>>>> >>> >>
>>>> >>>>> >>>
>>>> >>>>>
>>>> org.apache.sshd.client.auth.UserAuthPublicKey.<init>(UserAuthPublicKey.java:59)
>>>> >>>>> >>> >> ... 75 more
>>>> >>>>> >>> >> ==========
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> Note the NullPointerException ...
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> But I tried to follow this (
>>>> >>>>> >>> >>
>>>> >>>>> >>>
>>>> >>>>>
>>>> https://github.com/apache/camel/blob/trunk/components/camel-ssh/src/test/java/org/apache/camel/component/ssh/SshComponentSecurityTest.java
>>>> >>>>> )
>>>> >>>>> >>> test,
>>>> >>>>> >>> >> so I guess it should work...
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> Could you give me at least some hint?
>>>> >>>>> >>> >> I promise I'll extend Camel wiki related to this topic
>>>> >>>>> definitely :P
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> --
>>>> >>>>> >>> >> S pozdravem / Best regards
>>>> >>>>> >>> >> Martin Stiborský
>>>> >>>>> >>> >>
>>>> >>>>> >>> >> Jabber: stibi@njs.netlab.cz
>>>> >>>>> >>> >> Twitter: http://www.twitter.com/stibi
>>>> >>>>> >>> >>
>>>> >>>>> >>> >
>>>> >>>>> >>> >
>>>> >>>>> >>> >
>>>> >>>>> >>> > --
>>>> >>>>> >>> > S pozdravem / Best regards
>>>> >>>>> >>> > Martin Stiborský
>>>> >>>>> >>> >
>>>> >>>>> >>> > Jabber: stibi@njs.netlab.cz
>>>> >>>>> >>> > Twitter: http://www.twitter.com/stibi
>>>> >>>>> >>>
>>>> >>>>> >>
>>>> >>>>> >>
>>>> >>>>> >>
>>>> >>>>> >> --
>>>> >>>>> >> S pozdravem / Best regards
>>>> >>>>> >> Martin Stiborský
>>>> >>>>> >>
>>>> >>>>> >> Jabber: stibi@njs.netlab.cz
>>>> >>>>> >> Twitter: http://www.twitter.com/stibi
>>>> >>>>> >>
>>>> >>>>> >
>>>> >>>>> >
>>>> >>>>> >
>>>> >>>>> > --
>>>> >>>>> > S pozdravem / Best regards
>>>> >>>>> > Martin Stiborský
>>>> >>>>> >
>>>> >>>>> > Jabber: stibi@njs.netlab.cz
>>>> >>>>> > Twitter: http://www.twitter.com/stibi
>>>> >>>>>
>>>> >>>>>
>>>> >>>>>
>>>> >>>>> --
>>>> >>>>> Claus Ibsen
>>>> >>>>> -----------------
>>>> >>>>> Red Hat, Inc.
>>>> >>>>> FuseSource is now part of Red Hat
>>>> >>>>> Email: cibsen@redhat.com
>>>> >>>>> Web: http://fusesource.com
>>>> >>>>> Twitter: davsclaus
>>>> >>>>> Blog: http://davsclaus.com
>>>> >>>>> Author of Camel in Action: http://www.manning.com/ibsen
>>>> >>>>>
>>>> >>>>
>>>> >>>>
>>>> >>>>
>>>> >>>> --
>>>> >>>> S pozdravem / Best regards
>>>> >>>> Martin Stiborský
>>>> >>>>
>>>> >>>> Jabber: stibi@njs.netlab.cz
>>>> >>>> Twitter: http://www.twitter.com/stibi
>>>> >>>>
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>> --
>>>> >>> S pozdravem / Best regards
>>>> >>> Martin Stiborský
>>>> >>>
>>>> >>> Jabber: stibi@njs.netlab.cz
>>>> >>> Twitter: http://www.twitter.com/stibi
>>>> >>>
>>>> >>
>>>> >>
>>>> >>
>>>> >> --
>>>> >> S pozdravem / Best regards
>>>> >> Martin Stiborský
>>>> >>
>>>> >> Jabber: stibi@njs.netlab.cz
>>>> >> Twitter: http://www.twitter.com/stibi
>>>> >>
>>>> >
>>>> >
>>>> >
>>>> > --
>>>> > S pozdravem / Best regards
>>>> > Martin Stiborský
>>>> >
>>>> > Jabber: stibi@njs.netlab.cz
>>>> > Twitter: http://www.twitter.com/stibi
>>>>
>>>
>>>
>>>
>>> --
>>> S pozdravem / Best regards
>>> Martin Stiborský
>>>
>>> Jabber: stibi@njs.netlab.cz
>>> Twitter: http://www.twitter.com/stibi



-- 
Claus Ibsen
-----------------
Red Hat, Inc.
