mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Goldstein Lyor (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SSHD-700) SSHD does not suppot agent forwarding for XShell and XAgent
Date Fri, 30 Jun 2017 14:15:00 GMT

    [ https://issues.apache.org/jira/browse/SSHD-700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16070161#comment-16070161
] 

Goldstein Lyor commented on SSHD-700:
-------------------------------------

I have reviewed the code and have a few questions/issues:

* In {{ProxyAgentFactory}} you replaced {{UnixAgentFactory}} with {{LocalAgentFactory}} -
have you tested the code on _Unix_ ? Perhaps the correct code would be to use:
{code:java}
@Override
public List<NamedFactory<Channel>> getChannelForwardingFactories(FactoryManager
manager) {
    return OsUtils.isUnix() ? UnixAgentFactory.DEFAULT_FORWARDING_CHANNELS : LocalAgentFactory.DEFAULT_FORWARDING_CHANNELS;
}
{code}
* The code is using cascaded calls - e.g.
{code:java}
session.getProperties().put("agentType", requestType);
rtn.setChannelType((String) getSession().getProperties().get("agentType"));   <-- what
if not set ?
{code}
please avoid such coding as it makes things difficult to read and/or debug.
* Specifically on the issue of properties, you should use
{code:java}
PropertyResolverUtils.updateProperty(session, "agentType", requestType);
PropertyResolverUtils.getString(session, "agentType");
{code}
* We do not repeat strings (e.g. {{agentType}}) - please use a literal constant - in this
case on the {{FactoryManager}} with the appropriate *documentation* comment as to what it
is used for. In this context, please note that we do not use camel-case - I would suggest
a value of {{agent-fw-auth-type}}.
* In the code below, please replace the constants (104, 204) with properly named literal constants
in {{SshAgentConstants}}. In this context, please add a javadoc comment link to the *documentation*
on which they are based.
{code:java|title=AbstractAgentProxy#getIdentities}
byte cmd = SshAgentConstants.SSH2_AGENTC_REQUEST_IDENTITIES;
byte okcmd = SshAgentConstants.SSH2_AGENT_IDENTITIES_ANSWER;
if (CHANNEL_TYPE_IETF.equals(channelType)) {
        cmd = (byte) 204;
        okcmd = (byte) 104;
}
{code}
Please review, fix and re-submit as a pull request

> SSHD does not suppot agent forwarding for XShell and XAgent
> -----------------------------------------------------------
>
>                 Key: SSHD-700
>                 URL: https://issues.apache.org/jira/browse/SSHD-700
>             Project: MINA SSHD
>          Issue Type: New Feature
>    Affects Versions: 1.2.0
>         Environment: Windows 10 and CentOS 7
> XShell 5.0
>            Reporter: Li Fangning
>            Priority: Minor
>         Attachments: block.png, debug.log, environment.png, log1.txt, log2.txt, sshd-core.zip,
SshdTest2.java, SshdTest3.java, stacktrace.png
>
>
> I use MINA SSHD for both server side and client side:
> SSH client  --> MINA SSHD Server - MINA SSHD Client --> Target Linux Server
> I use XShell (http://www.netsarang.com/) as SSH client, and use XAgent with XShell for
target server authentication (Public Key Access with Agent Forwarding).
> I have tried PuTTY (with pagent), SecureCRT, and openssh client in linux, they are all
passed. But when I try XShell with XAgent, the agent forwarding phase is failed.
> When I check the debug log and source code of MINA SSHD, I find that SSHD only handle
the "auth-agent-req@openssh.com" request type (in org.apache.sshd.server.channel.ChannelSession#handleInternalRequest),
which is OK for PuTTY, SecureCRT and openssh client. But XShell send a "auth-agent-req" request
(without "@openssh.com"), so SSHD not handle the request.
> I have try to change the source code, add "auth-agent-req" to the "switch-case" in handleInternalRequest,
but the authentication is blocked.
> I have attached my code, please help me solve the problem.
> Thanks a lot.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message