Need to SSH to destination host through jumphost. Had tried the same mentioned in JSch JumpHosts example.
Session[] sessions = new Session[2];
Session session = null;
sessions[0] = session = jsch.getSession(getUserName(), "jumphost1.com", 22);
session.setPassword(getHostPassword());
UserInfo userInfo = new UserInfo();
userInfo.setPassword(getHostPassword());
session.setUserInfo(userInfo);
Properties prop = new Properties();
prop.put("StrictHostKeyChecking", "no");
prop.put("PreferredAuthentications", "publickey,keyboard-interactive,password");
session.setConfig(prop);
session.connect();
String host = "host1.com";
int assignedPort = session.setPortForwardingL(0, host, 22);
LOGGER.info("Jump host the {} of agent {} and port forwarding {}", i, host, assignedPort);
sessions[i] = session = jsch.getSession(getUserName(), "127.0.0.1", assignedPort);
session.setPassword(getHostPassword());
userInfo = new UserInfo();
userInfo.setPassword(getHostPassword());
session.setUserInfo(userInfo);
session.setHostKeyAlias(host);
session.connect();
Getting below exception when connection to destination host:
Caused by: com.jcraft.jsch.JSchException: reject HostKey: 127.0.0.1
at com.jcraft.jsch.Session.checkHost(Session.java:799)
at com.jcraft.jsch.Session.connect(Session.java:345)
at com.jcraft.jsch.Session.connect(Session.java:183)
I am trying to login to host host1.com through jumphost1.com
login to jumphost1.com
then ssh host1.com
execute the commands in the host1
Your code for connecting through jumphost is correct.
The only problem is that your local host key repository contains a different host key for the second host, than what you receive from the real (second) host.
You actually do not seem to care about security, as you set StrictHostKeyChecking=no for the jumphost session (what the official example rightly does not do!). But you do not do the same for the second session, hence the error.
See also How to resolve Java UnknownHostKey, while using JSch SFTP library?
Related
I need to setup a socks proxy (tunnel) over ssh in android with java (android studio). I searched a lot but I couldn't find any solutions. This is my code:
int assigned_port;
int local_port=8588;
int remote_port=22;
String remote_host = "server";
String login = "root";
String password = "password";
try {
JSch jsch = new JSch();
// Create SSH session. Port 22 is your SSH port which
// is open in your firewall setup.
Session session = jsch.getSession(login, remote_host, 22);
session.setPassword(password);
// Additional SSH options. See your ssh_config manual for
// more options. Set options according to your requirements.
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
// config.put("Compression", "yes");
config.put("ConnectionAttempts","2");
session.setConfig(config);
// Connect
session.connect();
// Create the tunnel through port forwarding.
// This is basically instructing jsch session to send
// data received from local_port in the local machine to
// remote_port of the remote_host
// assigned_port is the port assigned by jsch for use,
// it may not always be the same as
// local_port.
assigned_port = session.setPortForwardingL(local_port,
remote_host, remote_port);
} catch (JSchException e) {
System.out.println("JSch:" + e.getMessage());
return;
}
if (assigned_port == 0) {
System.out.println("Port forwarding failed!");
return;
}
There is no error but it didn't work. I need a simple code of socks tunneling.
When I am trying to get connected with the ftp server for file uploading, I am getting exception com.jcraft.jsch.JSchException: session is down
Code is in groovy:
String SFTPHOST = "########"
int SFTPPORT = 22
String SFTPUSER = "########"
String SFTPPASS = "########"
String SFTPWORKINGDIR = "/QA/"
ChannelSftp sftp = null
Session session = null
try {
JSch jsch = new JSch()
session = jsch.getSession(SFTPUSER, SFTPHOST, SFTPPORT)
session.setPassword(SFTPPASS)
session.setConfig("StrictHostKeyChecking", "no")
session.setConfig("PreferredAuthentications",
"publickey,keyboard-interactive,password")
session.connect()
Channel channel = session.openChannel "sftp"
channel.connect()
sftp = channel as ChannelSftp
sftp.cd SFTPWORKINGDIR
File f = new File("Demo.csv")
sftp.put(new FileInputStream(f), f.getName())
//def fileList = sftp.ls("*")
println fileList.size()
} catch (Exception ex) {
ex.printStackTrace()
}
I got the issue...Actually JSch is not an FTP client it's an SSH client (with an included SFTP implementation). And the ftp server which i am connecting with is not a ssh server. That's why jsch is unable to connect with that ftp server. I have used apache commons ftp client and its working fine
I'm getting a java.net.ConnectException: failed to connect to 192.168.2.100 (port 22): connect failed: ECONNREFUSED (Connection refused) when connecting to a server via SSH with JSCH-0.1.54 on Android.
The firewall is configured to let the IP adress through.
SSH connection from Windows to the server is possible via Putty.
The server's IP adress is alright.
What else can it be?
