MINA SFTP SSH Security

Back to MINA SFTP Component

This page covers SSH security configuration for the MINA SFTP component, including host key verification, cipher selection, key exchange protocols, and algorithm security recommendations.

Host Key Verification

The MINA SFTP component supports comprehensive host key verification to protect against Man-in-the-Middle (MITM) attacks.

Strict Host Key Checking

When strictHostKeyChecking=yes, the server’s host key must match an entry in the known hosts source:

from("mina-sftp://user@host/path?password=secret&strictHostKeyChecking=yes")
    .to("file:local");

Known Hosts Sources (Priority Order)

The component checks for known hosts in this priority order:

  1. Byte array (knownHosts): Directly configured as byte array

  2. URI/Classpath (knownHostsUri): Loaded from classpath or file URI

  3. File path (knownHostsFile): Loaded from filesystem

  4. User default (useUserKnownHostsFile=true): Uses ~/.ssh/known_hosts

// Custom known hosts file
from("mina-sftp://user@host/path?password=secret&strictHostKeyChecking=yes&knownHostsFile=/path/to/known_hosts")
    .to("file:local");

// Known hosts from classpath
from("mina-sftp://user@host/path?password=secret&strictHostKeyChecking=yes&knownHostsUri=classpath:ssh/known_hosts")
    .to("file:local");

Auto-Create Known Hosts File (Development Only)

For development environments, enable automatic trust-on-first-use:

from("mina-sftp://user@host/path?password=secret&autoCreateKnownHostsFile=true&knownHostsFile=/tmp/dev_known_hosts")
    .to("file:local");
Auto-create weakens security by automatically trusting new hosts. Only use for development.

Disable Host Key Checking (Testing Only)

from("mina-sftp://user@localhost/test?password=secret&strictHostKeyChecking=no&useUserKnownHostsFile=false")
    .to("mock:result");
Disabling host key checking is insecure. Only use for testing.

Certificate-Based Host Verification

For enterprise environments using OpenSSH host certificates, use @cert-authority entries in your known_hosts file:

# Trust this CA for all hosts in example.com domain
@cert-authority *.example.com ssh-rsa AAAAB3NzaC1yc2E... Production CA

# Trust this CA for a specific host
@cert-authority server.example.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5... Specific CA

When both @cert-authority entries and regular host key entries are present:

  • Certificate verification takes precedence if the server presents a certificate and a matching CA exists

  • If certificate verification fails, the connection is rejected (does NOT fall back to regular entries)

  • If the server presents a plain public key, regular known hosts verification is used

Custom ServerKeyVerifier

For advanced use cases, provide a custom ServerKeyVerifier for enterprise key management integration:

ServerKeyVerifier myVerifier = (session, remoteAddress, serverKey) -> {
    return verifyAgainstEnterpriseKeyStore(serverKey);
};
context.getRegistry().bind("myVerifier", myVerifier);
from("mina-sftp://user@host/path?password=secret&serverKeyVerifier=#myVerifier")
    .to("file:local");

When a custom verifier is provided, it is used exclusively — all other host key options are ignored.

Host Key Verification Error Messages

  • Unknown host: Host key verification failed: server 'hostname:port' is not in the known_hosts file.

  • Key mismatch: Host key verification failed: the host key for 'hostname:port' has changed!

  • Untrusted CA: Certificate is signed by untrusted CA.

  • Expired certificate: Host certificate has expired.

  • Principal mismatch: Hostname '<hostname>' is not listed in certificate principals.

Cipher Configuration

Specify which SSH cipher algorithms to use with the ciphers option:

from("mina-sftp://user@host/path?password=secret&ciphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr")
    .to("file:local");

Ciphers are offered to the server in the order specified. The first mutually supported cipher is used.

