[
https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14055169#comment-14055169
]
Guillaume Nodet commented on SSHD-332:
--------------------------------------
It seems to work correctly with jdk8 on os x for me:
{code}
gnodet:(git)mina-sshd[master]/sshd-core$ java -version
java version "1.8.0"
Java(TM) SE Runtime Environment (build 1.8.0-b132)
Java HotSpot(TM) 64-Bit Server VM (build 25.0-b70, mixed mode)
gnodet:(git)mina-sshd[master]/sshd-core$ java -jar
~/Downloads/securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar
19:28:39.483 [main] INFO o.a.sshd.common.util.SecurityUtils - BouncyCastle not
registered, using the default JCE provider
19:28:39.811 [main] DEBUG o.a.sshd.common.io.nio2.Nio2Acceptor - Creating
Nio2Acceptor
19:28:39.813 [main] DEBUG o.a.sshd.common.io.nio2.Nio2Acceptor - Binding
Nio2Acceptor to address 0.0.0.0/0.0.0.0:1111
19:28:42.000 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Creating IoSession on /127.0.0.1:1111 from /127.0.0.1:63195
19:28:42.005 [pool-2-thread-1] INFO o.a.s.server.session.ServerSession -
Server session created from /127.0.0.1:63195
19:28:42.005 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 26 bytes
19:28:42.007 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.015 [pool-2-thread-1] DEBUG o.a.s.server.session.ServerSession - Send
SSH_MSG_KEXINIT
19:28:42.016 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 480 bytes
19:28:42.016 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.017 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session - Read
1853 bytes
19:28:42.017 [pool-2-thread-1] DEBUG o.a.s.server.session.ServerSession -
Client version string: SSH-2.0-OpenSSH_6.4
19:28:42.018 [pool-2-thread-1] DEBUG o.a.s.server.session.ServerSession -
Received SSH_MSG_KEXINIT
19:28:42.018 [pool-2-thread-1] INFO o.a.s.server.session.ServerSession - Kex:
server->client aes128-ctr hmac-md5 none
19:28:42.018 [pool-2-thread-1] INFO o.a.s.server.session.ServerSession - Kex:
client->server aes128-ctr hmac-md5 none
19:28:42.034 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session - Read
80 bytes
19:28:42.034 [pool-2-thread-1] DEBUG org.apache.sshd.server.kex.ECDHP256 -
Received SSH_MSG_KEXDH_INIT
19:28:42.039 [pool-2-thread-1] DEBUG org.apache.sshd.server.kex.ECDHP256 - K_S:
00 00 00 07 73 73 68 2d 64 73 73 00 00 00 81 00 fd 7f 53 81 1d 75 12 29 52 df
4a 9c 2e ec e4 e7 f6 11 b7 52 3c ef 44 00 c3 1e 3f 80 b6 51 26 69 45 5d 40 22
51 fb 59 3d 8d 58 fa bf c5 f5 ba 30 f6 cb 9b 55 6c d7 81 3b 80 1d 34 6f f2 66
60 b7 6b 99 50 a5 a4 9f 9f e8 04 7b 10 22 c2 4f bb a9 d7 fe b7 c6 1b f8 3b 57
e7 c6 a8 a6 15 0f 04 fb 83 f6 d3 c5 1e c3 02 35 54 13 5a 16 91 32 f6 75 f3 ae
2b 61 d7 2a ef f2 22 03 19 9d d1 48 01 c7 00 00 00 15 00 97 60 50 8f 15 23 0b
cc b2 92 b9 82 a2 eb 84 0b f0 58 1c f5 00 00 00 81 00 f7 e1 a0 85 d6 9b 3d de
cb bc ab 5c 36 b8 57 b9 79 94 af bb fa 3a ea 82 f9 57 4c 0b 3d 07 82 67 51 59
57 8e ba d4 59 4f e6 71 07 10 81 80 b4 49 16 71 23 e8 4c 28 16 13 b7 cf 09 32
8c c8 a6 e1 3c 16 7a 8b 54 7c 8d 28 e0 a3 ae 1e 2b b3 a6 75 91 6e a3 7f 0b fa
21 35 62 f1 fb 62 7a 01 24 3b cc a4 f1 be a8 51 90 89 a8 83 df e1 5a e5 9f 06
92 8b 66 5e 80 7b 55 25 64 01 4c 3b fe cf 49 2a 00 00 00 81 00 f6 80 e5 dc c0
b7 da 01 54 0c ed 6d 32 49 41 8a d3 28 65 1f 25 9e 18 7f 76 90 72 91 5e cd 17