FuseSource is now part of Red Hat
Email: cibsen@redhat.com
Web: http://fusesource.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen

Re: camel-ssh - SSH keys authentication

Posted by Scott Cranton <sc...@cranton.com>.

I've created an example showing camel-ssh deployed in Karaf using
classpath and file based public key security.

https://github.com/scranton/example-security-camel-ssh

I'll try to clean it up shortly, and submit to camel either updating
existing camel-ssh example, or adding as a new example...

Then look to update the doc...

On Fri, Feb 15, 2013 at 6:53 AM, Scott Cranton <sc...@cranton.com> wrote:
> Excellent! thanks for the QA ;-)
>
> The camel-ssh doc clearly needs help, so any thoughts you have on how
> to update based on your recent experience would be most appreciated...
>
> On Fri, Feb 15, 2013 at 6:48 AM, Martin Stiborský
> <ma...@gmail.com> wrote:
>> Woohoo, victory, thanks for the hint, Scott. ClassLoader was the magical
>> thing.
>>
>> ResourceKeyPairProvider keyPairProvider = new ResourceKeyPairProvider(
>>                 new String[]{pathToTheKey}, null,
>> this.getClass().getClassLoader());
>>
>> And camel-crypto, as new dependency, because org.bouncycastle.openssl ...
>>
>> Thanks a lot guys.
>>
>>
>> On Fri, Feb 15, 2013 at 11:34 AM, Scott Cranton <sc...@cranton.com> wrote:
>>
>>> Have you tried setting the keyPairProvider to an instance of
>>> org.apache.sshd.common.keyprovider.ResourceKeyPairProvider? That
>>> should work better in OSGi, though I haven't tried it recently...
>>>
>>> Re mulitple ids: you can add multiple component instances with
>>> different ids (e.g. sshGit) and reference them from Camel by those
>>> ids.
>>>
>>> addComponent("sshGit", sshGitComponent)
>>>
>>> .to("sshGit:git@localhost)
>>>
>>> On Fri, Feb 15, 2013 at 4:26 AM, Martin Stiborský
>>> <ma...@gmail.com> wrote:
>>> > Often I found solution for a problem in few minutes after posting to
>>> > mailing list, so let's try the luck now :)
>>> >
>>> > Currently I'm digging in the camel-ssh, because definitely there is
>>> problem
>>> > with referencing the key file from resources.
>>> > The very first thing I should do was enabling debug for camel-ssh
>>> component
>>> > (surprise surprise...), because this:
>>> >
>>> > 2013-02-15 10:21:46,261 | INFO  | qtp724367630-92  | FileKeyPairProvider
>>> >            | 24 - org.apache.sshd.core - 0.8.0 | Unable to read key
>>> > /gitkeys/mykey.pem: java.io.FileNotFoundException: /gitkeys/mykey.pem (No
>>> > such file or directory)
>>> >
>>> > I'll follow advice from Claus Ibsen and check ResourceHelper and how it
>>> > could be used in camel-ssh...
