Search code examples
javaspring-integrationsftpprivate-keyspring-integration-sftp

Spring Integration SFTP: Using PrivateKey Credentials

I had a few hickups setting up private keys for Spring Integration SFTP.

Thought I may share my findings here.

I read elsewhere that I should parameterize the JSch object with the private key. This, however, is not working:

 private SessionFactory<ChannelSftp.LsEntry> createSftpSessionFactoryForPrivateKeyCredentials(
      SftpProperties sftpProperties, String sftpUser, String privateKey) throws JSchException {

    byte[] privateKeyBytes = privateKey.getBytes(StandardCharsets.UTF_8);
    JSch javaSecureChannel = javaSecureChannelForPrivateKey(privateKeyBytes);
    DefaultSftpSessionFactory factory = new DefaultSftpSessionFactory(javaSecureChannel, true);
    return setCommonConfigProperties(factory, sftpProperties, sftpUser);
  }

  private JSch javaSecureChannelForPrivateKey(byte[] privateKey) throws JSchException {
    JSch javSecureChannel = new JSch();
    javSecureChannel.addIdentity("key", privateKey, /* public key */
        null, /* private key password */ null);
    return javSecureChannel;
  }

Resulting Exception:

Caused by: java.lang.IllegalStateException: failed to create SFTP Session
    at org.springframework.integration.sftp.session.DefaultSftpSessionFactory.getSession(DefaultSftpSessionFactory.java:404)
    at org.springframework.integration.sftp.session.DefaultSftpSessionFactory.getSession(DefaultSftpSessionFactory.java:61)
    at org.springframework.integration.file.remote.session.CachingSessionFactory$1.createForPool(CachingSessionFactory.java:85)
    at org.springframework.integration.file.remote.session.CachingSessionFactory$1.createForPool(CachingSessionFactory.java:82)
    at org.springframework.integration.util.SimplePool.doGetItem(SimplePool.java:200)
    at org.springframework.integration.util.SimplePool.getItem(SimplePool.java:181)
    ... 32 more
Caused by: java.lang.IllegalArgumentException: either a password or a private key is required
    at org.springframework.util.Assert.isTrue(Assert.java:121)
    at org.springframework.integration.sftp.session.DefaultSftpSessionFactory.initJschSession(DefaultSftpSessionFactory.java:418)
    at org.springframework.integration.sftp.session.DefaultSftpSessionFactory.getSession(DefaultSftpSessionFactory.java:393)
    ... 37 more
Solution

  • The solution is to instead set the private key for the session factory:

    DefaultSftpSessionFactory factory = new DefaultSftpSessionFactory(new JSch(), true);
byte[] privateKeyBytes = privateKey.getBytes(StandardCharsets.UTF_8);
factory.setPrivateKey(new ByteArrayResource(privateKeyBytes));
return setCommonConfigProperties(factory, sftpProperties, sftpUser);