98 1e 8d 90 bf 48 47 cc b7 88 e1 f6 1c 6d 5b 45 2a 7d fd f8 06 33 48 9d 72 04
6d 92 1d f1 95 8d 0a 34 77 50 cf de 75 0e f3 2e b4 4c b9 8b e5 f6 40 9e 5b e7
fb 01 4e 25 e3 f9 ac 29 b7 6a 68 be 6c a3 95 5d 81 1c e4 8c 09 71 f0 00 ff f5
c9 8b 97 a0 19 2c 16 74 48 68 50 e8 77 8b 87 86 50 e3 3f
19:28:42.039 [pool-2-thread-1] DEBUG org.apache.sshd.server.kex.ECDHP256 - f:
04 f9 34 65 6a b7 b4 25 a2 45 45 a0 2b c7 b5 9e 82 9b 21 29 4c 27 a5 8f 4c 4b
65 c2 8f b4 bb 07 89 ba 9a ad 80 d9 1d 38 22 4e b1 6a bd 18 5a e3 ca 50 25 99
6f 92 5e 1b b9 45 7d 42 63 75 bf 21 b2
19:28:42.039 [pool-2-thread-1] DEBUG org.apache.sshd.server.kex.ECDHP256 -
sigH: 00 00 00 07 73 73 68 2d 64 73 73 00 00 00 28 4f 53 3e 51 64 51 52 df 7a
63 06 6f 77 c0 ba 4d 09 39 87 5c 90 22 6c 74 09 46 5f bc 04 a5 1a ba b7 c7 a6
26 cf b9 d0 56
19:28:42.039 [pool-2-thread-1] DEBUG org.apache.sshd.server.kex.ECDHP256 - Send
SSH_MSG_KEXDH_REPLY
19:28:42.039 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 584 bytes
19:28:42.039 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.040 [pool-2-thread-1] DEBUG o.a.s.server.session.ServerSession - Send
SSH_MSG_NEWKEYS
19:28:42.040 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 16 bytes
19:28:42.040 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.043 [pool-2-thread-2] DEBUG o.a.sshd.common.io.nio2.Nio2Session - Read
64 bytes
19:28:42.043 [pool-2-thread-2] DEBUG o.a.s.server.session.ServerSession -
Received SSH_MSG_NEWKEYS
19:28:42.047 [pool-2-thread-2] DEBUG o.a.s.server.session.ServerSession -
Received SSH_MSG_SERVICE_REQUEST 'ssh-userauth'
19:28:42.049 [pool-2-thread-2] DEBUG o.a.s.s.s.ServerUserAuthService -
Authorized authentication methods: none
19:28:42.049 [pool-2-thread-2] DEBUG o.a.s.server.session.ServerSession -
Accepted service ssh-userauth
19:28:42.049 [pool-2-thread-2] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 64 bytes
19:28:42.049 [pool-2-thread-2] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.050 [pool-2-thread-3] DEBUG o.a.sshd.common.io.nio2.Nio2Session - Read
64 bytes
19:28:42.050 [pool-2-thread-3] DEBUG o.a.s.s.s.ServerUserAuthService - Received
SSH_MSG_USERAUTH_REQUEST
19:28:42.050 [pool-2-thread-3] DEBUG o.a.s.s.s.ServerUserAuthService -
Authenticating user 'gnodet' with service 'ssh-connection' and method 'none'
19:28:42.051 [pool-2-thread-3] DEBUG o.a.s.s.s.ServerUserAuthService -
Authentication succeeded
19:28:42.051 [pool-2-thread-3] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 48 bytes
19:28:42.051 [pool-2-thread-3] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.059 [pool-2-thread-3] INFO o.a.s.s.s.ServerUserAuthService - Session
gnodet@/127.0.0.1:63195 authenticated
19:28:42.061 [pool-2-thread-3] DEBUG o.a.sshd.common.io.nio2.Nio2Session - Read
64 bytes
19:28:42.061 [pool-2-thread-3] DEBUG o.a.s.s.s.ServerConnectionService -
Received SSH_MSG_CHANNEL_OPEN session
19:28:42.067 [pool-2-thread-3] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 64 bytes
19:28:42.067 [pool-2-thread-3] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.067 [pool-2-thread-4] DEBUG o.a.sshd.common.io.nio2.Nio2Session - Read
384 bytes
19:28:42.068 [pool-2-thread-4] DEBUG o.a.s.server.channel.ChannelSession -
Received SSH_MSG_CHANNEL_REQUEST pty-req on channel ChannelSession[id=0,
recipient=0] (wantReply true)
19:28:42.069 [pool-2-thread-4] DEBUG o.a.s.server.channel.ChannelSession - pty
