karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jens Offenbach (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KARAF-3492) Can't connect to Karaf sshd using key authentication
Date Mon, 02 Feb 2015 06:28:34 GMT

    [ https://issues.apache.org/jira/browse/KARAF-3492?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14300922#comment-14300922
] 

Jens Offenbach commented on KARAF-3492:
---------------------------------------

{code:borderStyle=solid}
./client -h localhost -a 8101 -u karaf "instance:connect test"
{code}

This command makes a lot of sense! In our cloud environment, each port that must be accessible
from the outside must be added to a security group. Having a dynamic number of child instances
requires that each ssh port is put into that security group. The redirection over the root
instance is a way that all child instances can be managed from the outside without any further
additions to the security group.

> Can't connect to Karaf sshd using key authentication
> ----------------------------------------------------
>
>                 Key: KARAF-3492
>                 URL: https://issues.apache.org/jira/browse/KARAF-3492
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-shell
>    Affects Versions: 4.0.0, 3.0.2
>            Reporter: Jean-Baptiste Onofré
>            Assignee: Jean-Baptiste Onofré
>             Fix For: 4.0.0, 3.0.4
>
>
> The following doesn't work with Apache Karaf 3.0.2, whereas it worked with 3.0.1.
> {code}
> su - karaf -c " client -h localhost -a 8101 -u karaf -r 50 -d 2 \"
> instance:connect -u karaf -p karaf test1 \\\" feature:repo-list \\\" \" "
> Logging in as karaf
> 455 [sshd-SshClient[bea319b]-nio2-thread-1] WARN
> org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at
> [localhost/127.0.0.1:8101, DSA,
> b6:f6:d6:3f:8b:2f:ad:a4:0f:3f:3d:c3:7b:96:fd:ae] presented unverified {}
> key: {}
> Connecting to host localhost on port 8103
> Connecting to unknown server. Automatically adding to known hosts.
> Storing the server key in known_hosts.
> Error executing command: Authentication failed
> {code}
> Increasing the verbose level:
> {code}
> client -v -h localhost -a 8101 -u karaf -r 50 -d 2 " instance:connect -u
> karaf test1 \" feature:repo-list \" "
> 39 [main] INFO org.apache.sshd.common.util.SecurityUtils - BouncyCastle not
> registered, using the default JCE provider
> Logging in as karaf
> 367 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
> org.apache.sshd.client.session.ClientSessionImpl - Client session created
> 380 [main] INFO org.apache.sshd.client.session.ClientSessionImpl - Start
> flagging packets as pending until key exchange is done
> 383 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
> org.apache.sshd.client.session.ClientSessionImpl - Server version string:
> SSH-2.0-SSHD-CORE-0.12.0
> 384 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
> org.apache.sshd.client.session.ClientSessionImpl - Kex: server->client
> [aes128-ctr, hmac-sha1, none] {} {}
> 384 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
> org.apache.sshd.client.session.ClientSessionImpl - Kex: client->server
> [aes128-ctr, hmac-sha1, none] {} {}
> 444 [sshd-SshClient[bea319b]-nio2-thread-1] WARN
> org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at
> [localhost/127.0.0.1:8101, DSA,
> 22:8b:f8:9d:bc:c6:40:d8:fe:52:aa:90:c0:f2:70:ec] presented unverified {}
> key: {}
> 457 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
> org.apache.sshd.client.session.ClientSessionImpl - Dequeing pending packets
> 524 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
> org.apache.sshd.client.session.ClientUserAuthServiceNew - Received
> SSH_MSG_USERAUTH_FAILURE
> 568 [sshd-SshClient[bea319b]-nio2-thread-2] INFO
> org.apache.sshd.client.session.ClientUserAuthServiceNew - Received
> SSH_MSG_USERAUTH_SUCCESS
> Connecting to host localhost on port 8102
> Error executing command: Authentication failed 
> {code}
> Switching to DEBUG:
> {code}
> 2015-01-15 11:28:48,920 | DEBUG | 5]-nio2-thread-1 | ClientSessionImpl              

> | 28 - org.apache.sshd.core - 0.12.0 | Received SSH_MSG_SERVICE_ACCEPT
> 2015-01-15 11:28:48,920 | INFO  | 5]-nio2-thread-1 |
> ClientUserAuthServiceNew         | 28 - org.apache.sshd.core - 0.12.0 |
> Received SSH_MSG_USERAUTH_FAILURE
> 2015-01-15 11:28:48,920 | DEBUG | 5]-nio2-thread-1 |
> ClientUserAuthServiceNew         | 28 - org.apache.sshd.core - 0.12.0 |
> Authentications that can continue: keyboard-interactive, password, publickey
> 2015-01-15 11:28:48,922 | DEBUG | 5]-nio2-thread-1 | Nio2Session                    

> | 28 - org.apache.sshd.core - 0.12.0 | Caught exception, now calling handler
> 2015-01-15 11:28:48,922 | WARN  | 5]-nio2-thread-1 | ClientSessionImpl              