>>> >
>>> >
>>> > On Fri, Feb 15, 2013 at 9:01 AM, Martin Stiborský <
>>> > martin.stiborsky@gmail.com> wrote:
>>> >
>>> >> One more weird thing, from the log file:
>>> >>
>>> >> 2013-02-15 08:58:22,582 | INFO  | NioProcessor-21  | ClientSessionImpl
>>> >>            | 24 - org.apache.sshd.core - 0.8.0 | Session
>>> >> null@my-git.server.com/10.xx.xx.xx:22 closed
>>> >>
>>> >> The "null"…I assume there should be username :)
>>> >>
>>> >>
>>> >> On Fri, Feb 15, 2013 at 8:40 AM, Martin Stiborský <
>>> >> martin.stiborsky@gmail.com> wrote:
>>> >>
>>> >>> So, maybe the problem is really in the camel-ssh component, because,
>>> it's
>>> >>> possible to get the key from resources, like that:
>>> >>>
>>> >>>         from("cxfrs:bean:gitServer")
>>> >>>                 .routeId("GitRoutes")
>>> >>>                 .choice()
>>> >>>
>>> >>> .when(header(CxfConstants.OPERATION_NAME).isEqualTo("getRepositories"))
>>> >>>                 .setBody(constant("info"))
>>> >>>                 .process(new Processor() {
>>> >>>                     @Override
>>> >>>                     public void process(Exchange exchange) throws
>>> >>> Exception {
>>> >>>                         InputStream is =
>>> >>> getClass().getResourceAsStream("/gitkeys/mykey.pem");
>>> >>>                         String myString = IOUtils.toString(is,
>>> "UTF-8");
>>> >>>
>>> >>>                         exchange.getOut().setBody(myString);
>>> >>>                     }
>>> >>>                 });
>>> >>>
>>> >>> So, no OSGi trouble here I guess…
>>> >>>
>>> >>>
>>> >>> On Thu, Feb 14, 2013 at 9:06 PM, Martin Stiborský <
>>> >>> martin.stiborsky@gmail.com> wrote:
>>> >>>
>>> >>>> Ok, so camel-ssh needs some love, to make it better…ok.
>>> >>>> But without modifications in camel-ssh, I'm just not able to use it
>>> with
>>> >>>> my SSH key, I tried like all possible combinations now.
>>> >>>>
>>> >>>>         SshComponent sshGitComponent = new SshComponent();
>>> >>>>         sshGitComponent.setHost("localhost");
>>> >>>>         sshGitComponent.setPort(22);
>>> >>>>         sshGitComponent.setUsername("git");
>>> >>>>         sshGitComponent.setKeyPairProvider(new FileKeyPairProvider(new
>>> >>>> String[]{"gitkeys/mykey.pem"}));
>>> >>>>         sshGitComponent.setKeyType(KeyPairProvider.SSH_RSA);
>>> >>>>
>>> >>>>         getContext().removeComponent("ssh");
>>> >>>>         getContext().addComponent("ssh", sshGitComponent);
>>> >>>>
>>> >>>>         from("cxfrs:bean:gitServer")
>>> >>>>                 .routeId("GitRoutes")
>>> >>>>                 .choice()
>>> >>>>
>>> >>>>
>>> .when(header(CxfConstants.OPERATION_NAME).isEqualTo("getRepositories"))
>>> >>>>                     .setBody(constant("info"))
>>> >>>>                     .to("ssh:git@localhost");
>>> >>>>
>>> >>>> Why the removeComponent and the addComponent? I'd like to add new
>>> >>>> instance of SshComponent, under different id, but when I do that,
>>> >>>> Camel stucks on start, trying to find this new component…so I'm doing
>>> >>>> something wrong there probably…
>>> >>>>
>>> >>>> In src/main/resources/gitkeys/mykey.pem is the key…but as I said, it
>>> >>>> doesn't work for me, or I missed the correct combination…I tried also
>>> >>>> classpath and file prefix, but no luck.
>>> >>>>
>>> >>>> The unit test works fine…problem is in the OSGi I guess…some classpath
>>> >>>> issue? I don't know, I have quite a headache from this already, need a
>>> >>>> break.
