java 本地验证失败,“验证失败"在Java 1.4.2的jsch-0.1.42中

最新推荐文章于 2023-05-29 18:13:04 发布
最新推荐文章于 2023-05-29 18:13:04 发布
阅读量424 收藏 1
点赞数
文章标签: java 本地验证失败

I have this simple Java program that uses Jsch to connect to an SFTP server.

The connection fails with an "Auth fail" exception on Java 1.4.2, but it connects flawlessly on Java 1.7.

try {

JSch jsch = new JSch();

jsch.setKnownHosts(KNOWN_HOSTS_PATH);

jsch.addIdentity(PRIVATE_KEY_PATH, PASSPHRASE);

Session session = jsch.getSession(USERNAME, HOSTNAME, 22);

session.connect(2500);

Channel channel = session.openChannel("shell");

channel.setInputStream(System. in );

channel.setOutputStream(System.out);

channel.connect();

} catch (Exception e) {

e.printStackTrace(System.err);

}

The key I'm using is an ssh-rsa 4096 bit key. The .pub key file exists in the same directory as the private key.

When connecting a logger, I see the following messages before the exception (which occurs on channel.connect();):

INFO: Connecting to port 22

INFO: Connection established

INFO: Remote version string: SSH-2.0-OpenSSH_5.1p1 Debian-5

INFO: Local version string: SSH-2.0-JSCH-0.1.42

INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256

INFO: arcfour is not available.

INFO: arcfour128 is not available.

INFO: arcfour256 is not available.

INFO: SSH_MSG_KEXINIT sent

INFO: SSH_MSG_KEXINIT received

INFO: kex: server->client aes128-ctr hmac-md5 none

INFO: kex: client->server aes128-ctr hmac-md5 none

INFO: SSH_MSG_KEXDH_INIT sent

INFO: expecting SSH_MSG_KEXDH_REPLY

INFO: ssh_rsa_verify: signature true

INFO: Host '' is known and mathces the RSA host key

INFO: SSH_MSG_NEWKEYS sent

INFO: SSH_MSG_NEWKEYS received

INFO: SSH_MSG_SERVICE_REQUEST sent

INFO: SSH_MSG_SERVICE_ACCEPT received

INFO: Authentications that can continue: publickey,keyboard-interactive,password

INFO: Next authentication method: publickey

INFO: Authentications that can continue: password

INFO: Next authentication method: password

INFO: Disconnecting from port 22

com.jcraft.jsch.JSchException: Auth fail

at com.jcraft.jsch.Session.connect(Session.java:452)

at TestJsch.main(TestJsch.java:19)

When I run the same program with Java 1.7, it says

INFO: Connecting to port 22

INFO: Connection established

INFO: Remote version string: SSH-2.0-OpenSSH_5.1p1 Debian-5

INFO: Local version string: SSH-2.0-JSCH-0.1.42

INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256

INFO: SSH_MSG_KEXINIT sent

INFO: SSH_MSG_KEXINIT received

INFO: kex: server->client aes128-ctr hmac-md5 none

INFO: kex: client->server aes128-ctr hmac-md5 none

INFO: SSH_MSG_KEXDH_INIT sent

INFO: expecting SSH_MSG_KEXDH_REPLY

INFO: ssh_rsa_verify: signature true

INFO: Host '' is known and mathces the RSA host key

INFO: SSH_MSG_NEWKEYS sent

INFO: SSH_MSG_NEWKEYS received

INFO: SSH_MSG_SERVICE_REQUEST sent

INFO: SSH_MSG_SERVICE_ACCEPT receivedINFO: Authentications that can continue: publickey,keyboard-interactive,password

INFO: Next authentication method: publickey

INFO: Authentication succeeded (publickey).

Linux 2.6.26-2-amd64 #1 SMP Mon Jun 13 16:29:33 UTC 2011 x86_64

I have installed the Java Cryptography Extensions (JCE) for the 1.4 VM.

What could be the source of that problem?

解决方案

Java has a limitation for using strong crypto algorithm. Check content of $JRE_HOME/lib/security/US_Export_policy.jar and $JRE_HOME/lib/security/local_policy.jar. If you find something like this:

// File: default_local.policy

// Some countries have import limits on crypto strength.

// This policy file is worldwide importable.

grant {

permission javax.crypto.CryptoPermission "DES", 64;

permission javax.crypto.CryptoPermission "DESede", *;

permission javax.crypto.CryptoPermission "RC2", 128,

"javax.crypto.spec.RC2ParameterSpec", 128;

permission javax.crypto.CryptoPermission "RC4", 128;

permission javax.crypto.CryptoPermission "RC5", 128,

"javax.crypto.spec.RC5ParameterSpec", *, 12, *;

permission javax.crypto.CryptoPermission "RSA", 2048;

permission javax.crypto.CryptoPermission *, 128;

};

Decision is to download and install JCE Unlimited Strength Jurisdiction Policy. Previously, it was located on Sun's site, now I don't know where it can be found.

You can read more in this article

EDIT:

After some research, I found my answer was incorrect.

