Support Questions

VidyaSargur · ‎02-02-2020

I am try to connect to sftp via ssh keys. The problem is that the keys provided to me does not have passphrase and NiFi PutSFTP processor is asking for one. I have tried setting the field to an empty string but NiFi is saying that passphrase field cannot be empty.

Anyone knows a workaround? I really need to use these ssh keys provided to me. I cannot generate new keys with passphrase.

MattWho · ‎02-03-2020

@lueenavarro

Why would you want to have an unprotected key. If someone get a hold of it they can use it easily steal from your SFTP server.

You don't need to get a new key. Instead simply set a password on your existing key for use in NiFi.

ssh-keygen -p -f <existing key file>

above will prompt you for current password (just hit enter) and then for new password twice.

Now you have a protected key to use for connecting to your SFTP server.

Hope this helps you,

Matt

lueenavarro · ‎02-04-2020

Because the keys are not within my control, it was provided to me and should be used as is.

MattWho · ‎02-04-2020

@lueenavarro

Using a key that has no password protection is bad security. This is why the processor requires a password to protect that key.

Adding a password to the key you were provided does not alter the key nor does it require you to obtain a new key in order to add a password.

Only other option i can suggest is to use an ExecuteStreamCommand or ExecuteScript processor to to execute the SFTP command with your password-less key to put content to your SFTP server.

Hope this helps,

Matt

Cloudera Community

Support Questions

Using ssh private keys without passphrase in PutSFTP