Discussion:
[JSch-users] Authenticating with private key / passphrase causes other problems...
Rancourt, Kent
2011-03-31 04:53:09 UTC
Permalink
Hi all,

I'm going absolutely nutty trying to solve a JSch issue. When I use the following code, everything works very smoothly:
JSch jsch = new JSch();
Session session = jsch.getSession("kent", "xlab309", 22);
session.setPassword("dummypassword");
session.setConfig("StrictHostKeyChecking", "no");
session.connect();
ChannelSftp channel = (ChannelSftp) session.openChannel("sftp");
channel.connect();
channel.get("foo.txt", "/users/kent/foo/");
But when I use the following, wherein the ONLY difference is the use of a private key / pass phrase for authentication, I get a bizarre exception:
JSch jsch = new JSch();
jsch.addIdentity("/users/kent/id_rsa", "dummypassphrase".getBytes());
Session session = jsch.getSession("kent", "xlab309", 22);
session.setConfig("StrictHostKeyChecking", "no");
session.connect();
ChannelSftp channel = (ChannelSftp) session.openChannel("sftp");
channel.connect();
channel.get("foo.txt", "/users/kent/foo/");
The exception I get appears to have nothing to do with being unable to authenticate, but clearly, the authentication method is the only thing that is different between the two examples. As proof that authentication is going off without a hitch, I can set a breakpoint before the call to channel.connect(), and while execution is paused, SSH into the target host with putty and do "ps U kent" When I do so, I can clearly see TWO SSH sessions- one each for putty and my Java client. So authentication IS working, but the authentication method APPEARS to be having an impact on things that happen downstream. Does anyone have any thoughts? Hopefully someone else has encountered this before. Many, many thanks in advance for any assistance that anyone can provide!
com.jcraft.jsch.JSchException: java.io.IOException: inputstream is closed
at com.jcraft.jsch.ChannelSftp.start(ChannelSftp.java:242)
at com.jcraft.jsch.Channel.connect(Channel.java:200)
at com.aetna.framework.ssh.sftp.jsch.SftpWithJSchIntegrationTest.testGet(SftpWithJSchIntegrationTest.java:45)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:615)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.springframework.test.context.junit4.statements.RunBeforeTestMethodCallbacks.evaluate(RunBeforeTestMethodCallbacks.java:74)
at org.springframework.test.context.junit4.statements.RunAfterTestMethodCallbacks.evaluate(RunAfterTestMethodCallbacks.java:82)
at org.springframework.test.context.junit4.statements.SpringRepeat.evaluate(SpringRepeat.java:72)
at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild(SpringJUnit4ClassRunner.java:240)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
at org.springframework.test.context.junit4.statements.RunBeforeTestClassCallbacks.evaluate(RunBeforeTestClassCallbacks.java:61)
at org.springframework.test.context.junit4.statements.RunAfterTestClassCallbacks.evaluate(RunAfterTestClassCallbacks.java:70)
at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.run(SpringJUnit4ClassRunner.java:180)
at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:45)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196)
Caused by: java.io.IOException: inputstream is closed
at com.jcraft.jsch.ChannelSftp.fill(ChannelSftp.java:2327)
at com.jcraft.jsch.ChannelSftp.header(ChannelSftp.java:2351)
at com.jcraft.jsch.ChannelSftp.start(ChannelSftp.java:211)
... 30 more




This e-mail may contain confidential or privileged information. If
you think you have received this e-mail in error, please advise the
sender by reply e-mail and then delete this e-mail immediately.
Thank you. Aetna
Atsuhiko Yamanaka
2011-03-31 06:53:09 UTC
Permalink
Hi,

Which JSch version are you using?
If you can run the remote sshd in the debug mode,
you may find where is the problem; for example,
# /bin/sh /etc/rc.d/init/sshd stop
# /usr/sbin/sshd -d -d -d


Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
+1-415-578-3454
Skype callto://jcraft/
Twitter: http://twitter.com/ymnk
Rancourt, Kent
2011-03-31 13:47:46 UTC
Permalink
The issue is occurring with both 0.1.41 and 0.1.44.

I'll try what you suggested with running sshd in debug mode. I'm also going to try this against an alternate implementation of sshd to rule out server-side issues.

