Return-Path: X-Original-To: apmail-mina-dev-archive@www.apache.org Delivered-To: apmail-mina-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 486AB10F9F for ; Tue, 8 Dec 2015 14:38:16 +0000 (UTC) Received: (qmail 34316 invoked by uid 500); 8 Dec 2015 14:38:11 -0000 Delivered-To: apmail-mina-dev-archive@mina.apache.org Received: (qmail 34274 invoked by uid 500); 8 Dec 2015 14:38:11 -0000 Mailing-List: contact dev-help@mina.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@mina.apache.org Delivered-To: mailing list dev@mina.apache.org Received: (qmail 34260 invoked by uid 99); 8 Dec 2015 14:38:11 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 08 Dec 2015 14:38:11 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id E70CF2C14F7 for ; Tue, 8 Dec 2015 14:38:10 +0000 (UTC) Date: Tue, 8 Dec 2015 14:38:10 +0000 (UTC) From: =?utf-8?Q?Oliver_St=C3=B6neberg_=28JIRA=29?= To: dev@mina.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (SSHD-611) Servers rejecting keyboard-interactive authentication not handled MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/SSHD-611?page=3Dcom.atlassian.j= ira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=3D150469= 20#comment-15046920 ]=20 Oliver St=C3=B6neberg commented on SSHD-611: --------------------------------------- I set up the SshClient using SshClient.setupDefaultClient() and at the very= end I mentioned that I am using "28faad4 of master". In case you meant the server version - it happened with two different serve= rs so far: - busybox with "SSH-2.0-OpenSSH_7.1" - OpenBSD 5.1 with "SSH-2.0-OpenSSH_6.0" > Servers rejecting keyboard-interactive authentication not handled > ----------------------------------------------------------------- > > Key: SSHD-611 > URL: https://issues.apache.org/jira/browse/SSHD-611 > Project: MINA SSHD > Issue Type: Bug > Reporter: Oliver St=C3=B6neberg > > I am trying to communicate with a server that advertises keyboard-interac= tive authentication but it fails with "Too many authentication failures". W= hen the client sends the request it gets a failure and requests it again an= d again until it hits the maximum retries value. It also never reaches the = UserInteraction object that was assigned to the client. It seems when the r= equest fails it should move on to the next authentication method. > Here's the output of sshd-core: > DEBUG [sshd-SshClient[48c40605]-nio2-thread-1] (ClientUserAuthService.jav= a:234) tryNext(ClientSessionImpl[root@/10.48.43.215:22]) attempting method= =3Dkeyboard-interactive > DEBUG [sshd-SshClient[48c40605]-nio2-thread-1] (UserAuthKeyboardInteracti= ve.java:110) process(root@ClientSessionImpl[root@/10.48.43.215:22])[ssh-con= nection] Send SSH_MSG_USERAUTH_REQUEST for keyboard-interactive > TRACE [sshd-SshClient[48c40605]-nio2-thread-1] (AbstractSession.java:862)= encode(ClientSessionImpl[root@/10.48.43.215:22]) Sending packet #5: 32 00 = 00 00 04 72 6f 6f 74 00 00 00 0e 73 73 68 2d 63 6f 6e 6e 65 63 74 69 6f 6e = 00 00 00 14 6b 65 79 62 6f 61 72 64 2d 69 6e 74 65 72 61 63 74 69 76 65 00 = 00 00 00 00 00 00 00 > DEBUG [sshd-SshClient[48c40605]-nio2-thread-1] (Nio2Session.java:114) Wri= ting 100 bytes > DEBUG [sshd-SshClient[48c40605]-nio2-thread-4] (Nio2Session.java:274) Fin= ished writing > DEBUG [sshd-SshClient[48c40605]-nio2-thread-5] (Nio2Session.java:223) Rea= d 84 bytes > TRACE [sshd-SshClient[48c40605]-nio2-thread-5] (AbstractSession.java:1003= ) decode(ClientSessionImpl[root@/10.48.43.215:22]) Received packet #6: 33 0= 0 00 00 27 70 