Tilden18 opened a new issue, #393:
URL: https://github.com/apache/mina-sshd/issues/393
Hello,
I am trying to setup a SSH configuration with Jumphost.
I am configuring my Jumphost userAuth in the Client . my jumphost can accept
both password or private key authorization . so I am setting my
client.setUserAuthFactories to accept both Public key and password.
And my SSH host will only accept password. so I was planning to set
userAuthFactories in Session for the host.
**session.setUserAuthFactories(Collections.singletonList(UserAuthPasswordFactory.INSTANCE));**
But while executing i can see that authentication mechanisms is always set
to the client inputs, the session inputs are not honored.
Can you please let me know if anything is missing in my code or
understanding.
org.apache.sshd.client.SshClient client =
org.apache.sshd.client.SshClient.setUpDefaultClient();
client.setForwardingFilter(AcceptAllForwardingFilter.INSTANCE);
client.start();
client.setKeyIdentityProvider(
sessionContext -> Collections.singleton(------Jump Host Keypair -----));
client.setPasswordIdentityProvider(sessionContext ->
Collections.singleton(---jump host password----));
**client.setUserAuthFactories(Collections.unmodifiableList(
Arrays.asList(UserAuthPublicKeyFactory.INSTANCE,
UserAuthPasswordFactory.INSTANCE)));**
ClientSession session =
client.connect(SSH_HOST_REFERENCE_NAME).verify(SERVER_ALIVE_INTERVAL).getSession();
**session.setUserAuthFactories(Collections.singletonList(UserAuthPasswordFactory.INSTANCE));**
session.setPasswordIdentityProvider(sessionContext ->
Collections.singleton("default"));
**JumpHost Connection logs**
16:08:23.712 [sshd-SshClient[80503]-nio2-thread-7] DEBUG
org.apache.sshd.client.session.ClientUserAuthService -
processUserAuth(ClientSessionImpl[[email protected]/10.0.0.215:22])
Received SSH_MSG_USERAUTH_FAILURE - partial=false,
methods=publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
16:08:23.712 [sshd-SshClient[80503]-nio2-thread-7] DEBUG
org.apache.sshd.client.session.ClientUserAuthService -
tryNext(ClientSessionImpl[[email protected]/10.0.0.215:22]) starting
authentication mechanisms: **client=[publickey, password],** server=[publickey,
gssapi-keyex, gssapi-with-mic, password, keyboard-interactive]
16:08:23.712 [sshd-SshClient[80503]-nio2-thread-7] DEBUG
org.apache.sshd.client.session.ClientUserAuthService -
tryNext(ClientSessionImpl[[email protected]/10.0.0.215:22]) attempting
method=publickey
**SSH Host connection logs**
16:08:24.270 [sshd-SshClient[80503]-nio2-thread-4] DEBUG
org.apache.sshd.client.session.ClientUserAuthService -
processUserAuth(ClientSessionImpl[admin@/127.0.0.1:43834]) Received
SSH_MSG_USERAUTH_FAILURE - partial=false,
methods=publickey,gssapi-keyex,gssapi-with-mic,password
16:08:24.270 [sshd-SshClient[80503]-nio2-thread-4] DEBUG
org.apache.sshd.client.session.ClientUserAuthService -
tryNext(ClientSessionImpl[admin@/127.0.0.1:43834]) starting authentication
mechanisms: **client=[publickey, password],** server=[publickey, gssapi-keyex,
gssapi-with-mic, password]
16:08:24.270 [sshd-SshClient[80503]-nio2-thread-4] DEBUG
org.apache.sshd.client.session.ClientUserAuthService -
tryNext(ClientSessionImpl[admin@/127.0.0.1:43834]) attempting method=publickey
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