for channel 0: term=xterm-256color, size=(80 - 24), pixels=(560, 336),
modes=[{VSTOP=19, ONOCR=0, PARENB=0, VKILL=21, INPCK=0, IGNCR=0, CS7=1,
VERASE=127, ONLCR=1, ECHOKE=1, VSTATUS=20, ISTRIP=0, IGNPAR=0, IXOFF=0,
VDSUSP=25, ICANON=1, VEOL=255, IXON=1, IXANY=1, TOSTOP=0, OPOST=1, VEOL2=255,
ECHONL=0, NOFLSH=0, VSUSP=26, CS8=1, VLNEXT=22, INLCR=0, ISIG=1, ECHOCTL=1,
IEXTEN=1, VDISCARD=15, ONLRET=0, VEOF=4, VQUIT=28, VSTART=17, VREPRINT=18,
PARODD=0, IMAXBEL=1, VINTR=3, ICRNL=1, ECHOE=1, OCRNL=0, TTY_OP_ISPEED=9600,
PENDIN=1, ECHOK=0, VWERASE=23, PARMRK=0, ECHO=1, TTY_OP_OSPEED=9600}]
19:28:42.070 [pool-2-thread-4] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 48 bytes
19:28:42.070 [pool-2-thread-4] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.070 [pool-2-thread-4] DEBUG o.a.s.server.channel.ChannelSession -
Received SSH_MSG_CHANNEL_REQUEST shell on channel ChannelSession[id=0,
recipient=0] (wantReply true)
19:28:42.076 [pool-2-thread-4] INFO o.a.s.s.shell.ProcessShellFactory -
Starting shell with command: '[echo]' and env:
{PATH=/opt/local/bin:/opt/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/git/bin:/Users/gnodet/.local/bin:/Users/gnodet/bin:/opt/local/bin:/Users/gnodet/.local/bin:/Users/gnodet/bin,
GREP_OPTIONS=--color=auto, JAVA_MAIN_CLASS_16911=securesshd.SecureSSHD,
JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk1.8.0.jdk/Contents/Home/,
TERM=xterm-256color, LINES=24, MAVEN_OPTS=-Xmx1024m -Xms512m -XX:PermSize=256m
-Djavax.net.ssl.trustStore=/Library/Java/JavaVirtualMachines/1.6.0_65-b14-462.jdk/Contents/Home/lib/security/cacerts,
LOGNAME=gnodet, COLUMNS=80, PWD=/Users/gnodet/work/git/mina-sshd/sshd-core,
TERM_PROGRAM_VERSION=326, _=/usr/bin/java, goals=clean compile test install
package deploy site eclipse:eclipse idea:idea assembly:assembly plexus:app
plexus:bundle-application plexus:bundle-runtime plexus:descriptor
plexus:runtime plexus:service -Pfastinstall -DskipTests, SHELL=/bin/bash,
TERM_PROGRAM=Apple_Terminal, OLDPWD=/Users/gnodet/work/git/mina-sshd,
USER=gnodet, TMPDIR=/var/folders/kc/brgd_5x17_v6fpk7zc117xnw0000gn/T/,
SSH_AUTH_SOCK=/tmp/launch-4RZXiw/Listeners,
TERM_SESSION_ID=3539CD92-DF51-4E23-B52E-E19EF4146498,
M2_HOME=/opt/local/share/java/maven3, __CF_USER_TEXT_ENCODING=0x1F5:0:0,
Apple_PubSub_Socket_Render=/tmp/launch-s6YhYV/Render, __CHECKFIX1436934=1,
LC_CTYPE=UTF-8, HOME=/Users/gnodet, SHLVL=1}
19:28:42.082 [pool-2-thread-4] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 48 bytes
19:28:42.082 [pool-3-thread-1] DEBUG o.a.s.server.channel.ChannelSession - Send
SSH_MSG_CHANNEL_DATA on channel 0
19:28:42.082 [pool-2-thread-4] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.082 [pool-3-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 48 bytes
19:28:42.082 [pool-3-thread-1] DEBUG o.a.s.server.channel.ChannelSession - Send
SSH_MSG_CHANNEL_EOF on channel ChannelSession[id=0, recipient=0]
19:28:42.082 [pool-2-thread-5] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.083 [pool-3-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 48 bytes
19:28:42.083 [pool-3-thread-1] DEBUG o.a.s.server.channel.ChannelSession - Send
SSH_MSG_CHANNEL_REQUEST exit-status on channel 0
19:28:42.083 [pool-2-thread-6] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.083 [pool-3-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 64 bytes