>>> >>>>
>>> >>>>
>>> >>>> On Thu, Feb 14, 2013 at 3:13 PM, Claus Ibsen <claus.ibsen@gmail.com
>>> >wrote:
>>> >>>>
>>> >>>>> On Thu, Feb 14, 2013 at 2:57 PM, Martin Stiborský
>>> >>>>> <ma...@gmail.com> wrote:
>>> >>>>> > Still one problem…the unit test was fine, but now in OSGi
>>> environment,
>>> >>>>> > there are more troubles…
>>> >>>>> > Is there some trick how to get resource from a bundle? I can't get
>>> a
>>> >>>>> > reference to the key file stored in src/main/resources :(
>>> >>>>> >
>>> >>>>>
>>> >>>>> I guess maybe camel-ssh should load the cert file like we do in other
>>> >>>>> components using ResourceHelper.
>>> >>>>> Then we can load from classpath (osgi and the rest of the world),
>>> files
>>> >>>>> etc.
>>> >>>>>
>>> >>>>> eg prefix with classpath: or file:
>>> >>>>>
>>> >>>>>
>>> >>>>> >
>>> >>>>> > On Thu, Feb 14, 2013 at 12:25 PM, Martin Stiborský <
>>> >>>>> > martin.stiborsky@gmail.com> wrote:
>>> >>>>> >
>>> >>>>> >> I can try help there as well. I was looking for a chance to make
>>> my
>>> >>>>> "first
>>> >>>>> >> camel commit" anyway :)
>>> >>>>> >>
>>> >>>>> >>
>>> >>>>> >> On Thu, Feb 14, 2013 at 12:00 PM, Scott Cranton <
>>> scott@cranton.com>
>>> >>>>> wrote:
>>> >>>>> >>
>>> >>>>> >>> Glad you figured it out. Yeah, the camel-ssh page does need some
>>> >>>>> >>> attention. Thanks for the feedback, and I look forward to seeing
>>> >>>>> your
>>> >>>>> >>> suggested updates to the doc.
>>> >>>>> >>>
>>> >>>>> >>> The certFilename is just a shorthand for creating a
>>> >>>>> >>> FileKeyPairProvider, which is identical to what the
>>> >>>>> >>> SshComponentSecurityTest is doing
>>> >>>>> >>>
>>> >>>>> >>>     sshComponent.setKeyPairProvider(new FileKeyPairProvider(new
>>> >>>>> >>> String[]{"src/test/resources/hostkey.pem"}));
>>> >>>>> >>>
>>> >>>>> >>> but I see in the tests, I'm using the same resource for both
>>> >>>>> producer
>>> >>>>> >>> and consumer, so to your point about when public key, when
>>> private,
>>> >>>>> I
>>> >>>>> >>> should check that, update the tests, and most importantly update
>>> the
>>> >>>>> >>> docs as it isn't clear...
>>> >>>>> >>>
>>> >>>>> >>> Thanks,
>>> >>>>> >>> Scott
>>> >>>>> >>>
>>> >>>>> >>>
>>> >>>>> >>>
>>> >>>>> >>> On Thu, Feb 14, 2013 at 5:48 AM, Martin Stiborský
>>> >>>>> >>> <ma...@gmail.com> wrote:
>>> >>>>> >>> > As usually, problem solved few minutes after I posted this
>>> "call
>>> >>>>> for
>>> >>>>> >>> help
>>> >>>>> >>> > message".
>>> >>>>> >>> > Really there was a problem with loading the private key from
>>> >>>>> resources.
>>> >>>>> >>> >
>>> >>>>> >>> > Now it works...my next message will be about updating the
>>> >>>>> camel-ssh
>>> >>>>> >>> wiki :)
>>> >>>>> >>> >
>>> >>>>> >>> >
>>> >>>>> >>> > On Thu, Feb 14, 2013 at 10:37 AM, Martin Stiborský <
>>> >>>>> >>> > martin.stiborsky@gmail.com> wrote:
>>> >>>>> >>> >
>>> >>>>> >>> >> Hello guys,
>>> >>>>> >>> >> I need to use camel-ssh in my route, also, I need
>>> authentication
>>> >>>>> with
>>> >>>>> >>> SSH
>>> >>>>> >>> >> keys to the remote server.
