You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by Jens J Parappallil <je...@ibsplc.com> on 2014/07/25 07:20:29 UTC
SFTP server support in karaf
Hi,
Is it possible to enable the sftp server in karaf ? . I am using karaf 3.0.1 .
The thread http://karaf.922171.n3.nabble.com/Karaf-and-SFTP-SCP-td1974664.htm discusses the option any further toughts on this ?
Regards
Jens
DISCLAIMER: "The information in this e-mail and any attachment is intended only for the person to whom it is addressed and may contain confidential and/or privileged material. If you have received this e-mail in error, kindly contact the sender and destroy all copies of the original communication. IBS makes no warranty, express or implied, nor guarantees the accuracy, adequacy or completeness of the information contained in this email or any attachment and is not liable for any errors, defects, omissions, viruses or for resultant loss or damage, if any, direct or indirect."
Re: SFTP server support in karaf
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Thanks for the update (I never use Windows ;)).
I will update/fix that.
For the update, it's already done on some branches.
Regards
JB
On 07/25/2014 01:18 PM, Jens J Parappallil wrote:
> Hi JB,
>
> This is not working in Windows 7 ( jdk 1.7 ) . There are a mainly two issues
>
> 1. In org.apache.karaf.shell.ssh.KarafFileSystemView.getFile method , the location is not normalized to use the same separator char for comparison , hence this throws IAE always .
>
> protected SshFile getFile(String dir, String file) {
> // get actual file object
> String location = getPhysicalUserDir();
> String physicalName = NativeSshFile.getPhysicalName(location, dir, file, false);
> /* location is normalized before comparison */
> String locationNormalized = NativeSshFile.normalizeSeparateChar(location);
> if (!physicalName.startsWith(locationNormalized)) {
> throw new IllegalArgumentException("The path is not relative to KARAF_BASE. For security reason, it's not allowed");
> }
> File fileObj = new File(physicalName);
> // strip the root directory and return
> String karafFileName = physicalName.substring(location.length());
> return createNativeSshFile(karafFileName, fileObj, username);
> }
>
> 2. The other issue is with apache-sshd bug https://issues.apache.org/jira/browse/SSHD-317 . This is fixed in 0.12.0 .
>
> You could think of upgrading this to latest stable version.
>
> Regards
> Jens
>
> -----Original Message-----
> From: Jean-Baptiste Onofré [mailto:jb@nanthrax.net]
> Sent: 25 July 2014 12:56
> To: user@karaf.apache.org
> Subject: Re: SFTP server support in karaf
>
> Hi Jens,
>
> Karaf scp is already enabled by default:
>
> jbonofre@latitude:~$ scp -P 8101 karaf@localhost:bin/karaf .
> The authenticity of host '[localhost]:8101 ([127.0.0.1]:8101)' can't be established.
> DSA key fingerprint is 02:b2:d9:5e:e4:e2:33:a9:0e:96:16:53:3e:bb:8c:21.
> Are you sure you want to continue connecting (yes/no)? yes
> Warning: Permanently added '[localhost]:8101' (DSA) to the list of known hosts.
> karaf@localhost's password:
> karaf
>
> works as you can see.
>
> The only constraint is, for security reason, you have access only to the KARAF_BASE folder.
>
> Regards
> JB
>
> On 07/25/2014 07:20 AM, Jens J Parappallil wrote:
>> Hi,
>>
>> Is it possible to enable the sftp server in karaf ? . I am using karaf
>> 3.0.1 .
>>
>> The thread
>> http://karaf.922171.n3.nabble.com/Karaf-and-SFTP-SCP-td1974664.htm
>> discusses the option any further toughts on this ?
>>
>> Regards
>>
>> Jens
>>
>>
>>
>> DISCLAIMER: "The information in this e-mail and any attachment is
>> intended only for the person to whom it is addressed and may contain
>> confidential and/or privileged material. If you have received this
>> e-mail in error, kindly contact the sender and destroy all copies of
>> the original communication. IBS makes no warranty, express or implied,
>> nor guarantees the accuracy, adequacy or completeness of the
>> information contained in this email or any attachment and is not
>> liable for any errors, defects, omissions, viruses or for resultant
>> loss or damage, if any, direct or indirect."
>
> --
> Jean-Baptiste Onofré
> jbonofre@apache.org
> http://blog.nanthrax.net
> Talend - http://www.talend.com
>
>
> DISCLAIMER: "The information in this e-mail and any attachment is intended only for the person to whom it is addressed and may contain confidential and/or privileged material. If you have received this e-mail in error, kindly contact the sender and destroy all copies of the original communication. IBS makes no warranty, express or implied, nor guarantees the accuracy, adequacy or completeness of the information contained in this email or any attachment and is not liable for any errors, defects, omissions, viruses or for resultant loss or damage, if any, direct or indirect."