19:28:42.083 [pool-3-thread-1] DEBUG o.a.s.server.channel.ChannelSession -
Closing ChannelSession[id=0, recipient=0] gracefully
19:28:42.083 [pool-2-thread-7] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.086 [pool-3-thread-1] DEBUG o.a.s.server.channel.ChannelSession - Send
SSH_MSG_CHANNEL_CLOSE on channel ChannelSession[id=0, recipient=0]
19:28:42.086 [pool-3-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 48 bytes
19:28:42.086 [pool-2-thread-8] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.086 [pool-2-thread-9] DEBUG o.a.sshd.common.io.nio2.Nio2Session - Read
96 bytes
19:28:42.087 [pool-2-thread-9] DEBUG o.a.s.server.channel.ChannelSession -
Received SSH_MSG_CHANNEL_CLOSE on channel ChannelSession[id=0, recipient=0]
19:28:42.087 [pool-3-thread-1] DEBUG o.a.s.server.channel.ChannelSession -
Message SSH_MSG_CHANNEL_CLOSE written on channel ChannelSession[id=0,
recipient=0]
19:28:42.087 [pool-2-thread-9] DEBUG o.a.s.server.channel.ChannelSession -
ChannelSession[id=0, recipient=0] is already closing
19:28:42.087 [pool-2-thread-9] DEBUG o.a.s.server.session.ServerSession -
Received SSH_MSG_DISCONNECT (reason=11, msg=disconnected by user)
19:28:42.087 [pool-2-thread-9] DEBUG o.a.s.server.session.ServerSession -
Closing ServerSession[gnodet@/127.0.0.1:63195] immediately
19:28:42.087 [pool-2-thread-9] DEBUG o.a.s.s.s.ServerConnectionService -
Closing ServerConnectionService immediately
19:28:42.088 [pool-2-thread-9] DEBUG o.a.s.s.s.ServerConnectionService -
ServerConnectionService closed
19:28:42.088 [pool-2-thread-9] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Closing Nio2Session[local=/127.0.0.1:1111, remote=/127.0.0.1:63195] immediately
19:28:42.089 [pool-3-thread-1] DEBUG o.a.s.server.channel.ChannelSession -
ChannelSession[id=0, recipient=0] closed
19:28:42.089 [pool-2-thread-9] DEBUG o.a.s.server.session.ServerSession -
ServerSession[gnodet@/127.0.0.1:63195] is already closing
19:28:42.089 [pool-2-thread-9] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Nio2Session[local=/127.0.0.1:1111, remote=/127.0.0.1:63195] closed
19:28:42.089 [pool-2-thread-9] DEBUG o.a.s.server.session.ServerSession -
ServerSession[gnodet@/127.0.0.1:63195] closed
19:28:42.089 [pool-2-thread-9] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
IoSession has been closed, stop reading
{code}
> Nio2 & security
> ---------------
>
> Key: SSHD-332
> URL: https://issues.apache.org/jira/browse/SSHD-332
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 0.11.0
> Environment: Oracle Java 8
> Reporter: Gaƫl Lalire
> Attachments: securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar,
> securesshd.zip
>
> Original Estimate: 96h
> Remaining Estimate: 96h
>
> I don't know if it is a JVM bug or normal behavior but a ProtectionDomain
> with no permission is associated with completionHandler thread by
> sun.misc.InnocuousThread class.
> As a result if a security manager is set all code in completionHandler has no
> permission (event if policy grants all permission).
> If the behavior of JVM is correct then you should add
> AccessController.doPrivileged() when entering completionHandler.
> You can also check if a SecurityManager is set and run without Nio2 as a
> quick fix.
>
--
This message was sent by Atlassian JIRA
(v6.2#6252)
