You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Li Fangning (JIRA)" <ji...@apache.org> on 2016/12/14 14:04:58 UTC
[jira] [Commented] (SSHD-700) SSHD does not suppot agent forwarding
for XShell and XAgent
[ https://issues.apache.org/jira/browse/SSHD-700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15748399#comment-15748399 ]
Li Fangning commented on SSHD-700:
----------------------------------
Hi Goldstein:
I have post the question to mailing list, but no one answer me.
Today, I pull the latest code and try again.
I compared the normal environment (using openssh) with the abnormal environment (using XShell) and saved the logs in attachments log1.txt and log2.txt. The key difference are from line 23, The former responds to SSH_MSG_CHANNEL_DATA, while the latter responds to SSH_MSG_CHANNEL_EOF.
In the abnormal environment, during the agent forward process, the code is blocked at line 80 of org.apache.sshd.agent.local.AgentForwardedChannel (see the attachment block.png), and the full call stacktrace is shown in stacktrace.png.
Since the OpenSSH way is OK, but the standard "Secure Shell Authentication Agent Protocol Draft 02" equivalent is not. I think their protocols may be different, but I can not find any clues in google.
Could you help me or give me some hints?
Best Regards
> SSHD does not suppot agent forwarding for XShell and XAgent
> -----------------------------------------------------------
>
> Key: SSHD-700
> URL: https://issues.apache.org/jira/browse/SSHD-700
> Project: MINA SSHD
> Issue Type: New Feature
> Affects Versions: 1.2.0
> Environment: Windows 10 and CentOS 7
> XShell 5.0
> Reporter: Li Fangning
> Priority: Minor
> Attachments: SshdTest2.java, SshdTest3.java, debug.log, environment.png
>
>
> I use MINA SSHD for both server side and client side:
> SSH client --> MINA SSHD Server - MINA SSHD Client --> Target Linux Server
> I use XShell (http://www.netsarang.com/) as SSH client, and use XAgent with XShell for target server authentication (Public Key Access with Agent Forwarding).
> I have tried PuTTY (with pagent), SecureCRT, and openssh client in linux, they are all passed. But when I try XShell with XAgent, the agent forwarding phase is failed.
> When I check the debug log and source code of MINA SSHD, I find that SSHD only handle the "auth-agent-req@openssh.com" request type (in org.apache.sshd.server.channel.ChannelSession#handleInternalRequest), which is OK for PuTTY, SecureCRT and openssh client. But XShell send a "auth-agent-req" request (without "@openssh.com"), so SSHD not handle the request.
> I have try to change the source code, add "auth-agent-req" to the "switch-case" in handleInternalRequest, but the authentication is blocked.
> I have attached my code, please help me solve the problem.
> Thanks a lot.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)