[
https://issues.apache.org/jira/browse/SSHD-1177?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Steven updated SSHD-1177:
-------------------------
Description:
Our application has a requirement to connect through a proxy and execute SFTP
commands.
My question is 1) Am I using the proxy jump correctly? and 2) If I am, is this
a bug?
This example works correctly:
{\{ SshClient client = SshClient.setUpDefaultClient();}}
\{{ client.start();}}
{\{ try (ClientSession session = client.connect("<USER_NAME>", "<HOST_ONE>",
22)}}
\{{ .verify(1000*1000).getSession()) {}}
{{ assertNotNull(session);}}
{{ session.addPasswordIdentity("<PASSWORD>");}}
{{ session.auth().verify(1000*30);}}
{{ assertTrue(session.isAuthenticated());}}
{{ System.out.println(session.isAuthenticated());}}
{\{ } catch (IOException e) {}}
{{ e.printStackTrace();}}
\{{ }}}
\{{}}
This example fails with "org.apache.sshd.common.SshException: No more
authentication methods available"
{\{ SshClient client = SshClient.setUpDefaultClient();}}
\{{ client.start();}}
{\{ try (ClientSession session = client.connect(new HostConfigEntry("",
"<HOST_ONE>", 22,}}
\{{ "<USER_NAME>", "<USER_NAME>" + "@" + "<HOST_TWO>" + ":" + "22"))}}
\{{ .verify(1000*1000).getSession()) {}}
{{ assertNotNull(session);}}
{{ session.addPasswordIdentity("<PASSWORD>");}}
{{ session.auth().verify(1000*30);}}
{{ assertTrue(session.isAuthenticated());}}
{{ System.out.println(session.isAuthenticated());}}
\{{ } catch (IOException e) \{ }}
{{ e.printStackTrace();}}
\{{ } }}
Stack trace:
org.apache.sshd.common.SshException: No more authentication methods available
at
org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:126)
at
org.apache.sshd.client.future.DefaultConnectFuture.verify(DefaultConnectFuture.java:42)
at
org.apache.sshd.client.future.DefaultConnectFuture.verify(DefaultConnectFuture.java:34)
at
com.precisely.SFTPClient.AppTest.testSshConnectionWithProxyJump(AppTest.java:75)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at junit.framework.TestCase.runTest(TestCase.java:154)
at junit.framework.TestCase.runBare(TestCase.java:127)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:118)
at junit.framework.TestSuite.runTest(TestSuite.java:208)
at junit.framework.TestSuite.run(TestSuite.java:203)
at
org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:124)
at
org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:41)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:541)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:763)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:463)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:209)
Caused by: org.apache.sshd.common.SshException: No more authentication methods
available
at
org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:353)
at
org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:288)
at
org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:225)
at
org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:503)
at
org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:429)
at
org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1466)
at
org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:389)
at
org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)
at org.apache.sshd.mina.MinaService.messageReceived(MinaService.java:156)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:997)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:641)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1300(DefaultIoFilterChain.java:48)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:1114)
at
org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:121)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:641)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:634)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:539)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor.access$1200(AbstractPollingIoProcessor.java:68)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.process(AbstractPollingIoProcessor.java:1241)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.process(AbstractPollingIoProcessor.java:1230)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:683)
at
org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
I was following this sample code here:
[https://github.com/apache/mina-sshd/blob/master/docs/internals.md#ssh-jumps]
I tried to dig into it a bit, and it looks like when we call SshClient.connect
the code ends up also attempting to authenticate (hence the "No more
authentication methods available" exception message). In the first example we
don't attempt to authenticate until we actually call ClientSession.auth.
In both of machines I've tried I'm able to use a terminal to connect with a
proxy jump and it works successfully.
(e.g. {{ssh -J user@<bastion:port> <user@remote:port>}})
was:
Our application has a requirement to connect through a proxy and execute SFTP
commands.
My question is 1) Am I using the proxy jump correctly? and 2) If I am, is this
a bug?