75 62 6c 69 63 6b 65 79 2c 70 61 73 73 77 6f 72 64 2c 6b 65 7= 9 62 6f 61 72 64 2d 69 6e 74 65 72 61 63 74 69 76 65 00 > TRACE [sshd-SshClient[48c40605]-nio2-thread-5] (AbstractSession.java:415)= doHandleMessage(ClientSessionImpl[root@/10.48.43.215:22]) process SSH_MSG_= USERAUTH_FAILURE > DEBUG [sshd-SshClient[48c40605]-nio2-thread-5] (ClientUserAuthService.jav= a:181) processUserAuth(ClientSessionImpl[root@/10.48.43.215:22]) Received S= SH_MSG_USERAUTH_FAILURE - partial=3Dfalse, methods=3Dpublickey,password,key= board-interactive > Here's the putty output: > Outgoing packet #0x4, type 5 / 0x05 (SSH2_MSG_SERVICE_REQUEST) > 00000000 00 00 00 0c 73 73 68 2d 75 73 65 72 61 75 74 68 ....ssh-user= auth > Incoming packet #0x4, type 6 / 0x06 (SSH2_MSG_SERVICE_ACCEPT) > 00000000 00 00 00 0c 73 73 68 2d 75 73 65 72 61 75 74 68 ....ssh-user= auth > Outgoing packet #0x5, type 50 / 0x32 (SSH2_MSG_USERAUTH_REQUEST) > 00000000 00 00 00 04 72 6f 6f 74 00 00 00 0e 73 73 68 2d ....root....= ssh- > 00000010 63 6f 6e 6e 65 63 74 69 6f 6e 00 00 00 04 6e 6f connection..= ..no > 00000020 6e 65 ne > Incoming packet #0x5, type 51 / 0x33 (SSH2_MSG_USERAUTH_FAILURE) > 00000000 00 00 00 27 70 75 62 6c 69 63 6b 65 79 2c 70 61 ...'publicke= y,pa > 00000010 73 73 77 6f 72 64 2c 6b 65 79 62 6f 61 72 64 2d ssword,keybo= ard- > 00000020 69 6e 74 65 72 61 63 74 69 76 65 00 interactive. > Outgoing packet #0x6, type 50 / 0x32 (SSH2_MSG_USERAUTH_REQUEST) > 00000000 00 00 00 04 72 6f 6f 74 00 00 00 0e 73 73 68 2d ....root....= ssh- > 00000010 63 6f 6e 6e 65 63 74 69 6f 6e 00 00 00 14 6b 65 connection..= ..ke > 00000020 79 62 6f 61 72 64 2d 69 6e 74 65 72 61 63 74 69 yboard-inter= acti > 00000030 76 65 00 00 00 00 00 00 00 00 ve........ > Event Log: Attempting keyboard-interactive authentication > Incoming packet #0x6, type 51 / 0x33 (SSH2_MSG_USERAUTH_FAILURE) > 00000000 00 00 00 27 70 75 62 6c 69 63 6b 65 79 2c 70 61 ...'publicke= y,pa > 00000010 73 73 77 6f 72 64 2c 6b 65 79 62 6f 61 72 64 2d ssword,keybo= ard- > 00000020 69 6e 74 65 72 61 63 74 69 76 65 00 interactive. > Event Log: Server refused keyboard-interactive authentication > Outgoing packet #0x7, type 50 / 0x32 (SSH2_MSG_USERAUTH_REQUEST) > 00000000 00 00 00 04 72 6f 6f 74 00 00 00 0e 73 73 68 2d ....root....= ssh- > 00000010 63 6f 6e 6e 65 63 74 69 6f 6e 00 00 00 08 70 61 connection..= ..pa > 00000020 73 73 77 6f 72 64 00 XX XX XX XX XX XX XX XX XX ssword.XXXXX= XXXX > 00000030 XX XX XX XXX > Outgoing packet #0x8, type 2 / 0x02 (SSH2_MSG_IGNORE) > 00000000 00 00 00 a0 dd aa 67 0a 8d 42 d0 2a 5c 82 1e 5e ......g..B.*= \..^ > 00000010 ef 3b 9f 2a c2 5d 71 8a 28 ff 5d ca 1f 28 94 20 .;.*.]q.(.].= .(.=20 > 00000020 ec f4 2d dd 34 dc cf 99 94 da c1 40 7d a4 d9 09 ..-.4......@= }... > 00000030 0e 7c 15 f6 01 56 6b e8 a4 3c 45 a6 c9 bd 00 e3 .|...Vk.. 00000040 73 e1 36 85 61 09 2f 8f d6 a9 61 ce 58 d6 3f dc s.6.a./...a.= X.?. > 00000050 39 be b2 fd 5b a8 2d a9 46 d8 86 dc 12 cf 0b 82 9...[.-.F...= .... > 00000060 43 37 4f bf 39 f7 90 e9 6f 52 4e 36 50 8d 9b 67 C7O.9...oRN6= P..g > 00000070 b5 7a b3 c3 f5 f2 56 40 b4 75 de 71 1f 22 ff 2f .z....V@.u.q= ."./ > 00000080 00 0c 89 06 4f 20 44 fe 65 55 02 73 76 22 64 e2 ....O D.eU.s= v"d. > 00000090 11 14 ef 34 24 6f 5f 3f 61 95 d3 d1 c1 68 11 5e ...4$o_?a...= .h.^ > 000000a0 ff 29 f9 31 .).1 > Event Log: Sent password > Incoming packet #0x7, type 52 / 0x34 (SSH2_MSG_USERAUTH_SUCCESS) > Event Log: Access granted > I am using 28faad4 of master. -- This message was sent by Atlassian JIRA (v6.3.4#6332)