Available Ciphers

Cipher Name Algorithm Mode Notes

aes128-ctr

AES-128

CTR

Standard, widely supported

aes192-ctr

AES-192

CTR

Standard

aes256-ctr

AES-256

CTR

Recommended for high security

aes128-gcm@openssh.com

AES-128

GCM

Authenticated encryption

aes256-gcm@openssh.com

AES-256

GCM

Recommended - authenticated encryption

chacha20-poly1305@openssh.com

ChaCha20

AEAD

Modern, fast on CPUs without AES-NI

aes128-cbc

AES-128

CBC

Legacy, avoid if possible

aes192-cbc

AES-192

CBC

Legacy

aes256-cbc

AES-256

CBC

Legacy, avoid if possible

3des-cbc

Triple DES

CBC

Deprecated

blowfish-cbc

Blowfish

CBC

Legacy
Unlike JSch, Apache MINA SSHD supports modern algorithms like ChaCha20-Poly1305 and AES-GCM. Invalid cipher names are validated before connecting.

Key Exchange Protocol Configuration

Specify key exchange algorithms with the keyExchangeProtocols option:

from("mina-sftp://user@host/path?password=secret&keyExchangeProtocols=curve25519-sha256,ecdh-sha2-nistp256")
    .to("file:local");

Available Key Exchange Protocols

Protocol Name Description Recommended

curve25519-sha256

Modern Curve25519 with SHA-256

Yes

curve25519-sha256@libssh.org

Curve25519 (libssh.org variant)

Yes

curve448-sha512

Curve448 with SHA-512

Yes

ecdh-sha2-nistp256

ECDH with NIST P-256

Yes

ecdh-sha2-nistp384

ECDH with NIST P-384

Yes

ecdh-sha2-nistp521

ECDH with NIST P-521

Yes

diffie-hellman-group14-sha256

DH Group14 (2048-bit) with SHA-256

Yes

diffie-hellman-group16-sha512

DH Group16 (4096-bit) with SHA-512

Yes

diffie-hellman-group18-sha512

DH Group18 (8192-bit) with SHA-512

Yes

diffie-hellman-group-exchange-sha256

DH Group Exchange with SHA-256

Yes

diffie-hellman-group14-sha1

DH Group14 with SHA-1

Deprecated

diffie-hellman-group1-sha1

DH Group1 (1024-bit) with SHA-1

Deprecated

diffie-hellman-group-exchange-sha1

DH Group Exchange with SHA-1

Deprecated

Server Host Key Configuration

Specify accepted server host key algorithms with serverHostKeys:

from("mina-sftp://user@host/path?password=secret&serverHostKeys=ssh-ed25519,rsa-sha2-512")
    .to("file:local");

Available Server Host Key Algorithms

Algorithm Name Description Recommended

ssh-ed25519

EdDSA Ed25519 (modern, fast)

Yes

rsa-sha2-512

RSA with SHA-512

Yes

rsa-sha2-256

RSA with SHA-256

Yes

ecdsa-sha2-nistp256

ECDSA with NIST P-256

Yes

ecdsa-sha2-nistp384

ECDSA with NIST P-384

Yes

ecdsa-sha2-nistp521

ECDSA with NIST P-521

Yes

ssh-rsa

RSA with SHA-1

Deprecated

ssh-dss

DSA

Deprecated

OpenSSH certificate variants are also supported (e.g., ssh-ed25519-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com).

Algorithm Security Recommendations

Recommended Secure Configuration

from("mina-sftp://user@host/path?password=secret"
    + "&keyExchangeProtocols=curve25519-sha256,ecdh-sha2-nistp256,diffie-hellman-group16-sha512"
    + "&serverHostKeys=ssh-ed25519,rsa-sha2-512,ecdsa-sha2-nistp256"
    + "&ciphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr")
    .to("file:local");

Algorithms to Avoid

Algorithm Reason

diffie-hellman-group1-sha1

1024-bit DH is too weak; SHA-1 is deprecated

diffie-hellman-group14-sha1

SHA-1 is deprecated

ssh-rsa

Uses SHA-1 for signatures

ssh-dss

DSA is deprecated

Compliance Considerations

For FIPS/PCI-DSS compliance:

  • Use only NIST-approved curves (P-256, P-384, P-521) for ECDH and ECDSA

  • Use RSA with SHA-256 or SHA-512

  • Use AES-128 or AES-256 in CTR or GCM mode

  • Avoid Curve25519/Ed25519 if strict FIPS compliance is required

Back to top