Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSH Verifier is not working when custom SSH Client is used to connect to SFTP #8593

Closed
subrahmanyam5b0 opened this issue Apr 11, 2023 · 1 comment
Closed

SSH Verifier is not working when custom SSH Client is used to connect to SFTP #8593

subrahmanyam5b0 opened this issue Apr 11, 2023 · 1 comment
Labels
status: duplicate There is already an issue similar to this. The link to it should be present

Comments

@subrahmanyam5b0
Copy link

Hi Team,
We are using Spring Integration to connect to Sftp and download file, Unfortunately we have to customize the SshClient due to Key Algorithms at server, we created custom client and configured server verifier to client and created Session factory. Unfortunately we are not able call below method as we are using custom client.

public void setAllowUnknownKeys(boolean allowUnknownKeys) {
Assert.state(this.isInnerClient, "An AcceptAllServerKeyVerifier must be configured on the externally provided SshClient instance");
this.allowUnknownKeys = allowUnknownKeys;
}

During session creation in below line we are again setting the Host Verifier to SSH client with out validating Internal / external client

spring-integration/spring-integration-sftp/src/main/java/org/springframework/integration/sftp/session/DefaultSftpSessionFactory.java

Line 352 in e03d125

this.sshClient.setServerKeyVerifier(serverKeyVerifier);

_private void doInitClient() throws IOException {
if (this.port <= 0) {
this.port = SshConstants.DEFAULT_PORT;
}
ServerKeyVerifier serverKeyVerifier = this.allowUnknownKeys ? AcceptAllServerKeyVerifier.INSTANCE : RejectAllServerKeyVerifier.INSTANCE;
if (this.knownHosts != null) {
serverKeyVerifier = new ResourceKnownHostsServerKeyVerifier(this.knownHosts);
}
this.sshClient.setServerKeyVerifier(serverKeyVerifier);
this.sshClient.setPasswordIdentityProvider(PasswordIdentityProvider.wrapPasswords(this.password));

}_

I believe below has to set only if it is innerClient true
this.sshClient.setServerKeyVerifier(serverKeyVerifier);

Please help to review and suggest.
@artembilan
Copy link
Member

See this one: #8581.

Unfortunately the current GA code comes with a bug where we mutate an externally provided SshClient.
The version with the fix is going to be released in two weeks.
As a workaround I only see the way implement some custom SessionFactory<SftpClient.DirEntry> which is just fully based on an external SshClient.
Or you can use a 6.0.5-SNAPSHOT for now.

Closing this one as a duplicate of the mentioned one.

@artembilan artembilan closed this as not planned Won't fix, can't repro, duplicate, stale Apr 11, 2023
@artembilan artembilan added the status: duplicate There is already an issue similar to this. The link to it should be present label Apr 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: duplicate There is already an issue similar to this. The link to it should be present
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@artembilan @subrahmanyam5b0