com.jcraft.jsch.JSchException:身份验证取消

发布于 2024-09-02 23:53:09 字数 1343 浏览 10 评论 0原文

我正在尝试编写一个 Ant 脚本来通过端口隧道检索 URL。

当我使用密码时(出于隐私考虑,名称 xxxx 被删除),它效果很好:

<project default="main">
  <target name="main">
    <sshsession host="xxxx"
    username="xxxx"
    password="xxxx">
      <LocalTunnel lport="1080" rhost="xxxx" rport="80"/>
      <sequential>
        <get src="http://localhost:1080/xxxx" dest="/tmp/xxxx"/>
      </sequential>
    </sshsession>
  </target>
</project>

但是当我使用密钥文件时,它不起作用,如下所示:

    <sshsession host="xxxx"
    username="xxxx"
    keyfile="/Users/xxxx/.ssh/id_dsa"
    passphrase="xxxx">
      <LocalTunnel lport="1080" rhost="xxxx" rport="80"/>
      <sequential>
        <get src="http://localhost:1080/xxxx" dest="/tmp/xxxx"/>
      </sequential>
    </sshsession>

我收到此异常:

/tmp/build.xml:8: com.jcraft.jsch.JSchException: Auth cancel
    at com.jcraft.jsch.Session.connect(Session.java:451)
    at com.jcraft.jsch.Session.connect(Session.java:150)
    at org.apache.tools.ant.taskdefs.optional.ssh.SSHBase.openSession(SSHBase.java:223)
  • 我确定我使用的是正确的密钥文件(我尝试使用错误的名称,这会产生合法的 FileNotFoundException)。
  • 我可以从命令行成功 ssh,而不会提示输入密码。
  • 我确定我为密钥文件使用了正确的密码。

导致此错误的原因是什么?我该怎么办?

I'm trying to write an Ant script to retrieve an URL via port tunnelling.

It works great when I use a password (the names xxxx'd out for privacy):

<project default="main">
  <target name="main">
    <sshsession host="xxxx"
    username="xxxx"
    password="xxxx">
      <LocalTunnel lport="1080" rhost="xxxx" rport="80"/>
      <sequential>
        <get src="http://localhost:1080/xxxx" dest="/tmp/xxxx"/>
      </sequential>
    </sshsession>
  </target>
</project>

But it doesn't work when I use a keyfile, like this:

    <sshsession host="xxxx"
    username="xxxx"
    keyfile="/Users/xxxx/.ssh/id_dsa"
    passphrase="xxxx">
      <LocalTunnel lport="1080" rhost="xxxx" rport="80"/>
      <sequential>
        <get src="http://localhost:1080/xxxx" dest="/tmp/xxxx"/>
      </sequential>
    </sshsession>

I get this exception:

/tmp/build.xml:8: com.jcraft.jsch.JSchException: Auth cancel
    at com.jcraft.jsch.Session.connect(Session.java:451)
    at com.jcraft.jsch.Session.connect(Session.java:150)
    at org.apache.tools.ant.taskdefs.optional.ssh.SSHBase.openSession(SSHBase.java:223)
  • I'm sure I'm using the correct keyfile (I've tried using the wrong name, which gives a legitimate FileNotFoundException).
  • I can successfully ssh from the command line without being prompted for a password.
  • I'm sure I'm using the correct passphrase for the keyfile.

What's the cause of this error and what can I do about it?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(6

惜醉颜 2024-09-09 23:53:09

我调试了代码。这是失败的,因为我的私钥未通过身份验证; JSch 默默地退回到密码身份验证,该身份验证已被取消,因为我没有指定密码。

JSch 错误处理很糟糕。回溯您的步骤,重新生成(单独的)私钥文件,使用 ssh -i 来保证您使用的是正确的文件,并祈祷吧。

I debugged the code. This was failing because my private key was failing authentication; JSch silently fell back to password authentication, which was canceled, because I didn't specify a password.

JSch error handling sucks a lot. Retrace your steps, regenerate a (separate) private key file, use ssh -i to guarantee you're using the right file, and keep your fingers crossed.