>>> >>>>> >>> >> I can't figure out how to configure the SSH producer in Camel.
>>> >>>>> >>> >>
>>> >>>>> >>> >> Now I started digging in camel-ssh source codes, but that is a
>>> >>>>> long
>>> >>>>> >>> trip
>>> >>>>> >>> >> for me right now :(
>>> >>>>> >>> >>
>>> >>>>> >>> >> First of all, I'm not sure, what is difference between
>>> >>>>> "certFilename"
>>> >>>>> >>> and
>>> >>>>> >>> >> "keyPairProvider" options for the ssh endpoint?
>>> >>>>> >>> >>
>>> >>>>> >>> >> Then, the private key have to be provided for the ssh
>>> endpoint,
>>> >>>>> right?
>>> >>>>> >>> The
>>> >>>>> >>> >> public key is configured on the remote server account...
>>> >>>>> >>> >> Also, in which format the SSH private key should be? PEM?
>>> >>>>> >>> >> Like this?
>>> >>>>> >>> >>
>>> >>>>> >>> >> openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem
>>> >>>>> >>> >>
>>> >>>>> >>> >> I guess so, because it's like this here:
>>> >>>>> >>> >>
>>> >>>>> >>>
>>> >>>>>
>>> https://github.com/apache/camel/blob/trunk/components/camel-ssh/src/test/resources/hostkey.pem
>>> >>>>> >>> >>
>>> >>>>> >>> >> I'm not even sure if the key is loaded properly in the Java
>>> code
>>> >>>>> from
>>> >>>>> >>> >> resources directory, because the exception I see there is:
>>> >>>>> >>> >>
>>> >>>>> >>> >> ==========
>>> >>>>> >>> >> Caused by: java.io.IOException: Error performing public key
>>> >>>>> >>> authentication
>>> >>>>> >>> >> at
>>> >>>>> >>> >>
>>> >>>>> >>>
>>> >>>>>
>>> org.apache.sshd.client.auth.UserAuthPublicKey.<init>(UserAuthPublicKey.java:86)
>>> >>>>> >>> >>  at
>>> >>>>> >>> >>
>>> >>>>> >>>
>>> >>>>>
>>> org.apache.sshd.client.session.ClientSessionImpl.authPublicKey(ClientSessionImpl.java:146)
>>> >>>>> >>> >> at
>>> >>>>> >>> >>
>>> >>>>> >>>
>>> >>>>>
>>> org.apache.camel.component.ssh.SshEndpoint.sendExecCommand(SshEndpoint.java:113)
>>> >>>>> >>> >>  at
>>> >>>>> >>> >>
>>> >>>>>
>>> org.apache.camel.component.ssh.SshProducer.process(SshProducer.java:38)
>>> >>>>> >>> >> ... 72 more
>>> >>>>> >>> >> Caused by: java.lang.NullPointerException
>>> >>>>> >>> >>  at
>>> >>>>> >>> >>
>>> >>>>> >>>
>>> >>>>>
>>> org.apache.sshd.client.auth.UserAuthPublicKey.<init>(UserAuthPublicKey.java:59)
>>> >>>>> >>> >> ... 75 more
>>> >>>>> >>> >> ==========
>>> >>>>> >>> >>
>>> >>>>> >>> >> Note the NullPointerException ...
>>> >>>>> >>> >>
>>> >>>>> >>> >> But I tried to follow this (
>>> >>>>> >>> >>
>>> >>>>> >>>
>>> >>>>>
>>> https://github.com/apache/camel/blob/trunk/components/camel-ssh/src/test/java/org/apache/camel/component/ssh/SshComponentSecurityTest.java
>>> >>>>> )
>>> >>>>> >>> test,
>>> >>>>> >>> >> so I guess it should work...
