Upload file to SFTP server accessible via another SSH/SFTP server only

2
votes

There is a use case, where I have to:

  1. Generate a file in my application, on an application server. Lets call this a machine as A*. (This is where my Java code runs, to generate files)
  2. From the application itself, I wish to transfer this file using SFTP to a white-listed Server B, at a fixed path (say /home/fixed/file.xlsx)

Point 1 and 2 are straight-forward.

There is now an external Server C (whose credentials I am provided with)

  1. Now, application is running on server A.
  2. File is now in Server B at ==> /home/fixed/file.xlsx.
  3. I have to transfer file from Server B to Server C, via SFTP.

How can I achieve this multiple hopped SFTP transfers?

(File is not needed on B, once sent successfully to C)

EDIT: Martin Prikryl's answer helped me achieve this.

@Override
  public void createOurChannel(Path lastModifiedBankFile) {
    LOG.info("Initiating SFTP for white-listed Server B for file: {}",
        lastModifiedBankFile);
    String host = properties.getServerBSftpHost();
    String port = properties.getServerBSftpPort();
    String password = properties.getServerBSftpPassword();
    String username = properties.getServerBSftpUsername();

    Session session = null;
    try {
      JSch ssh = new JSch();
      JSch.setConfig("StrictHostKeyChecking", "no");
      session = ssh.getSession(username, host, Integer.parseInt(port));
      session.setPassword(password);
      session.connect();

      this.sendFileToBank(lastModifiedBankFile, session, ssh);
    } catch (JSchException e) {
      LOG.error("Jsch Exception occurred while SFTP.", e);
    } finally {
      if (session != null && session.isConnected())
        session.disconnect();
      LOG.info("Successfully disconnected from SFTP. {}");
    }
  }

  @Override
  public void sendFileToBank(Path lastModifiedBankFile, Session session, JSch ssh) {

    Session sessionBank = null;
    Channel channelBank = null;
    ChannelSftp channelSftp = null;
    String host = properties.getBankSftpHost();
    String port = properties.getBankSftpPort();
    String password = properties.getBankSftpPassword();
    String username = properties.getBankSftpUsername();
    String bankSftpDir = properties.getBankSftpEmiDir();
    try {
      int portForwarded = 2222;
      session.setPortForwardingL(portForwarded, host, Integer.parseInt(port));

      sessionBank = ssh.getSession(username, "localhost", portForwarded);
      sessionBank.setPassword(password);
      sessionBank.connect();

      channelBank = sessionBank.openChannel("sftp");
      channelBank.connect();
      channelSftp = (ChannelSftp) channelBank;

      channelSftp.put(lastModifiedBankFile.toAbsolutePath().toString(),
          bankSftpDir + lastModifiedBankFile.getFileName().toString());
      channelSftp.exit();
    } catch (JSchException e) {
      LOG.error("Jsch Exception occurred while SFTP.", e);
    } catch (SftpException e) {
      LOG.error("SFTP Exception occurred while SFTP.", e);
    } finally {
      if (channelBank != null && channelBank.isConnected())
        channelBank.disconnect();
      if (sessionBank != null && sessionBank.isConnected())
        sessionBank.disconnect();
    }
  }
1
javasshspring-integrationsftpspring-integration-sftp

1 Answers

2
votes

Use an SSH tunnel, aka local port forwarding, to open an SSH/SFTP connection to C via B. Then you can directly upload the file to C from your local machine (A), without uploading it first to B:

Session sessionB = jsch.getSession("usernameB", "hostB", 22);
// ...
sessionB.connect();

int forwardedPort = 2222; // any port number which is not in use on the local machine
sessionB.setPortForwardingL(forwardedPort, "hostC", 22);

Session sessionC = jsch.getSession("usernameC", "localhost", forwardedPort);
// ...
sessionC.connect();

Channel channel = sessionC.openChannel("sftp");
channel.connect();
ChannelSftp channelSftp = (ChannelSftp)channel;           

channelSftp.put("C:\\local\\path\\file.txt", "/remote/path/on/C/file.txt");

Obligatory note: Do not use StrictHostKeyChecking=no. You are losing security by doing so. See How to resolve Java UnknownHostKey, while using JSch SFTP library?