> | 28 - org.apache.sshd.core - 0.12.0 | Exception caught
> java.lang.IllegalStateException: No SSH_AUTH_SOCK environment variable set
>         at
> org.apache.karaf.shell.ssh.KarafAgentFactory.createClient(KarafAgentFactory.java:71)
>         at
> org.apache.sshd.client.auth.UserAuthPublicKey.init(UserAuthPublicKey.java:78)
>         at
> org.apache.sshd.client.session.ClientUserAuthServiceNew.tryNext(ClientUserAuthServiceNew.java:212)
>         at
> org.apache.sshd.client.session.ClientUserAuthServiceNew.processUserAuth(ClientUserAuthServiceNew.java:178)
>         at
> org.apache.sshd.client.session.ClientUserAuthServiceNew.process(ClientUserAuthServiceNew.java:131)
>         at
> org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:80)
>         at
> org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:399)
>         at
> org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:295)
>         at
> org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:256)
>         at
> org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:731)
>         at
> org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:277)
>         at
> org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)
>         at
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:187)
>         at
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:173)
>         at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
>         at java.security.AccessController.doPrivileged(Native
> Method)[:1.7.0_65]
>         at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[28:org.apache.sshd.core:0.12.0]
>         at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.7.0_65]
>         at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)[:1.7.0_65]
>         at
> sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:553)[:1.7.0_65]
>         at
> sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:275)[:1.7.0_65]
>         at
> sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:296)[:1.7.0_65]
>         at
> java.nio.channels.AsynchronousSocketChannel.read(AsynchronousSocketChannel.java:407)[:1.7.0_65]
>         at
> org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:173)[28:org.apache.sshd.core:0.12.0]
>         at
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:189)
>         at
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:173)
>         at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
>         at java.security.AccessController.doPrivileged(Native
> Method)[:1.7.0_65]
>         at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[28:org.apache.sshd.core:0.12.0]
>         at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.7.0_65]
>         at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)[:1.7.0_65]
>         at
> sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:553)[:1.7.0_65]
>         at
> sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:275)[:1.7.0_65]
>         at
> sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:296)[:1.7.0_65]
>         at
> java.nio.channels.AsynchronousSocketChannel.read(AsynchronousSocketChannel.java:407)[:1.7.0_65]
>         at
> org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:173)[28:org.apache.sshd.core:0.12.0]
>         at
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:189)
>         at
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:173)
>         at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
>         at java.security.AccessController.doPrivileged(Native
> Method)[:1.7.0_65]
>         at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[28:org.apache.sshd.core:0.12.0]
>         at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.7.0_65]
>         at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)[:1.7.0_65]
>         at
> sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:553)[:1.7.0_65]
>         at
> sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:275)[:1.7.0_65]
>         at
> sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:296)[:1.7.0_65]
>         at
> java.nio.channels.AsynchronousSocketChannel.read(AsynchronousSocketChannel.java:407)[:1.7.0_65]
>         at
> org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:173)[28:org.apache.sshd.core:0.12.0]
>         at
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:189)
>         at
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:173)
>         at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
>         at java.security.AccessController.doPrivileged(Native
> Method)[:1.7.0_65]
>         at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[28:org.apache.sshd.core:0.12.0]
>         at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.7.0_65]
>         at sun.nio.ch.Invoker.invokeDirect(Invoker.java:157)[:1.7.0_65]
>         at
> sun.nio.ch.UnixAsynchronousSocketChannelImpl.implRead(UnixAsynchronousSocketChannelImpl.java:553)[:1.7.0_65]
>         at
> sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:275)[:1.7.0_65]
>         at
> sun.nio.ch.AsynchronousSocketChannelImpl.read(AsynchronousSocketChannelImpl.java:296)[:1.7.0_65]
>         at
> java.nio.channels.AsynchronousSocketChannel.read(AsynchronousSocketChannel.java:407)[:1.7.0_65]
>         at
> org.apache.sshd.common.io.nio2.Nio2Session.startReading(Nio2Session.java:173)[28:org.apache.sshd.core:0.12.0]
>         at
> org.apache.sshd.common.io.nio2.Nio2Connector$1.onCompleted(Nio2Connector.java:53)[28:org.apache.sshd.core:0.12.0]
>         at
> org.apache.sshd.common.io.nio2.Nio2Connector$1.onCompleted(Nio2Connector.java:46)[28:org.apache.sshd.core:0.12.0]
>         at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
>         at java.security.AccessController.doPrivileged(Native
> Method)[:1.7.0_65]
>         at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[28:org.apache.sshd.core:0.12.0]
>         at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.7.0_65]
>         at sun.nio.ch.Invoker$2.run(Invoker.java:218)[:1.7.0_65]
>         at
> sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)[:1.7.0_65]
>         at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)[:1.7.0_65]
>         at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)[:1.7.0_65]
>         at java.lang.Thread.run(Thread.java:745)[:1.7.0_65] 
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message