Thanks for the input. It's much appreciated. If you think of anything else, please let me know.

For my own peace of mind, does the code sample I included look like is SHOULD work?




________________________________________
From: Atsuhiko Yamanaka [***@jcraft.com]
Sent: Thursday, March 31, 2011 2:53 AM
To: Rancourt, Kent
Cc: jsch-***@lists.sourceforge.net
Subject: Re: [JSch-users] Authenticating with private key / passphrase causes other problems...

Hi,

Which JSch version are you using?
If you can run the remote sshd in the debug mode,
you may find where is the problem; for example,
# /bin/sh /etc/rc.d/init/sshd stop
# /usr/sbin/sshd -d -d -d


Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
+1-415-578-3454
Skype callto://jcraft/
Twitter: http://twitter.com/ymnk
This e-mail may contain confidential or privileged information. If
you think you have received this e-mail in error, please advise the
sender by reply e-mail and then delete this e-mail immediately.
Thank you. Aetna
Rancourt, Kent
2011-03-31 20:15:03 UTC
Permalink
Your suggestion of debugging sshd helped.

There's something funny going on with PAM and VAS. It thinks my password (which is null when I use PKA) is expired (but it's not, really) and that kicks off a reset process. This seems to be the underlying cause.

So this is NOT a JSch issue. Big relief. Thanks for your time!


-----Original Message-----
From: Rancourt, Kent
Sent: Thursday, March 31, 2011 9:48 AM
To: Atsuhiko Yamanaka
Cc: jsch-***@lists.sourceforge.net
Subject: RE: [JSch-users] Authenticating with private key / passphrase causes other problems...

The issue is occurring with both 0.1.41 and 0.1.44.

I'll try what you suggested with running sshd in debug mode. I'm also going to try this against an alternate implementation of sshd to rule out server-side issues.

Thanks for the input. It's much appreciated. If you think of anything else, please let me know.

For my own peace of mind, does the code sample I included look like is SHOULD work?




________________________________________
From: Atsuhiko Yamanaka [***@jcraft.com]
Sent: Thursday, March 31, 2011 2:53 AM
To: Rancourt, Kent
Cc: jsch-***@lists.sourceforge.net
Subject: Re: [JSch-users] Authenticating with private key / passphrase causes other problems...

Hi,

Which JSch version are you using?
If you can run the remote sshd in the debug mode, you may find where is the problem; for example,
# /bin/sh /etc/rc.d/init/sshd stop
# /usr/sbin/sshd -d -d -d


Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
+1-415-578-3454
Skype callto://jcraft/
Twitter: http://twitter.com/ymnk
This e-mail may contain confidential or privileged information. If
you think you have received this e-mail in error, please advise the
sender by reply e-mail and then delete this e-mail immediately.
Thank you. Aetna
chandu
2014-02-03 08:29:11 UTC
Permalink
Rancourt, Kent <***@...> writes:

