Skip to content

CAMEL-23404: Improve SFTP security documentation and add strictHostKeyChecking policy enforcement#23143

Merged
davsclaus merged 3 commits into
mainfrom
worktree-fix+CAMEL-23404
May 12, 2026
Merged

CAMEL-23404: Improve SFTP security documentation and add strictHostKeyChecking policy enforcement#23143
davsclaus merged 3 commits into
mainfrom
worktree-fix+CAMEL-23404

Conversation

@davsclaus
Copy link
Copy Markdown
Contributor

@davsclaus davsclaus commented May 12, 2026

Summary

Improves documentation and adds security policy enforcement for the strictHostKeyChecking parameter in the SFTP component, as requested in CAMEL-23404.

Changes

1. Security Annotation (BaseSftpConfiguration.java)

  • Added security = "insecure:ssl" to the strictHostKeyChecking parameter annotation
  • Enhanced the description to explicitly warn about MITM vulnerability when set to no
  • This enables the security policy framework to warn/fail when strictHostKeyChecking=no is used in production

2. Documentation (sftp-component.adoc)

  • Added new "Security Best Practices: Host Key Verification" section
  • Included WARNING admonition about the insecure default (strictHostKeyChecking=no)
  • Provided multiple examples showing secure configuration patterns:
    • Using knownHostsFile with strictHostKeyChecking=yes
    • Using knownHostsUri for classpath-loaded known hosts
    • Relying on ~/.ssh/known_hosts (default behavior)
  • Explained the relationship with the security policy enforcement framework

3. Generated Metadata (sftp.json)

  • Regenerated component metadata to include the security: "insecure:ssl" attribute
  • Updated parameter description in the JSON metadata

Test Plan

  • Built camel-ftp-common and camel-ftp modules successfully
  • Unit tests pass (56 tests run, 0 failures)
  • Code generation executed successfully
  • Verified generated JSON includes security attribute
  • Manual verification: test SFTP connection with strictHostKeyChecking=yes (requires SFTP server)
  • Security policy framework integration test (requires camel.security.insecureSslPolicy=fail)

Documentation

Documentation has been enhanced with:

  • Clear warning about the security implications of the default value
  • Multiple secure configuration examples
  • Explanation of host key verification
  • Links to security policy framework documentation

🤖 Generated with Claude Code on behalf of Claus Ibsen

@davsclaus davsclaus force-pushed the worktree-fix+CAMEL-23404 branch from 85f720f to fc5c2c3 Compare May 12, 2026 09:56
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 12, 2026

🌟 Thank you for your contribution to the Apache Camel project! 🌟
🤖 CI automation will test this PR automatically.

🐫 Apache Camel Committers, please review the following items:

  • First-time contributors require MANUAL approval for the GitHub Actions to run
  • You can use the command /component-test (camel-)component-name1 (camel-)component-name2.. to request a test from the test bot although they are normally detected and executed by CI.
  • You can label PRs using skip-tests and test-dependents to fine-tune the checks executed by this PR.
  • Build and test logs are available in the summary page. Only Apache Camel committers have access to the summary.

⚠️ Be careful when sharing logs. Review their contents before sharing them publicly.

@davsclaus
CAMEL-23404: Improve SFTP security documentation and add strictHostKe…
1d43a90 
…yChecking policy enforcement

- Added security="insecure:ssl" annotation to strictHostKeyChecking parameter
- Enhanced parameter description to warn about MITM vulnerability when disabled
- Added comprehensive Security Best Practices section to sftp-component.adoc
- Documented recommended secure configuration patterns with examples
- Generated metadata now includes security policy enforcement for strictHostKeyChecking

Signed-off-by: Claus Ibsen <claus.ibsen@gmail.com>
@davsclaus davsclaus force-pushed the worktree-fix+CAMEL-23404 branch from fc5c2c3 to 1d43a90 Compare May 12, 2026 10:30
@davsclaus
CAMEL-23404: Add component-level host key verification options to Sft…
b83fcc9 
…pComponent

- Added 6 component-level properties for global host key verification configuration:
  * strictHostKeyChecking (with security="insecure:ssl" annotation)
  * knownHostsFile
  * knownHostsUri
  * knownHosts (byte array)
  * useUserKnownHostsFile
  * autoCreateKnownHostsFile
- Component settings are applied as defaults during endpoint creation
- Endpoint URI parameters can override component-level settings
- Updated documentation with global configuration examples (Java and Spring Boot)
- Generated component metadata and configurer updated automatically

Signed-off-by: Claus Ibsen <claus.ibsen@gmail.com>
@davsclaus
Copy link
Copy Markdown
Contributor Author

davsclaus commented May 12, 2026

Added host key security options on component level so it can be configured globally and much easier

@davsclaus
CAMEL-23404: Regenerate mina-sftp and sensitive-keys metadata after B…
c5b21f8 
…aseSftpConfiguration changes

The full reactor build regenerated:
- mina-sftp component metadata (inherits strictHostKeyChecking security annotation)
- sensitive-keys catalog (adds knownhosts* fields)
- SensitiveUtils patterns (adds knownhosts* to sensitive key patterns)

These changes were missed in the module-scoped builds and are now included.

Signed-off-by: Claus Ibsen <claus.ibsen@gmail.com>
@davsclaus davsclaus force-pushed the worktree-fix+CAMEL-23404 branch from a9cc86d to c5b21f8 Compare May 12, 2026 14:34
@davsclaus davsclaus merged commit 0995b71 into main May 12, 2026
4 of 7 checks passed
@davsclaus davsclaus deleted the worktree-fix+CAMEL-23404 branch May 12, 2026 15:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@oscerd oscerd oscerd approved these changes

@Croway Croway Croway approved these changes

Assignees

No one assigned

Labels

catalog components core docs dsl

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@davsclaus @oscerd @Croway