Java 1.4 does not support RSA keys more than 2048 byte length BUG 4524097

徐中民
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
java auth fail_com.jcraft.jsch.JSchException: Auth fail
weixin_32667955的博客
02-16 2780
连接SFTP服务器时总是抛出以下异常,而且自己也在本地测试800多遍了都没有任何问题,就是在Linux平台下出现的org.apache.commons.vfs.FileSystemException: Could not connect to SFTP server at "168.22.73.69".at org.apache.commons.vfs.provider.sftp.SftpClie...
jsch-0.1.42.jar及用java实现SFTP的例子
08-26
jsch-0.1.42.jar和一个例子。用java实现SFTP的例子
com.jcraft.jsch.JSchException: Auth fail
热门推荐
阿飞云漫步
08-20 6万+
背景 服务器信息: 服务器A:10.102.110.1 服务器B:10.102.110.2 需要从服务器A通过Sftp传输文件到服务器B。 应用项目有一个功能,要通个关Sftp进行日志文件的传输,在部署的时候,服务器之间已经配置了免认证(密),也就sftp免密登录,但是部署完项目后,启动服务,在需要传输的时候还是报了下面的错误: com.jcraft.jsch.JSchExcep...
java sftp 密钥_java - Java ssh使用JSch与密钥连接-身份验证失败 - 堆栈内存溢出
weixin_30315143的博客
02-24 725
我正在尝试使用带有密钥的ssh连接到localhost,但是我仍然收到“验证失败”错误。这是方法的实现:public void downloadUsingPublicKey(String username, String host){String privateKey = "~/.ssh/id_rsa";JSch jsch = new JSch();Session session = null;C...
SFTP连接异常 Could not connect to SFTP server. Caused by: com.jcraft.jsch.JSchException: Auth fail
新成同学
02-20 6万+
连接SFTP服务器时总是抛出以下异常,而且自己也在本地测试800多遍了都没有任何问题,就是在Linux平台下出现的 org.apache.commons.vfs.FileSystemException: Could not connect to SFTP server at "168.22.73.69".     at org.apache.commons.vfs.provider.sftp.
JSCH auth fail
Krisez的博客
03-11 2226
记录一下: 上午使用JSCH连接服务器都还好好的,下午就报错“Auth fail”,我以为是我动到了账号密码,Ctrl+Z没有回退啊。难道是团队的改了密码?查看文档也没有啊,怎么回事。使用XShell也是OK的。然后删除了setTimeout()就好了,原来是时间太短给断掉了,但是抛出的错误是Auth fail,有点坑啊。。 setTimeout可不用 ...
使用Jsch时遇到的 Auth fail 问题
最新发布
weixin_46949892的博客
05-29 2464
Auth fail
jsch-0.1.42
03-17
jsch-0.1.42jsch-0.1.42jsch-0.1.42jsch-0.1.42jsch-0.1.42jsch-0.1.42jsch-0.1.42jsch-0.1.42jsch-0.1.42
java auth fail_“Auth fail” in jsch-0.1.42 with Java 1.4.2
weixin_42499882的博客
03-04 399
I have this simple Java program that uses Jsch to connect to an SFTP server.The connection fails with an "Auth fail" exception on Java 1.4.2, but it connects flawlessly on Java 1.7. try { JSch js...
skopeo-tests-1.4.2-0.1.module_el8.5.0+911+f19012f9.aarch64.rpm
12-07
官方离线安装包,亲测可用
skopeo-tests-1.4.2-0.1.module_el8.5.0+911+f19012f9.x86_64.rpm
12-20
官方离线安装包,亲测可用。使用rpm -ivh [rpm完整包名] 进行安装
skopeo-1.4.2-0.1.module_el8.5.0+911+f19012f9.aarch64.rpm
12-20
官方离线安装包,亲测可用。使用rpm -ivh [rpm完整包名] 进行安装
skopeo-tests-1.4.2-0.1.module_el8.5.0+911+f19012f9.ppc64le.rpm
12-07
官方离线安装包,亲测可用
skopeo-1.4.2-0.1.module_el8.5.0+911+f19012f9.ppc64le.rpm
12-20
官方离线安装包,亲测可用。使用rpm -ivh [rpm完整包名] 进行安装
jenkins发布微服务报错:com.jcraft.jsch.JSchException: Auth fail
weixin_43830264的博客
03-09 2587
1、登录linux服务器 2、 vim /etc/ssh/sshd_config 在/etc/ssh/sshd_config 文件,PermitRootLogin yes 把这行的注释取消掉,也就是允许root远程登录 3、在 /etc/ssh/sshd_config GSSAPIAuthentication 修改为 no ,保存退出 4、重启sshd服务,使修改生效。systemctl restart sshd.service ...
Gerrit trigger配置时出现com.jcraft.jsch.JSchException: Auth fail
yudelian的博客
03-27 2057
经验只谈,是需要下载一个这个插件 插件搜索列表 下载好后,在jenkins页面上传jsch.hpi插件,并重启Jenkins,重启后,上述插件依赖问题消除
SpringCloudConfig使用ssh方式连接GitHub报错JSchException: Auth fail
收藏小栈
03-23 3880
在练习SpringCloudConfig配置心时,访问git上的配置文件,会出现报错 JSchException: Auth fail, 无论使用本地的ssh配置,还是在application.yml配置private-key都会报错, 经过各种尝试最终发现使用这种方式生成的rsa-key,并配置到github上后问题解决 ssh-keygen -m PEM -t rsa -b 4096...
JavaNIO在电信业务应用的突破与华为架构转型
JavaNIO通信框架在华为电信业务应用软件的实践,标志着从C/C++向Java技术的转变,不仅提升了软件的性能和灵活性,也反映了电信行业技术栈随着市场需求和技术进步的迭代更新。通过使用JavaNIO,华为能够更好地应对...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值