AnsweredAssumed Answered

configuring two factor authentication SFTP

Question asked by pedro-sittard-geleen on Apr 19, 2017
Latest reply on Apr 21, 2017 by Seenu_Mathew

I have been asked to setup an SFTP connection to our supplier trough the api gateway.

 

I managed to make  a listen port (SSH 2) and associated the port with an published policy.

 

The policy is configured to route the ssh request to the supplier external host. It got the following assertions:

  • Configure Message Routing
  • Require SSH Credentials
  • Route via SFTP
    • Authentication: "Pass through username and password credentials in request".

 

The connection seemed to work well during testing with username and password or username and private key for authentication. Now our supplier wants us to  user username, password and private key (two factor authentication) tot take it into production. It seems that I'm not able to make it work with a two factor authentication.

 

When ever I try to make the connection, the following message is given in the audit logs "No user name found for passing through to SSH server". Its like the api gateway drops the username when using private key and password.

 

Does anyone has an idea how to make it work. If not. Is it possible to just use the raw TCP assertion to route the sftp messages?

 

I created a new listen port (RAW TCP) and associated it with  an policy containing the Route via RAW tcp.  This time when I try to connect with  the sftp client it wont even connect. Not seeing anything in the logs.

Outcomes