Support Questions

Find answers, ask questions, and share your expertise

Using ssh private keys without passphrase in PutSFTP

avatar
Contributor

I am try to connect to sftp via ssh keys. The problem is that the keys provided to me does not have passphrase and NiFi PutSFTP processor is asking for one. I have tried setting the field to an empty string but NiFi is saying that passphrase field cannot be empty.

 

Anyone knows a workaround? I really need to use these ssh keys provided to me. I cannot generate new keys with passphrase.

3 REPLIES 3

avatar
Master Mentor

@lueenavarro 

 

Why would you want to have an unprotected key.  If someone get a hold of it they can use it easily steal from your SFTP server.

You don't need to get a new key.  Instead simply set a password on your existing key for use in NiFi.

ssh-keygen -p -f <existing key file>

above will prompt you for current password (just hit enter) and then for new password twice.

Now you have a protected key to use for connecting to your SFTP server.

 

Hope this helps you,

Matt

avatar
Contributor

Because the keys are not within my control, it was provided to me and should be used as is.

avatar
Master Mentor

@lueenavarro 

 

Using a  key that has no password protection is bad security.  This is why the processor requires a password to protect that key.

Adding a password to the key you were provided does not alter the key nor does it require you to obtain a new key in order to add a password.

Only other option i can suggest is to use an ExecuteStreamCommand or ExecuteScript processor to to execute the SFTP command with your password-less key to put content to your SFTP server.

 

Hope this helps,

Matt