[
https://issues.apache.org/jira/browse/SSHD-473?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14570982#comment-14570982
]
Jochen Seliger commented on SSHD-473:
-------------------------------------
Hi Guillaume,
your test scripts are describing, that you've used in all test cases for
PasswordAuthentication the same strings for user and password, and I've writte
you,that in all my test cases when this equableness was given, the connection
was authenticated. independently which user+password was used. That was fact,
all though, or because my SSHDPasswordAuthenticator was not called. That means
that either another authenticator (not mine) or a wrong code was called.
This logic is making your test results untrustable.
A question for me is, why the session.addPassword()-Method was depreciated.
What is the intention behind?
Who and with which intention has set the same variables for user and password
(should the PasswordIdentity really hold the password, or is there something
mixed?) in your tests?
There is the requirement to implement a customerPasswordAuthenticator. Why my
SSHDPasswordAuthenticator is never called?
It seems that the logical concepts for this communication are not quite clear.
Please let me know how this communication should work and please give me some
advice, how to build e well working logic.
Regards
Jochen
> PasswordAuthentifikation
> ------------------------
>
> Key: SSHD-473
> URL: https://issues.apache.org/jira/browse/SSHD-473
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 0.14.0
> Environment: Windows 7, Java 8, Eclipse JUNO
> Reporter: Jochen Seliger
> Priority: Critical
> Attachments: SSHDPasswordAuthenticator.java, SSH_SERVER.java
>
>
> I run the sshd and the ssh client both on the windos mashine.
> The sshd I start on port 8000 and with password authentificator ans an own
> atthenicator class, which shall shoe a messagebox when envoced.
> The client I start aftercreating it as SshClient.setUpDefaultClient();
> without stting any factury with the statement ClientSession session =
> client.connect("Jochen","192.168.100.13",8000).await().getSession(); (Jochen
> is an existing user on the mashine).
> But till shellChannel I can proceed only when setting after session creation
> session.addPasswordIdentity("Jochen"); (it is tha same user as provided at
> session creation)
> There is no functionality to set the password.
> The method authPassword is depreciated.
> 1. My first question: How to proceed th use PasswordAuthentification?
> As stated I can proceesd til ssh-Shell, but the server is logging at a first
> run an autentification failure and at a second run authentification success:
> Mai 22, 2015 12:14:21 PM org.apache.sshd.client.session.ClientSessionImpl
> readIdentification
> INFORMATION: Server version string: SSH-2.0-SSHD-CORE-0.14.0
> Mai 22, 2015 12:14:22 PM
> org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier verifyServerKey
> WARNUNG: Server at /192.168.100.13:8000 presented unverified DSA key:
> e4:76:f3:c2:15:64:7f:e4:5f:b7:86:35:a5:3e:85:35
> Mai 22, 2015 12:14:22 PM org.apache.sshd.common.session.AbstractSession
> doHandleMessage
> INFORMATION: Dequeing pending packets
> Mai 22, 2015 12:14:22 PM
> org.apache.sshd.client.session.ClientUserAuthServiceNew processUserAuth
> INFORMATION: Received SSH_MSG_USERAUTH_FAILURE
> Mai 22, 2015 12:14:22 PM
> org.apache.sshd.client.auth.UserAuthKeyboardInteractive process
> INFORMATION: Received Password authentication en-US
> Mai 22, 2015 12:14:22 PM
> org.apache.sshd.client.session.ClientUserAuthServiceNew processUserAuth
> INFORMATION: Received SSH_MSG_USERAUTH_SUCCESS
> ShellChannell opened
> Microsoft Windows [Version 6.0.6001]
> Copyright (c) 2006 Microsoft Corporation. Alle Rechte vorbehalten.
> C:\Users\Jochen\workspace\USF_SSH_WS>
> allthoug I did not provide an password.
> 2. Why thes two runs are processed?
> 3. Why the first run fails and the second one succedes?
> 4. How to proceede to get a functioning password and keypair authentication?
> Regards
> Jochen Seliger
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
