问题:
使用私钥取消JSch身份验证
幸经艺
com.jcraft.jsch.JSchException: Auth cancel
at com.jcraft.jsch.Session.connect(Session.java:518)
at com.jcraft.jsch.Session.connect(Session.java:183)
JSch jschConnector = new JSch();
jschConnector.addIdentity("path_to_private_key","12345");
jschConnector.setKnownHosts("path_TO_KNOWN_HOST");
Session session = jschConnector.getSession(user, host, port);
session.setTimeout(timeout);
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
config.put("PreferredAuthentications", "publickey,keyboard-interactive,password");
session.setConfig(config);
session.connect();
log.info(" Session created successfully");
JSch日志:
INFO: Connecting to dedwfprsapp01.de.neustar.com port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-OpenSSH_5.3
INFO: Local version string: SSH-2.0-JSCH-0.1.54
INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO: ecdh-sha2-nistp256 is not available.
INFO: ecdh-sha2-nistp384 is not available.
INFO: ecdh-sha2-nistp521 is not available.
INFO: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO: ecdsa-sha2-nistp256 is not available.
INFO: ecdsa-sha2-nistp384 is not available.
INFO: ecdsa-sha2-nistp521 is not available.
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: kex: server: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
INFO: kex: server: ssh-rsa,ssh-dss
INFO: kex: server: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
INFO: kex: server: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
INFO: kex: server: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
INFO: kex: server: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
INFO: kex: server: none,zlib@openssh.com
INFO: kex: server: none,zlib@openssh.com
INFO: kex: server:
INFO: kex: server:
INFO: kex: client: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
INFO: kex: client: ssh-rsa,ssh-dss
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: none
INFO: kex: client: none
INFO: kex: client:
INFO: kex: client:
INFO: kex: server->client aes128-ctr hmac-md5 none
INFO: kex: client->server aes128-ctr hmac-md5 none
INFO: SSH_MSG_KEXDH_INIT sent
INFO: expecting SSH_MSG_KEXDH_REPLY
INFO: ssh_rsa_verify: signature true
INFO: Host 'dedwfprsapp01.de.neustar.com' is known and matches the RSA host key
INFO: SSH_MSG_NEWKEYS sent
INFO: SSH_MSG_NEWKEYS received
INFO: SSH_MSG_SERVICE_REQUEST sent
INFO: SSH_MSG_SERVICE_ACCEPT received
INFO: Authentications that can continue: keyboard-interactive,password
INFO: Next authentication method: keyboard-interactive
INFO: Disconnecting from dedwfprsapp01.de.neustar.com port 22
JSCH Exceptioncom.jcraft.jsch.JSchException: Auth cancel
ssh xyz.com-v的日志:
Warning: Identity file .ssh/jenkins not accessible: No such file or directory.
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to dedwdprsrmc001 [10.57.19.176] port 22.
debug1: Connection established.
debug1: identity file /home/dnasssd/.ssh/identity type -1
debug1: identity file /home/dnasssd/.ssh/identity-cert type -1
debug1: identity file /home/dnasssd/.ssh/id_rsa type 1
debug1: identity file /home/dnasssd/.ssh/id_rsa-cert type -1
debug1: identity file /home/dnasssd/.ssh/id_dsa type -1
debug1: identity file /home/dnasssd/.ssh/id_dsa-cert type -1
debug1: identity file /home/dnasssd/.ssh/id_ecdsa type -1
debug1: identity file /home/dnasssd/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'dedwdprsrmc001' is known and matches the RSA host key.
debug1: Found key in /home/dnasssd/.ssh/known_hosts:7
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,keyboard-interactive
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Server krbtgt/NEUSTAR@KRBPROD.NEUSTAR.COM not found in Kerberos database
debug1: Trying to start again
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,keyboard-interactive
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/dnasssd/.ssh/identity
debug1: Offering public key: /home/dnasssd/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/dnasssd/.ssh/id_rsa':
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Wed May 2 14:56:44 2018 from dedwfprsapp01.de.neustar.com
共有1个答案
毋澄邈
信息:可以继续的身份验证:键盘交互,密码
您的服务器根本不支持公钥身份验证(或者不允许您的帐户使用公钥身份验证)。
根本原因是您连接到错误的主机。在JSch中,您正在连接到dedwfprsapp01[.de.neustar.com]。使用ssh连接到dedwdprsrmc001。
类似资料:
-
我正在尝试使用私钥和公钥对为sftp服务器设置身份验证。 我已经在本地计算机上设置了带有Bitvise SSH服务器的sftp服务器。我用SSH服务器生成了私钥和公钥。我已经在SSH服务器的主机密钥部分上设置了私钥,并且已经创建了一个虚拟帐户并将公钥设置到该帐户。 谢谢
-
我正在构建一个具有客户机/服务器基础结构的应用程序,并希望使用公钥/私钥方法实现一个身份验证机制。 让我们假设一个客户机拥有私钥,而服务器只拥有公钥。在身份验证过程中,客户端使用私钥对消息进行签名,并将其发送到服务器,在服务器上使用公钥对消息进行验证。如果验证成功,则对客户端进行身份验证。 下面是一些JUnit测试代码,我在这些代码中熟悉了这些概念:
-
问题内容: 我正在使用以下代码在Java应用程序中使用Git。我有一个有效的密钥(一直使用),并且之前使用相同的密钥和git存储库,此特定代码对我有用,但是现在出现以下异常: 无效的私钥:[B @ 59c40796。 在这一行: 我的完整代码: 在线搜索后,我将createDefaultJSch更改为使用pemWriter: 但是仍然会收到 “无效的私钥” 异常。 问题答案: 我也偶然发现了这个问
-
问题内容: 我在下面的Java类中使用该方法,以便使用SSH(JSch)连接到服务器并在服务器中运行命令。 问题在于,运行服务器时,提示下一条消息: 为了继续运行,我需要手动按两次键,一次为用户名,另一次为密码。我试图添加下一个代码: 但是此代码仅适用于用户名,当服务器要求输入密码时,我无法弄清楚如何自动按Enter。到目前为止,我已经尝试将另一个代码段放在下面的上方。 线。 这是班级 这是记录器
-
我使用NetBeans7.2运行JDK1.7和Windows7,我使用putty-keygen生成了一个SSH私钥和公钥对(SSH2-2048位)。我没有任何私钥密码。我现在正尝试使用SFTP连接到其中一台主机。但是当我传递私钥(ppk)来设置身份时,代码返回无效私钥错误。我在WinSCP中使用了相同的私钥来连接到相同的主机&它工作得很好。请帮助我解决这个错误。下面是我的代码:
-
我使用以下代码在Java应用程序中使用Git。我有一个有效的密钥(一直使用它),并且这个特定的代码在使用相同的密钥和git存储库之前对我有用,但是现在我得到了以下异常: 无效的私钥:[B@59c40796。 在这一行: 我的完整代码: 在线搜索后,我将createDefaultJSch更改为使用pemWriter: 但仍然得到“无效私钥”异常。