>>> >>>>> >>> >>
>>> >>>>> >>> >> Could you give me at least some hint?
>>> >>>>> >>> >> I promise I'll extend Camel wiki related to this topic
>>> >>>>> definitely :P
>>> >>>>> >>> >>
>>> >>>>> >>> >> --
>>> >>>>> >>> >> S pozdravem / Best regards
>>> >>>>> >>> >> Martin Stiborský
>>> >>>>> >>> >>
>>> >>>>> >>> >> Jabber: stibi@njs.netlab.cz
>>> >>>>> >>> >> Twitter: http://www.twitter.com/stibi
>>> >>>>> >>> >>
>>> >>>>> >>> >
>>> >>>>> >>> >
>>> >>>>> >>> >
>>> >>>>> >>> > --
>>> >>>>> >>> > S pozdravem / Best regards
>>> >>>>> >>> > Martin Stiborský
>>> >>>>> >>> >
>>> >>>>> >>> > Jabber: stibi@njs.netlab.cz
>>> >>>>> >>> > Twitter: http://www.twitter.com/stibi
>>> >>>>> >>>
>>> >>>>> >>
>>> >>>>> >>
>>> >>>>> >>
>>> >>>>> >> --
>>> >>>>> >> S pozdravem / Best regards
>>> >>>>> >> Martin Stiborský
>>> >>>>> >>
>>> >>>>> >> Jabber: stibi@njs.netlab.cz
>>> >>>>> >> Twitter: http://www.twitter.com/stibi
>>> >>>>> >>
>>> >>>>> >
>>> >>>>> >
>>> >>>>> >
>>> >>>>> > --
>>> >>>>> > S pozdravem / Best regards
>>> >>>>> > Martin Stiborský
>>> >>>>> >
>>> >>>>> > Jabber: stibi@njs.netlab.cz
>>> >>>>> > Twitter: http://www.twitter.com/stibi
>>> >>>>>
>>> >>>>>
>>> >>>>>
>>> >>>>> --
>>> >>>>> Claus Ibsen
>>> >>>>> -----------------
>>> >>>>> Red Hat, Inc.
>>> >>>>> FuseSource is now part of Red Hat
>>> >>>>> Email: cibsen@redhat.com
>>> >>>>> Web: http://fusesource.com
>>> >>>>> Twitter: davsclaus
>>> >>>>> Blog: http://davsclaus.com
>>> >>>>> Author of Camel in Action: http://www.manning.com/ibsen
>>> >>>>>
>>> >>>>
>>> >>>>
>>> >>>>
>>> >>>> --
>>> >>>> S pozdravem / Best regards
>>> >>>> Martin Stiborský
>>> >>>>
>>> >>>> Jabber: stibi@njs.netlab.cz
>>> >>>> Twitter: http://www.twitter.com/stibi
>>> >>>>
>>> >>>
>>> >>>
>>> >>>
>>> >>> --
>>> >>> S pozdravem / Best regards
>>> >>> Martin Stiborský
>>> >>>
>>> >>> Jabber: stibi@njs.netlab.cz
>>> >>> Twitter: http://www.twitter.com/stibi
>>> >>>
>>> >>
>>> >>
>>> >>
>>> >> --
>>> >> S pozdravem / Best regards
>>> >> Martin Stiborský
>>> >>
>>> >> Jabber: stibi@njs.netlab.cz
>>> >> Twitter: http://www.twitter.com/stibi
>>> >>
>>> >
>>> >
>>> >
>>> > --
>>> > S pozdravem / Best regards
>>> > Martin Stiborský
>>> >
>>> > Jabber: stibi@njs.netlab.cz
>>> > Twitter: http://www.twitter.com/stibi
>>>
>>
>>
>>
>> --
>> S pozdravem / Best regards
>> Martin Stiborský
>>
>> Jabber: stibi@njs.netlab.cz
>> Twitter: http://www.twitter.com/stibi