>
>
> Hi
> all,
>
>  
> I'm going absolutely
> nutty trying to solve a JSch issue.  When I use the following code,
> everything works very smoothly:
>
> JSch jsch = new
> JSch();Session session = jsch.getSession("kent", "xlab309",
> 22);session.setPassword("dummypassword");session.setConfig
("StrictHostKeyChecking",
> "no");session.connect();ChannelSftp channel = (ChannelSftp)
> session.openChannel("sftp");channel.connect();channel.get("foo.txt",
> "/users/kent/foo/");
>
> But when I use the
> following, wherein the ONLY difference is the use of a private key /
pass phrase
> for authentication, I get a bizarre exception:
>
> JSch jsch = new
> JSch();jsch.addIdentity("/users/kent/id_rsa",
> "dummypassphrase".getBytes());Session session = jsch.getSession
("kent",
> "xlab309", 22);session.setConfig("StrictHostKeyChecking",
> "no");session.connect();ChannelSftp channel = (ChannelSftp)
> session.openChannel("sftp");channel.connect();channel.get("foo.txt",
> "/users/kent/foo/");
>
> The exception I get
> appears to have nothing to do with being unable to authenticate, but
clearly,
> the authentication method is the only thing that is different between
the
> two examples.  As proof that authentication is going off without a
hitch, I
> can set a breakpoint before the call to channel.connect(), and while
execution
> is paused, SSH into the target host with putty and do "ps U kent"  When
I
> do so, I can clearly see TWO SSH sessions- one each for putty and my
Java
> client.  So authentication IS working, but the authentication method
> APPEARS to be having an impact on things that happen downstream.  Does
> anyone have any thoughts?  Hopefully someone else has encountered this
> before.  Many, many thanks in advance for any assistance that anyone can
> provide!
>
> com.jcraft.jsch.JSchException: java.io.IOException: inputstream is
> closed at
> com.jcraft.jsch.ChannelSftp.start(ChannelSftp.java:242) at
> com.jcraft.jsch.Channel.connect(Channel.java:200) at
> com.aetna.framework.ssh.sftp.jsch.SftpWithJSchIntegrationTest.testGet
(SftpWithJSchIntegrationTest.java:45) at
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:64) at
> sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:43) at
> java.lang.reflect.Method.invoke(Method.java:615) at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall
(FrameworkMethod.java:44) at
> org.junit.internal.runners.model.ReflectiveCallable.run
(ReflectiveCallable.java:15) at
> org.junit.runners.model.FrameworkMethod.invokeExplosively
(FrameworkMethod.java:41) at
> org.junit.internal.runners.statements.InvokeMethod.evaluate
(InvokeMethod.java:20) at
>
org.springframework.test.context.junit4.statements.RunBeforeTestMethodCallb
acks.evaluate(RunBeforeTestMethodCallbacks.java:74) at
>
org.springframework.test.context.junit4.statements.RunAfterTestMethodCallba
cks.evaluate(RunAfterTestMethodCallbacks.java:82) at
>
org.springframework.test.context.junit4.statements.SpringRepeat.evaluate
(SpringRepeat.java:72) at
>
org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild
(SpringJUnit4ClassRunner.java:240) at
> org.junit.runners.BlockJUnit4ClassRunner.runChild
(BlockJUnit4ClassRunner.java:50) at
> org.junit.runners.ParentRunner$3.run(ParentRunner.java:193) at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52) at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191) at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:42) at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184) at
>
org.springframework.test.context.junit4.statements.RunBeforeTestClassCallba
cks.evaluate(RunBeforeTestClassCallbacks.java:61) at
>
org.springframework.test.context.junit4.statements.RunAfterTestClassCallbac
ks.evaluate(RunAfterTestClassCallbacks.java:70) at
> org.junit.runners.ParentRunner.run(ParentRunner.java:236) at
> org.springframework.test.context.junit4.SpringJUnit4ClassRunner.run
(SpringJUnit4ClassRunner.java:180) at
> org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run
(JUnit4TestReference.java:45) at
> org.eclipse.jdt.internal.junit.runner.TestExecution.run
(TestExecution.java:38) at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests
(RemoteTestRunner.java:460) at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests
(RemoteTestRunner.java:673) at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run
(RemoteTestRunner.java:386) at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main
(RemoteTestRunner.java:196)Caused
> by: java.io.IOException: inputstream is closed at
> com.jcraft.jsch.ChannelSftp.fill(ChannelSftp.java:2327) at
> com.jcraft.jsch.ChannelSftp.header(ChannelSftp.java:2351) at
> com.jcraft.jsch.ChannelSftp.start(ChannelSftp.java:211) ... 30
> more
>
>  
>
>  
>
>
> This e-mail may contain confidential or privileged information. If you
think you have received this e-mail in error, please advise the sender by
reply e-mail and then delete this e-mail immediately. Thank you. Aetna
>
>
> -------------------------------------------------------------------------
-----
> Create and publish websites with WebMatrix
> Use the most popular FREE web apps or write code yourself;
> WebMatrix provides all the features you need to develop and
> publish your website. http://p.sf.net/sfu/ms-webmatrix-sf
>
>
> _______________________________________________
> JSch-users mailing list
> JSch-***@...
> https://lists.sourceforge.net/lists/listinfo/jsch-users
>


I am getting the below error.

Caused by: java.io.IOException: inputstream is closed
at com.jcraft.jsch.ChannelSftp.fill(ChannelSftp.java:2529)
at com.jcraft.jsch.ChannelSftp.header(ChannelSftp.java:2553)
at com.jcraft.jsch.ChannelSftp._get(ChannelSftp.java:985)
Loading...