You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Joseph Witt (JIRA)" <ji...@apache.org> on 2018/11/13 12:52:00 UTC
[jira] [Commented] (NIFI-5816) SFTP cannot connect due to JSch
limitations
[ https://issues.apache.org/jira/browse/NIFI-5816?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16685151#comment-16685151 ]
Joseph Witt commented on NIFI-5816:
-----------------------------------
SSHJ is ALv2 so that is good. I've not confirmed whether it has any dependencies and if so what they're licensing is but this is a good start.
Such a switch would require a lot of testing/verification as the SFTP processors that depend on JSCH are extremely heavy use and for many years type processors.
> SFTP cannot connect due to JSch limitations
> -------------------------------------------
>
> Key: NIFI-5816
> URL: https://issues.apache.org/jira/browse/NIFI-5816
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Extensions
> Affects Versions: 1.8.0
> Reporter: Laurenceau Julien
> Priority: Minor
>
> Hi,
> The JSch library used for SFTP does not support HostKeyAlgorithms=ed25519 whereas it is the current standard. This make SFTP / SSH unusable when dealing with recent openssh config.
> On dbeaver project they switched to sshj.
> [https://github.com/dbeaver/dbeaver/issues/2202]
> [https://community.hortonworks.com/answers/226377/view.html]
> https://stackoverflow.com/questions/2003419/com-jcraft-jsch-jschexception-unknownhostkey
> One more argument against JSch is that it does not support rsa key length other than default (2048).
> ssh-keygen -o -t rsa -b 4096 -f id_rsa -> does not work with nifi
> ssh-keygen -t rsa -f id_rsa -> works with nifi
> Thanks and regards
> JL
> PS : sorry but I do not know nifi deep enough to fill all fields.
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)