| Table of Contents |
|---|
Summary
- Since the earliest releases JOE offers to use an SFTP connection to read and write job-related files on a remote server with JobScheduler Master, for details see
- Starting from
JOE offers use of an increased number of authentication methods, their combination and supports use of an SSH Key Agent.Display feature availability StartingFromRelease 1.12.10 Jira server SOS JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 6dc67751-9d67-34cd-985b-194a8cdc9602 key JOE-286
JOE Profile Window
Using the JOE menu options File->FTP/SFTP->Open Directory opens the profile window.
...
Using the SFTP protocol suggests to specify authentication methods with the SFTP tab of this window.
JOE SFTP Authentication Methods Window
Using the SFTP tab from the Profile Window shows the following tab window:
...
| Note |
|---|
Keep in mind that all authentication methods have to be enabled accordingly with the SSH server in use. If in doubt contact your system administrator to check respective settings in sshd_config and related files. |
Two-factor Authentication
if the respective checkbox is checked then the following behavior applies:
...
- The following SSH setting would force both Public/Private Key and Password or Keyboard Interactive authentication:
AuthenticationMethods publickey,password publickey,keyboard-interactive
No two-factor Authentication
If the respective checkbox is unchecked then the following behavior applies:
- You can specify any of the authentication methods Public/Private Key, Password or Keyboard Interactive provided that the authentication method is enabled with the SSH server.
- Should the SSH server be configured to allow a number of alternative authentication methods then the following behavior applies:
- JOE will try to use Private / Public Key authentication and then Password authentication.
- If the private key matches then authentication is completed and no Password authentication takes place.
- Should Public / Private Key authentication fail but subsequent Password authentication be successful then the user is authenticated.
Public/Private Key related Authentication Methods
Use Key Agent
This method makes use of Public / Private Key authentication and retrieves the private key and optionally its passphrase from an SSH Key Agent.
...
- The password manager KeePass offers installation of an SSH Key Agent plugin that suggests a good match for a secure credential store with SSH Key Agent support.
- SOS performs regular tests for use of JobScheduler components with KeePass and Key Agent.
- Other SSH Key Agent products can be used provided that they are compliant with the SSH Key Agent standard.
Use Private Key File
This method makes use of Public / Private Key authentication and retrieves the private key from the file system location that you specify with JOE.
- The SSH server has to be configured like this:
AuthenticationMethods publickey
- Certainly any additional authentication methods can be specified.
Passphrase Interactive
This setting can be used if the private key file is protected by a passphrase.
JOE forces interactive user input to type the password.
Use Passphrase stored with JOE
This setting can be used if the private key file is protected by a passphrase.
...
This method is not considered a secure way to handle passphrases, however, for uncritical environments you might consider this a viable approach.
Password related Authentication Methods
Keyboard Interactive Authentication Method
This method indicates that the password has to be typed from the keyboard, it cannot be stored with JOE.
- The SSH server has to be configured like this:
ChallengeResponseAuthentication yes
Password Interactive
This method indicates that Password authentication is used, however, the password is not stored with JOE but has to be typed interactively.
- The SSH server has to be configured like this:
PasswordAuthentication yes
Password stored with JOE
This method makes use of Password authentication.
...