The code I'm using is below:
protected Long doInBackground(String... params)
{
try
{
System.setProperty("http.keepAlive", "false");
JSch jsch = new JSch();
Session session = jsch.getSession("root", "192.168.2.100", 22);
session.setPassword("Password");
session.setTimeout(10000);
Properties props = new Properties();
props.put("StrictHostKeyChecking", "no");
session.setConfig(props);
session.connect();
ChannelExec channel = (ChannelExec) session.openChannel("exec");
if(params[0]=="poweroff")
{
LogPublic("Server wird heruntergefahren");
}
else if(params[0]=="reboot")
{
LogPublic("Server wird neugestartet");
}
channel.setCommand(params[0]);
channel.connect();
channel.disconnect();
session.disconnect();
jsch.removeAllIdentity();
jsch = null;
return new Long(1);
}
catch (Exception ex)
{
LogPublic(ex.getMessage());
return new Long(0);
}
}
The solution was to set the server's static IP address out of my router's DHCP range as this caused an IP conflict.
When I'm adding a reverse tunnel to a com.jcraft.jsch.Session object, the connection initialization fails with the following stacktrace:
com.jcraft.jsch.JSchException: java.lang.NullPointerException
at com.jcraft.jsch.Session._setPortForwardingR(Session.java:2165)
at com.jcraft.jsch.Session.setPortForwardingR(Session.java:1937)
at com.jcraft.jsch.Session.setPortForwardingR(Session.java:1883)
at com.project.client.handlers.SshClientHandler.<init>(SshClientHandler.java:41)
at com.project.client.pcConnection.init(SdConnection.java:30)
at Sdclient.main(Unknown Source)
Caused by: java.lang.NullPointerException
at com.jcraft.jsch.Packet.padding(Packet.java:58)
at com.jcraft.jsch.Session.encode(Session.java:892)
at com.jcraft.jsch.Session._write(Session.java:1362)
at com.jcraft.jsch.Session.write(Session.java:1357)
at com.jcraft.jsch.Session._setPortForwardingR(Session.java:2160)
... 5 more
The full code there is
private static JSch sshConn = null;
private Session sshSession;
public SshClientHandler(int _sshLocalSp, int _sshRemoteSp) {
JSch.setLogger(new JSCHLogger());
sshConn = new JSch();
try {
createTemporarySshFiles();
sshConn.setKnownHosts(GeneralMethods.getPreference(PcPreferencesEnum.SSH_KNOWN_HOSTS_FILE));
sshConn.addIdentity(GeneralMethods.getPreference(PcPreferencesEnum.SSHC_PRIVATE_KEY_FILE), GeneralMethods.getPreference(PcPreferencesEnum.SSHC_PUBLIC_KEY_FILE), "".getBytes());
sshSession = sshConn.getSession(GeneralMethods.getPropValue("pcclient.id"), "sshserver.project.com", 22);
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
sshSession.setConfig(config);
sshSession.setTimeout(15000);
sshSession.setPassword("");
//sshSession.setPortForwardingR("50000:localhost:22");
sshSession.setPortForwardingR(50000, "127.0.0.1", 22);
sshSession.connect();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
The connection estabishes successfully w/ publickey authentication when I remove the line
sshSession.setPortForwardingR(50000, "127.0.0.1", 22);
The SSH user has the right to connect to the local port 50000 on the remote machine. Here is a snippet from it's authorized_keys
no-pty,permitopen="localhost:50000",command="/bin/echo not-allowed-to-do-this",no-X11-forwarding ssh-rsa AAAA[...]
I switched arguments for setPortForwardingR back and forth, as - for example - some documents I found online use the remote machine as second argument, some use localhost, but with no success.
Watching auth.log on the remote server indicates that the connection is not even initiated. The NullPointerException gets thrown on the actual line of the setPortForwardingR call. I ensured that my local SSH server is running on the local port 22, and I can connect manually to it. I tried different ports (to my local MySQL server, e.g.), but it always fails with the same stacktrace.
I'm using jsch-0.1.52.jar.
You have to call the .setPortForwardingR() only after the .connect().
See for example:
http://www.jcraft.com/jsch/examples/Daemon.java.html
I'm trying to connect to my SFTP server from a Java script.
I'm using JSch lib for my purpose. Username, password and hostname are correct but I obtain an: Auth fail error.
I've also tried to add the following lines before session.connect(), but the problem still remains.
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
session.setConfig(config);
What do I have to put inside knownhosts.txt? The fingerprint of my server key?
public static void upload(ArrayList<File> a) {
try{
JSch jsch = new JSch();
jsch.setKnownHosts("knownhosts.txt");
Session session = jsch.getSession("username", "hostname", 22);
session.setPassword("mypassword");
session.connect();
Channel channel = session.openChannel("sftp");
channel.connect();
ChannelSftp channelSftp = (ChannelSftp) channel;
channelSftp.cd("/var/www/");
for(File object: a){
channelSftp.put(new FileInputStream(object), object.getName(), channelSftp.OVERWRITE);
}
channelSftp.exit();
session.disconnect();
} catch (Exception ex) {
ex.printStackTrace();
}
}
Do you have some advices? Thanks in advance!
Does your network/SMTP server support IP6? If your client has IP6 support, later versions of Java default to IP6, but many SMTP servers are configured on IP4. See this article here for Sending email using JSP for directions on configuring your JVM to force IP4. This needs to be set on the JVM as it is instantiated.