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
RE: SFTP server support in karaf
Posted by Jens J Parappallil <je...@ibsplc.com>.
Hi JB,
This is not working in Windows 7 ( jdk 1.7 ) . There are a mainly two issues
1. In org.apache.karaf.shell.ssh.KarafFileSystemView.getFile method , the location is not normalized to use the same separator char for comparison , hence this throws IAE always .
protected SshFile getFile(String dir, String file) {
// get actual file object
String location = getPhysicalUserDir();
String physicalName = NativeSshFile.getPhysicalName(location, dir, file, false);
/* location is normalized before comparison */
String locationNormalized = NativeSshFile.normalizeSeparateChar(location);
if (!physicalName.startsWith(locationNormalized)) {
throw new IllegalArgumentException("The path is not relative to KARAF_BASE. For security reason, it's not allowed");
}
File fileObj = new File(physicalName);
// strip the root directory and return
String karafFileName = physicalName.substring(location.length());
return createNativeSshFile(karafFileName, fileObj, username);
}
2. The other issue is with apache-sshd bug https://issues.apache.org/jira/browse/SSHD-317 . This is fixed in 0.12.0 .
You could think of upgrading this to latest stable version.
Regards
Jens
-----Original Message-----
From: Jean-Baptiste Onofré [mailto:jb@nanthrax.net]
Sent: 25 July 2014 12:56
To: user@karaf.apache.org
Subject: Re: SFTP server support in karaf
Hi Jens,
Karaf scp is already enabled by default:
jbonofre@latitude:~$ scp -P 8101 karaf@localhost:bin/karaf .
The authenticity of host '[localhost]:8101 ([127.0.0.1]:8101)' can't be established.
DSA key fingerprint is 02:b2:d9:5e:e4:e2:33:a9:0e:96:16:53:3e:bb:8c:21.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:8101' (DSA) to the list of known hosts.
karaf@localhost's password:
karaf
works as you can see.
The only constraint is, for security reason, you have access only to the KARAF_BASE folder.
Regards
JB
On 07/25/2014 07:20 AM, Jens J Parappallil wrote:
> Hi,
>
> Is it possible to enable the sftp server in karaf ? . I am using karaf
> 3.0.1 .
>
> The thread
> http://karaf.922171.n3.nabble.com/Karaf-and-SFTP-SCP-td1974664.htm
> discusses the option any further toughts on this ?
>
> Regards
>
> Jens
>
>
>
> DISCLAIMER: "The information in this e-mail and any attachment is
> intended only for the person to whom it is addressed and may contain
> confidential and/or privileged material. If you have received this
> e-mail in error, kindly contact the sender and destroy all copies of
> the original communication. IBS makes no warranty, express or implied,
> nor guarantees the accuracy, adequacy or completeness of the
> information contained in this email or any attachment and is not
> liable for any errors, defects, omissions, viruses or for resultant
> loss or damage, if any, direct or indirect."
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
DISCLAIMER: "The information in this e-mail and any attachment is intended only for the person to whom it is addressed and may contain confidential and/or privileged material. If you have received this e-mail in error, kindly contact the sender and destroy all copies of the original communication. IBS makes no warranty, express or implied, nor guarantees the accuracy, adequacy or completeness of the information contained in this email or any attachment and is not liable for any errors, defects, omissions, viruses or for resultant loss or damage, if any, direct or indirect."
Re: SFTP server support in karaf
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Hi Jens,
Karaf scp is already enabled by default:
jbonofre@latitude:~$ scp -P 8101 karaf@localhost:bin/karaf .
The authenticity of host '[localhost]:8101 ([127.0.0.1]:8101)' can't be
established.
DSA key fingerprint is 02:b2:d9:5e:e4:e2:33:a9:0e:96:16:53:3e:bb:8c:21.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:8101' (DSA) to the list of known
hosts.
karaf@localhost's password:
karaf
works as you can see.
The only constraint is, for security reason, you have access only to the
KARAF_BASE folder.
Regards
JB
On 07/25/2014 07:20 AM, Jens J Parappallil wrote:
> Hi,
>
> Is it possible to enable the sftp server in karaf ? . I am using karaf
> 3.0.1 .
>
> The thread
> http://karaf.922171.n3.nabble.com/Karaf-and-SFTP-SCP-td1974664.htm
> discusses the option any further toughts on this ?
>
> Regards
>
> Jens
>
>
>
> DISCLAIMER: "The information in this e-mail and any attachment is
> intended only for the person to whom it is addressed and may contain
> confidential and/or privileged material. If you have received this
> e-mail in error, kindly contact the sender and destroy all copies of the
> original communication. IBS makes no warranty, express or implied, nor
> guarantees the accuracy, adequacy or completeness of the information
> contained in this email or any attachment and is not liable for any
> errors, defects, omissions, viruses or for resultant loss or damage, if
> any, direct or indirect."
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com