[
https://issues.apache.org/jira/browse/SSHD-700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15529805#comment-15529805
]
Li Fangning commented on SSHD-700:
----------------------------------
Hi, Goldstein
Thank you very much for reviewing my code.
I really appreciate it.
When I started using Apache SSHD a few months ago, due to a lack of
documentation, I could only use it by learning test cases and constant attempts.
Today I found the professional guidance document has been provided, and
sincerely happy. Thanks for all your efforts.
I made modifications to my code based on your comments, and re-run it with SSHD
1.4.0-snapshot, the problem remains.
And I have some questions:
1. I would have liked to use the SSH Client singleton, but some configurations
may not share for different server shells. If I configure the agentFactory for
the client instance, but the user do not provide agent forward property within
server connection, an exception may throw. In addition, I also worry about
thread safety for the client object, the "SSH_AUTH_SOCK" property must not be
mixed for different users. So I prefer to use different SshClient object for
each server shell, and close it after the client session is closed.
2. If the "channel.setAgentForwarding(true)" is not invoked, the keys won't be
forwarded to the next host when I use "ssh -A nextHost" (The "SSH_AUTH_SOCK"
system environment variable won't be set).
3. I have tried the UnixAgentFactory with tomcat jni and APR library in Linux
server, but the problem is still there. I usually coding on Windows, and the
ProxyAgentFactory indeed work for the standard agent forwarding
([email protected]).
The attached file "environment.png" is my environment to reproduce the problem.
I use Mina SSHD to develop a SSH jump server.
If it is not clear enough, please let me know.
Thanks a lot.
> SSHD does not suppot agent forwarding for XShell and XAgent
> -----------------------------------------------------------
>
> Key: SSHD-700
> URL: https://issues.apache.org/jira/browse/SSHD-700
> Project: MINA SSHD
> Issue Type: New Feature
> Affects Versions: 1.2.0
> Environment: Windows 10 and CentOS 7
> XShell 5.0
> Reporter: Li Fangning
> Priority: Minor
> Attachments: SshdTest2.java, SshdTest3.java, debug.log
>
>
> I use MINA SSHD for both server side and client side:
> SSH client --> MINA SSHD Server - MINA SSHD Client --> Target Linux Server
> I use XShell (http://www.netsarang.com/) as SSH client, and use XAgent with
> XShell for target server authentication (Public Key Access with Agent
> Forwarding).
> I have tried PuTTY (with pagent), SecureCRT, and openssh client in linux,
> they are all passed. But when I try XShell with XAgent, the agent forwarding
> phase is failed.
> When I check the debug log and source code of MINA SSHD, I find that SSHD
> only handle the "[email protected]" request type (in
> org.apache.sshd.server.channel.ChannelSession#handleInternalRequest), which
> is OK for PuTTY, SecureCRT and openssh client. But XShell send a
> "auth-agent-req" request (without "@openssh.com"), so SSHD not handle the
> request.
> I have try to change the source code, add "auth-agent-req" to the
> "switch-case" in handleInternalRequest, but the authentication is blocked.
> I have attached my code, please help me solve the problem.
> Thanks a lot.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
