You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Tilden18 (via GitHub)" <gi...@apache.org> on 2023/06/29 14:25:40 UTC
[GitHub] [mina-sshd] Tilden18 opened a new issue, #393: Issue in setting User auth factories in ClientSession
Tilden18 opened a new issue, #393:
URL: https://github.com/apache/mina-sshd/issues/393
Hello,
I am trying to setup a SSH configuration with Jumphost.
I am configuring my Jumphost userAuth in the Client . my jumphost can accept both password or private key authorization . so I am setting my client.setUserAuthFactories to accept both Public key and password.
And my SSH host will only accept password. so I was planning to set userAuthFactories in Session for the host.
**session.setUserAuthFactories(Collections.singletonList(UserAuthPasswordFactory.INSTANCE));**
But while executing i can see that authentication mechanisms is always set to the client inputs, the session inputs are not honored.
Can you please let me know if anything is missing in my code or understanding.
org.apache.sshd.client.SshClient client = org.apache.sshd.client.SshClient.setUpDefaultClient(); client.setForwardingFilter(AcceptAllForwardingFilter.INSTANCE);
client.start();
client.setKeyIdentityProvider(
sessionContext -> Collections.singleton(------Jump Host Keypair -----));
client.setPasswordIdentityProvider(sessionContext -> Collections.singleton(---jump host password----));
**client.setUserAuthFactories(Collections.unmodifiableList(
Arrays.asList(UserAuthPublicKeyFactory.INSTANCE, UserAuthPasswordFactory.INSTANCE)));**
ClientSession session = client.connect(SSH_HOST_REFERENCE_NAME).verify(SERVER_ALIVE_INTERVAL).getSession(); **session.setUserAuthFactories(Collections.singletonList(UserAuthPasswordFactory.INSTANCE));**
session.setPasswordIdentityProvider(sessionContext -> Collections.singleton("default"));
**JumpHost Connection logs**
16:08:23.712 [sshd-SshClient[80503]-nio2-thread-7] DEBUG org.apache.sshd.client.session.ClientUserAuthService - processUserAuth(ClientSessionImpl[exxxxxx@test.server.se/10.0.0.215:22]) Received SSH_MSG_USERAUTH_FAILURE - partial=false, methods=publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
16:08:23.712 [sshd-SshClient[80503]-nio2-thread-7] DEBUG org.apache.sshd.client.session.ClientUserAuthService - tryNext(ClientSessionImpl[exxxxxx@test.server.se/10.0.0.215:22]) starting authentication mechanisms: **client=[publickey, password],** server=[publickey, gssapi-keyex, gssapi-with-mic, password, keyboard-interactive]
16:08:23.712 [sshd-SshClient[80503]-nio2-thread-7] DEBUG org.apache.sshd.client.session.ClientUserAuthService - tryNext(ClientSessionImpl[exxxxxx@test.server.se/10.0.0.215:22]) attempting method=publickey
**SSH Host connection logs**
16:08:24.270 [sshd-SshClient[80503]-nio2-thread-4] DEBUG org.apache.sshd.client.session.ClientUserAuthService - processUserAuth(ClientSessionImpl[admin@/127.0.0.1:43834]) Received SSH_MSG_USERAUTH_FAILURE - partial=false, methods=publickey,gssapi-keyex,gssapi-with-mic,password
16:08:24.270 [sshd-SshClient[80503]-nio2-thread-4] DEBUG org.apache.sshd.client.session.ClientUserAuthService - tryNext(ClientSessionImpl[admin@/127.0.0.1:43834]) starting authentication mechanisms: **client=[publickey, password],** server=[publickey, gssapi-keyex, gssapi-with-mic, password]
16:08:24.270 [sshd-SshClient[80503]-nio2-thread-4] DEBUG org.apache.sshd.client.session.ClientUserAuthService - tryNext(ClientSessionImpl[admin@/127.0.0.1:43834]) attempting method=publickey
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org