[jruby-dev] [jira] Created: (JRUBY-4077) Net::SSH "all authorization methods failed" Solaris -> Solaris

Paul Blair (JIRA) Thu, 08 Oct 2009 18:39:29 -0700

Net::SSH "all authorization methods failed" Solaris -> Solaris
--------------------------------------------------------------


                 Key: JRUBY-4077
                 URL: http://jira.codehaus.org/browse/JRUBY-4077
             Project: JRuby
          Issue Type: Bug
          Components: OpenSSL
    Affects Versions: JRuby-OpenSSL 0.5.2
         Environment: Solaris 10, JRuby 1.3.1, net-ssh (2.0.15), jruby-openssl 
(0.5.2)
            Reporter: Paul Blair


This error was found in communicating between the same two Solaris 10 machines 
as in JRUBY-4075 but in the opposite direction, with cipher aes128-cbc (or 
blowfish). As far as I can tell the ssh configurations of the two machines are 
the same; however, communicating in this direction I was able to get much 
farther along before failure.

Test code:

require 'rubygems'
require 'net/ssh'
Net::SSH.start('[HOST]', '[USER]', :verbose => :debug) do |ssh|
        puts ssh.exec!("hostname")
end

For the first attempt, the ssh default settings had compression on and X11 
forwarding on. When I tried to connect I would get an error that the remote 
host had disconnected:

$ jruby ssh_troubleshooting.rb
D, [2009-10-06T11:26:00.343000 #13397] DEBUG -- net.ssh.transport.session[e8]: 
establishing connection to [HOST:PORT]
D, [2009-10-06T11:26:00.394000 #13397] DEBUG -- net.ssh.transport.session[e8]: 
connection established
I, [2009-10-06T11:26:00.397000 #13397]  INFO -- 
net.ssh.transport.server_version[ea]: negotiating protocol version
D, [2009-10-06T11:26:00.415000 #13397] DEBUG -- 
net.ssh.transport.server_version[ea]: remote is `SSH-2.0-Sun_SSH_1.1.2'
D, [2009-10-06T11:26:00.417000 #13397] DEBUG -- 
net.ssh.transport.server_version[ea]: local is `SSH-2.0-Ruby/Net::SSH_2.0.15 
java'
D, [2009-10-06T11:26:00.665000 #13397] DEBUG -- tcpsocket[ec]: read 376 bytes
D, [2009-10-06T11:26:00.754000 #13397] DEBUG -- tcpsocket[ec]: received packet 
nr 0 type 20 len 372
I, [2009-10-06T11:26:00.757000 #13397]  INFO -- 
net.ssh.transport.algorithms[ee]: got KEXINIT from server
I, [2009-10-06T11:26:00.762000 #13397]  INFO -- 
net.ssh.transport.algorithms[ee]: sending KEXINIT
D, [2009-10-06T11:26:00.767000 #13397] DEBUG -- tcpsocket[ec]: queueing packet 
nr 0 type 20 len 556
D, [2009-10-06T11:26:00.769000 #13397] DEBUG -- tcpsocket[ec]: sent 560 bytes
I, [2009-10-06T11:26:00.770000 #13397]  INFO -- 
net.ssh.transport.algorithms[ee]: negotiating algorithms
D, [2009-10-06T11:26:00.774000 #13397] DEBUG -- 
net.ssh.transport.algorithms[ee]: negotiated:
* kex: diffie-hellman-group-exchange-sha1
* host_key: ssh-rsa
* encryption_server: aes128-cbc
* encryption_client: aes128-cbc
* hmac_client: hmac-md5
* hmac_server: hmac-md5
* compression_client: zlib
* compression_server: zlib
* language_client:
* language_server:
D, [2009-10-06T11:26:00.775000 #13397] DEBUG -- 
net.ssh.transport.algorithms[ee]: exchanging keys
D, [2009-10-06T11:26:06.590000 #13397] DEBUG -- tcpsocket[ec]: queueing packet 
nr 1 type 34 len 20
D, [2009-10-06T11:26:06.592000 #13397] DEBUG -- tcpsocket[ec]: sent 24 bytes
D, [2009-10-06T11:26:06.616000 #13397] DEBUG -- tcpsocket[ec]: read 152 bytes
D, [2009-10-06T11:26:06.619000 #13397] DEBUG -- tcpsocket[ec]: received packet 
nr 1 type 31 len 148
D, [2009-10-06T11:26:06.977000 #13397] DEBUG -- tcpsocket[ec]: queueing packet 
nr 2 type 32 len 140
D, [2009-10-06T11:26:06.979000 #13397] DEBUG -- tcpsocket[ec]: sent 144 bytes
D, [2009-10-06T11:26:07.034000 #13397] DEBUG -- tcpsocket[ec]: read 464 bytes
D, [2009-10-06T11:26:07.037000 #13397] DEBUG -- tcpsocket[ec]: received packet 
nr 2 type 33 len 444
D, [2009-10-06T11:26:07.576000 #13397] DEBUG -- tcpsocket[ec]: queueing packet 
nr 3 type 21 len 20
D, [2009-10-06T11:26:07.577000 #13397] DEBUG -- tcpsocket[ec]: sent 24 bytes
D, [2009-10-06T11:26:07.580000 #13397] DEBUG -- tcpsocket[ec]: received packet 
nr 3 type 21 len 12
D, [2009-10-06T11:26:07.596000 #13397] DEBUG -- 
net.ssh.authentication.session[f6]: beginning authentication of `[USER]'
D, [2009-10-06T11:26:07.659000 #13397] DEBUG -- tcpsocket[ec]: queueing packet 
nr 4 type  len 28
D, [2009-10-06T11:26:07.661000 #13397] DEBUG -- tcpsocket[ec]: sent 48 bytes
D, [2009-10-06T11:26:07.673000 #13397] DEBUG -- tcpsocket[ec]: read 0 bytes
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/transport/packet_stream.rb:96:in
 `next_packet': connection closed by remote host (Net::SSH::Disconnect)
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/transport/packet_stream.rb:86:in
 `loop'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/transport/packet_stream.rb:86:in
 `next_packet'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/transport/session.rb:169:in
 `poll_message'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/transport/session.rb:164:in
 `loop'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/transport/session.rb:164:in
 `poll_message'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/transport/session.rb:149:in
 `next_message'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/authentication/session.rb:82:in
 `next_message'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/authentication/session.rb:81:in
 `loop'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/authentication/session.rb:81:in
 `next_message'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/authentication/session.rb:110:in
 `expect_message'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh/authentication/session.rb:53:in
 `authenticate'
        from 
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh.rb:183:in 
`start'
        from ssh_troubleshooting.rb:3