This example works correctly:
{{ SshClient client = SshClient.setUpDefaultClient();}}
{{ client.start();}}
{{ try (ClientSession session = client.connect("<USER_NAME>", "<HOST_ONE>",
22)}}
{{ .verify(1000*1000).getSession()) {}}
{{ assertNotNull(session);}}
{{ session.addPasswordIdentity("<PASSWORD>");}}
{{ session.auth().verify(1000*30);}}
{{ assertTrue(session.isAuthenticated());}}
{{ System.out.println(session.isAuthenticated());}}
{{ } catch (IOException e) {}}
{{ e.printStackTrace();}}
{{ }}}
{{}}
This example fails with "org.apache.sshd.common.SshException: No more
authentication methods available"
{{ SshClient client = SshClient.setUpDefaultClient();}}
{{ client.start();}}
{{ try (ClientSession session = client.connect(new HostConfigEntry("",
"<HOST_ONE>", 22,}}
{{ "<USER_NAME>", "<USER_NAME>" + "@" + "<HOST_TWO>" + ":" + "22"))}}
{{ .verify(1000*1000).getSession()) {}}
{{ assertNotNull(session);}}
{{ session.addPasswordIdentity("<PASSWORD>");}}
{{ session.auth().verify(1000*30);}}
{{ assertTrue(session.isAuthenticated());}}
{{ System.out.println(session.isAuthenticated());}}
{{ } catch (IOException e) { }}
{{ e.printStackTrace();}}
{{ } }}
Stack trace:
org.apache.sshd.common.SshException: No more authentication methods available
at
org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:126)
at
org.apache.sshd.client.future.DefaultConnectFuture.verify(DefaultConnectFuture.java:42)
at
org.apache.sshd.client.future.DefaultConnectFuture.verify(DefaultConnectFuture.java:34)
at
com.precisely.SFTPClient.AppTest.testSshConnectionWithProxyJump(AppTest.java:75)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at junit.framework.TestCase.runTest(TestCase.java:154)
at junit.framework.TestCase.runBare(TestCase.java:127)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:118)
at junit.framework.TestSuite.runTest(TestSuite.java:208)
at junit.framework.TestSuite.run(TestSuite.java:203)
at
org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:124)
at
org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:41)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:541)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:763)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:463)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:209)
Caused by: org.apache.sshd.common.SshException: No more authentication methods
available
at
org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:353)
at
org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:288)
at
org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:225)
at
org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:503)
at
org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:429)
at
org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1466)
at
org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:389)
at
org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)
at org.apache.sshd.mina.MinaService.messageReceived(MinaService.java:156)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:997)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:641)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1300(DefaultIoFilterChain.java:48)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:1114)
at
org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:121)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:641)
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:634)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:539)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor.access$1200(AbstractPollingIoProcessor.java:68)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.process(AbstractPollingIoProcessor.java:1241)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.process(AbstractPollingIoProcessor.java:1230)
at
org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:683)
at
org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
I was following this sample code here:
[https://github.com/apache/mina-sshd/blob/master/docs/internals.md#ssh-jumps]
I tried to dig into it a bit, and it looks like when we call SshClient.connect
the code ends up also attempting to authenticate (hence the "No more
authentication methods available" exception message). In the first example we
don't attempt to authenticate until we actually call ClientSession.auth.
> SshClient connect method throws exception when called with HostConfigEntry
> using proxy jump
> -------------------------------------------------------------------------------------------
>
> Key: SSHD-1177
> URL: https://issues.apache.org/jira/browse/SSHD-1177
> Project: MINA SSHD
> Issue Type: Question
> Affects Versions: 2.6.0, 2.7.0
> Environment: Windows 10, java 1.8.0_271
> Ubuntu 20.04.2 LTS, 14.0.2+12-Ubuntu-120.04
> Reporter: Steven
> Priority: Major
> Attachments: AppTest.java
>
>
> Our application has a requirement to connect through a proxy and execute SFTP
> commands.
> My question is 1) Am I using the proxy jump correctly? and 2) If I am, is
> this a bug?
