[
https://issues.apache.org/jira/browse/SSHD-473?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14569716#comment-14569716
]
Jochen Seliger commented on SSHD-473:
-------------------------------------
Hi Guillaume,
at the moment I'm at home and can't produce a test.
But at the first hand here my explenations:
The server is started with a classe SSH_SERVER main method:
SshServer sshd = SsHServer.setDefaultServer();
sshd.setPasswordAuthenticator((PasswordAuthenticator) new (
SSHDPasswordAuthenticator());
sshd.setPort(8000);
try {
sshd.start():
}
catch ( IOException e){
e.printStackTrace();
}
It will start correctly.
My SSHDPasswordAuthenticator
public class iSSHDPasswordAuthenticator mplements PasswordAuthenticator{
@Override
public boolean authenticate((String arg0, String arg1, ServerSession arg2){
JOptionPane.showMessageDialog(null,
"authentication entered with user " + arg0+ " password " + arg1+" session
" + arg2", "success",
JOptionPane.CLOSED_OPTION);
The Client will be created within my Client_APP s main method under certain
conditions.
Therefo I've build a method CreateSSHClient(){
SshClient client = SshClient.setDefaultClient();
client.start();
try{
ClientSession session = client.connect("Jochen",
"127.0.0.1".8000.await().getSession();
session.addPasswordIdentity("Jochen");
}
catch ( Exception err ){
err.printStaackTraace();
}
session.auth();
ChannelShell ShellChannel = session.createShellChannel();
ShellChannel.open();
This code will lead me to the shell!!
This will succeed if either username at session creation and password at
addPasswordIdentity will be both "Jochen" or both "jochen".
But this is logicaly wrong. First the username at the system , where the shell
will be opened, is "jochen".
Second failure is that both parameters have to be equal. At least at the system,
where the shell should be opened the password of the user "jochen " differs from
the user name (that should be the case for any user at any system).
So there are several failures:
1. The only one username , which should be considered for additional
passwordcheck should be in my case "jochen" (BTW at the log in both name cases
is reported "Jochen@")
2. The PasswordAuthentification (at least should consult the user management of
the servers OS)
3. The requirement that username and password should be equal. is fully rubbish
If you will accept the default PasswordAuthentication as described, you should
decide about the possibility to implement customers Passwordauthenticators.
Regards
Jochen
> PasswordAuthentifikation
> ------------------------
>
> Key: SSHD-473
> URL: https://issues.apache.org/jira/browse/SSHD-473
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 0.14.0
> Environment: Windows 7, Java 8, Eclipse JUNO
> Reporter: Jochen Seliger
> Priority: Critical
>
> I run the sshd and the ssh client both on the windos mashine.
> The sshd I start on port 8000 and with password authentificator ans an own
> atthenicator class, which shall shoe a messagebox when envoced.
> The client I start aftercreating it as SshClient.setUpDefaultClient();
> without stting any factury with the statement ClientSession session =
> client.connect("Jochen","192.168.100.13",8000).await().getSession(); (Jochen
> is an existing user on the mashine).
> But till shellChannel I can proceed only when setting after session creation
> session.addPasswordIdentity("Jochen"); (it is tha same user as provided at
> session creation)
> There is no functionality to set the password.
> The method authPassword is depreciated.
> 1. My first question: How to proceed th use PasswordAuthentification?
> As stated I can proceesd til ssh-Shell, but the server is logging at a first
> run an autentification failure and at a second run authentification success:
> Mai 22, 2015 12:14:21 PM org.apache.sshd.client.session.ClientSessionImpl
> readIdentification
> INFORMATION: Server version string: SSH-2.0-SSHD-CORE-0.14.0
> Mai 22, 2015 12:14:22 PM
> org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier verifyServerKey
> WARNUNG: Server at /192.168.100.13:8000 presented unverified DSA key:
> e4:76:f3:c2:15:64:7f:e4:5f:b7:86:35:a5:3e:85:35
> Mai 22, 2015 12:14:22 PM org.apache.sshd.common.session.AbstractSession
> doHandleMessage
> INFORMATION: Dequeing pending packets
> Mai 22, 2015 12:14:22 PM
> org.apache.sshd.client.session.ClientUserAuthServiceNew processUserAuth
> INFORMATION: Received SSH_MSG_USERAUTH_FAILURE
> Mai 22, 2015 12:14:22 PM
> org.apache.sshd.client.auth.UserAuthKeyboardInteractive process
> INFORMATION: Received Password authentication en-US
> Mai 22, 2015 12:14:22 PM
> org.apache.sshd.client.session.ClientUserAuthServiceNew processUserAuth
> INFORMATION: Received SSH_MSG_USERAUTH_SUCCESS
> ShellChannell opened
> Microsoft Windows [Version 6.0.6001]
> Copyright (c) 2006 Microsoft Corporation. Alle Rechte vorbehalten.
> C:\Users\Jochen\workspace\USF_SSH_WS>
> allthoug I did not provide an password.
> 2. Why thes two runs are processed?
> 3. Why the first run fails and the second one succedes?
> 4. How to proceede to get a functioning password and keypair authentication?
> Regards
> Jochen Seliger
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
