Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Using ssh private keys without passphrase in PutSFTP

Using ssh private keys without passphrase in PutSFTP

Explorer

I am try to connect to sftp via ssh keys. The problem is that the keys provided to me does not have passphrase and NiFi PutSFTP processor is asking for one. I have tried setting the field to an empty string but NiFi is saying that passphrase field cannot be empty.

 

Anyone knows a workaround? I really need to use these ssh keys provided to me. I cannot generate new keys with passphrase.

3 REPLIES 3

Re: Using ssh private keys without passphrase in PutSFTP

Master Guru

@lueenavarro 

 

Why would you want to have an unprotected key.  If someone get a hold of it they can use it easily steal from your SFTP server.

You don't need to get a new key.  Instead simply set a password on your existing key for use in NiFi.

ssh-keygen -p -f <existing key file>

above will prompt you for current password (just hit enter) and then for new password twice.

Now you have a protected key to use for connecting to your SFTP server.

 

Hope this helps you,

Matt

Re: Using ssh private keys without passphrase in PutSFTP

Explorer

Because the keys are not within my control, it was provided to me and should be used as is.

Highlighted

Re: Using ssh private keys without passphrase in PutSFTP

Master Guru

@lueenavarro 

 

Using a  key that has no password protection is bad security.  This is why the processor requires a password to protect that key.

Adding a password to the key you were provided does not alter the key nor does it require you to obtain a new key in order to add a password.

Only other option i can suggest is to use an ExecuteStreamCommand or ExecuteScript processor to to execute the SFTP command with your password-less key to put content to your SFTP server.

 

Hope this helps,

Matt

Don't have an account?
Coming from Hortonworks? Activate your account here