> This example works correctly:
> {\{ SshClient client = SshClient.setUpDefaultClient();}}
> \{{ client.start();}}
> {\{ try (ClientSession session = client.connect("<USER_NAME>", "<HOST_ONE>",
> 22)}}
> \{{ .verify(1000*1000).getSession()) {}}
> {{ assertNotNull(session);}}
> {{ session.addPasswordIdentity("<PASSWORD>");}}
> {{ session.auth().verify(1000*30);}}
> {{ assertTrue(session.isAuthenticated());}}
> {{ System.out.println(session.isAuthenticated());}}
> {\{ } catch (IOException e) {}}
> {{ e.printStackTrace();}}
> \{{ }}}
> \{{}}
>
> This example fails with "org.apache.sshd.common.SshException: No more
> authentication methods available"
>
> {\{ SshClient client = SshClient.setUpDefaultClient();}}
> \{{ client.start();}}
> {\{ try (ClientSession session = client.connect(new HostConfigEntry("",
> "<HOST_ONE>", 22,}}
> \{{ "<USER_NAME>", "<USER_NAME>" + "@" + "<HOST_TWO>" + ":" + "22"))}}
> \{{ .verify(1000*1000).getSession()) {}}
> {{ assertNotNull(session);}}
> {{ session.addPasswordIdentity("<PASSWORD>");}}
> {{ session.auth().verify(1000*30);}}
> {{ assertTrue(session.isAuthenticated());}}
> {{ System.out.println(session.isAuthenticated());}}
> \{{ } catch (IOException e) \{ }}
> {{ e.printStackTrace();}}
> \{{ } }}
>
>
> Stack trace:
> org.apache.sshd.common.SshException: No more authentication methods available
> at
> org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:126)
> at
> org.apache.sshd.client.future.DefaultConnectFuture.verify(DefaultConnectFuture.java:42)
> at
> org.apache.sshd.client.future.DefaultConnectFuture.verify(DefaultConnectFuture.java:34)
> at
> com.precisely.SFTPClient.AppTest.testSshConnectionWithProxyJump(AppTest.java:75)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at junit.framework.TestCase.runTest(TestCase.java:154)
> at junit.framework.TestCase.runBare(TestCase.java:127)
> at junit.framework.TestResult$1.protect(TestResult.java:106)
> at junit.framework.TestResult.runProtected(TestResult.java:124)
> at junit.framework.TestResult.run(TestResult.java:109)
> at junit.framework.TestCase.run(TestCase.java:118)
> at junit.framework.TestSuite.runTest(TestSuite.java:208)
> at junit.framework.TestSuite.run(TestSuite.java:203)
> at
> org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:124)
> at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:41)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:541)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:763)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:463)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:209)
> Caused by: org.apache.sshd.common.SshException: No more authentication
> methods available
> at
> org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:353)
> at
> org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:288)
> at
> org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:225)
> at
> org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:503)
> at
> org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:429)
> at
> org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1466)
> at
> org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:389)
> at
> org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)
> at org.apache.sshd.mina.MinaService.messageReceived(MinaService.java:156)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:997)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:641)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1300(DefaultIoFilterChain.java:48)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:1114)
> at
> org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:121)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:641)
> at
> org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:634)
> at
> org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:539)
> at
> org.apache.mina.core.polling.AbstractPollingIoProcessor.access$1200(AbstractPollingIoProcessor.java:68)
> at
> org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.process(AbstractPollingIoProcessor.java:1241)
> at
> org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.process(AbstractPollingIoProcessor.java:1230)
> at
> org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:683)
> at
> org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
> at java.lang.Thread.run(Unknown Source)
>
> I was following this sample code here:
> [https://github.com/apache/mina-sshd/blob/master/docs/internals.md#ssh-jumps]
>
> I tried to dig into it a bit, and it looks like when we call
> SshClient.connect the code ends up also attempting to authenticate (hence the
> "No more authentication methods available" exception message). In the first
> example we don't attempt to authenticate until we actually call
> ClientSession.auth.
>
> In both of machines I've tried I'm able to use a terminal to connect with a
> proxy jump and it works successfully.
> (e.g. {{ssh -J user@<bastion:port> <user@remote:port>}})
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