渔村楼浪 2024-09-09 23:53:09

要使 jsch 连接正常工作,您必须指定 known_hosts 文件和包含私钥的文件的路径。这是使用 setKnownHostsaddIdentity 方法完成的。

        jsch.setKnownHosts("/path/to/.ssh/known_hosts");
        jsch.addIdentity("/path/to/.ssh/id_rsa");

如果密钥有密码,您可以将其添加到 addIdentity 参数列表中:

        jsch.addIdentity("/path/to/.ssh/id_rsa", myPassPhrase);

请参阅 Javadocs

To get the jsch connection to work, you must specify the paths to both the known_hosts file and to the file containing the private key. This is done using the setKnownHosts and addIdentity methods.

        jsch.setKnownHosts("/path/to/.ssh/known_hosts");
        jsch.addIdentity("/path/to/.ssh/id_rsa");

If the key has a passphrase, you can add it to the addIdentity argument list:

        jsch.addIdentity("/path/to/.ssh/id_rsa", myPassPhrase);

See Javadocs

ま昔日黯然 2024-09-09 23:53:09

我在使用 sshexec 任务时遇到了同样的问题。我也添加了密码短语属性,效果很好。为您的私钥创建一个密码并将其添加为任务中的属性。如果您在 Windows 上使用 puttygen 生成密钥,也不要忘记将您的私钥转换为开放 ssh 格式。

I had the same issue while using sshexec task. I added passphrase attibute too and it worked fine. create a passphrase for your private key and add this as a attribute in your task. Also don't forget to convert your private key to open ssh format if you generated the key using puttygen on windows.

迷你仙 2024-09-09 23:53:09

现在有一个全新的 Jsch 分支出来了。异常处理更加全面。不再有吞咽或违约的情况。前往 https://github.com/vngx/vngx-jsch 进行查看。如果某些内容未按您预期的方式工作,请将其作为问题提出,或在我们积极维护它时发送拉取请求。我们还希望尽快将其添加到 Maven 中央存储库中。

There is a brand new fork of Jsch out now. The exception handling is far more comprehensive. No more swallowing or defaulting. Head over to https://github.com/vngx/vngx-jsch to check it out. If something doesn't work the way you expect, please raise it as an issue, or send a pull request as we are actively maintaining it. We are also looking to get it up on the maven central repos soon.

一杆小烟枪 2024-09-09 23:53:09

我今天有类似的问题。所以我想我也会分享我的解决方案。我遇到了同样的异常,但问题实际上是我的密码中有一个元音变音。选择新密码后,一切正常。

I had a similar Issue today. So i thought i will share my solution aswell. I got the same exception but the problem was in fact that i had a umlaut within my password. after choosing a new password without it everything worked fine.

獨角戲 2024-09-09 23:53:09

由于某种原因,jsch 使用完全不同的身份验证方法。

TLDL;
创建 rsa-sha2-512 密钥(使用 PEM 格式)。

ssh-keygen -t rsa-sha2-512 -m PEM -T '' -f ~/.ssh/id_rsa-sha2-512

如果您无法轻松更改密钥类型:

  1. 重新创建rsa 密钥(使用 PEM 格式)。

    ssh-keygen -t rsa -m PEM -T '' -f ~/.ssh/id_rsa

  2. 配置 ssh 服务器接受此方法。

    sudo bash -c "echo 'PubkeyAcceptedAlgorithms +ssh-rsa' > /etc/ssh/sshd_config.d/ssh-rsa.conf"

  3. 重新启动 sshd 服务器。

    sudo systemctl restart sshd

  4. 现在,它可以工作了!

PS:JSCH支持的类型有:ssh-rsa、ssh-dss、ecdca-sha2-nistp256、ecdca-sha2-nistp384、ecdca-sha2-nistp521

https://unix.stackexchange.com/questions/721606/ssh-server-gives-userauth-pubkey-密钥类型 ssh-rsa-not-in-pubkeyacceptedalgorit

For some reason, jsch use a quite different authentication method.

TLDL;
Create a rsa-sha2-512 key (using a PEM format).

ssh-keygen -t rsa-sha2-512 -m PEM -T '' -f ~/.ssh/id_rsa-sha2-512

In cases where you cantt easily change key type:

  1. recreate a rsa key (using a PEM format).

    ssh-keygen -t rsa -m PEM -T '' -f ~/.ssh/id_rsa

  2. configure ssh server to accept this method.

    sudo bash -c "echo 'PubkeyAcceptedAlgorithms +ssh-rsa' > /etc/ssh/sshd_config.d/ssh-rsa.conf"

  3. Restart sshd server.

    sudo systemctl restart sshd

  4. now, it works!

PS: JSCH supported types are: ssh-rsa, ssh-dss, ecdca-sha2-nistp256, ecdca-sha2-nistp384, ecdca-sha2-nistp521

https://unix.stackexchange.com/questions/721606/ssh-server-gives-userauth-pubkey-key-type-ssh-rsa-not-in-pubkeyacceptedalgorit

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文