I then made the following settings in ~/.ssh/config:
     Compression     no
     ForwardX11      no

Now I get all the way through, except I can't actually get authentication to 
happen:

$ jruby ssh_troubleshooting.rb 
D, [2009-10-08T14:39:05.906000 #27499] DEBUG -- net.ssh.transport.session[e8]: 
establishing connection to [HOST:PORT]
D, [2009-10-08T14:39:06.618000 #27499] DEBUG -- net.ssh.transport.session[e8]: 
connection established
I, [2009-10-08T14:39:06.620000 #27499]  INFO -- 
net.ssh.transport.server_version[ea]: negotiating protocol version
D, [2009-10-08T14:39:06.626000 #27499] DEBUG -- 
net.ssh.transport.server_version[ea]: remote is `SSH-2.0-OpenSSH_3.9p1'
D, [2009-10-08T14:39:06.628000 #27499] DEBUG -- 
net.ssh.transport.server_version[ea]: local is `SSH-2.0-Ruby/Net::SSH_2.0.15 
java'
D, [2009-10-08T14:39:06.658000 #27499] DEBUG -- tcpsocket[ec]: read 640 bytes
D, [2009-10-08T14:39:06.678000 #27499] DEBUG -- tcpsocket[ec]: received packet 
nr 0 type 20 len 636
I, [2009-10-08T14:39:06.681000 #27499]  INFO -- 
net.ssh.transport.algorithms[ee]: got KEXINIT from server
I, [2009-10-08T14:39:06.686000 #27499]  INFO -- 
net.ssh.transport.algorithms[ee]: sending KEXINIT
D, [2009-10-08T14:39:06.692000 #27499] DEBUG -- tcpsocket[ec]: queueing packet 
nr 0 type 20 len 556
D, [2009-10-08T14:39:06.693000 #27499] DEBUG -- tcpsocket[ec]: sent 560 bytes
I, [2009-10-08T14:39:06.695000 #27499]  INFO -- 
net.ssh.transport.algorithms[ee]: negotiating algorithms
D, [2009-10-08T14:39:06.698000 #27499] DEBUG -- 
net.ssh.transport.algorithms[ee]: negotiated:
* kex: diffie-hellman-group-exchange-sha1
* host_key: ssh-rsa
* encryption_server: aes128-cbc
* encryption_client: aes128-cbc
* hmac_client: hmac-md5
* hmac_server: hmac-md5
* compression_client: none
* compression_server: none
* language_client: 
* language_server: 
D, [2009-10-08T14:39:06.699000 #27499] DEBUG -- 
net.ssh.transport.algorithms[ee]: exchanging keys
D, [2009-10-08T14:39:12.434000 #27499] DEBUG -- tcpsocket[ec]: queueing packet 
nr 1 type 34 len 20
D, [2009-10-08T14:39:12.436000 #27499] DEBUG -- tcpsocket[ec]: sent 24 bytes
D, [2009-10-08T14:39:12.445000 #27499] DEBUG -- tcpsocket[ec]: read 152 bytes
D, [2009-10-08T14:39:12.454000 #27499] DEBUG -- tcpsocket[ec]: received packet 
nr 1 type 31 len 148
D, [2009-10-08T14:39:12.813000 #27499] DEBUG -- tcpsocket[ec]: queueing packet 
nr 2 type 32 len 140
D, [2009-10-08T14:39:12.815000 #27499] DEBUG -- tcpsocket[ec]: sent 144 bytes
D, [2009-10-08T14:39:12.819000 #27499] DEBUG -- tcpsocket[ec]: read 464 bytes
D, [2009-10-08T14:39:12.822000 #27499] DEBUG -- tcpsocket[ec]: received packet 
nr 2 type 33 len 444
D, [2009-10-08T14:39:13.361000 #27499] DEBUG -- tcpsocket[ec]: queueing packet 
nr 3 type 21 len 20
D, [2009-10-08T14:39:13.362000 #27499] DEBUG -- tcpsocket[ec]: sent 24 bytes
D, [2009-10-08T14:39:13.365000 #27499] DEBUG -- tcpsocket[ec]: received packet 
nr 3 type 21 len 12
D, [2009-10-08T14:39:13.381000 #27499] DEBUG -- 
net.ssh.authentication.session[f6]: beginning authentication of `[USER]'
D, [2009-10-08T14:39:13.446000 #27499] DEBUG -- tcpsocket[ec]: queueing packet 
nr 4 type 5 len 28
D, [2009-10-08T14:39:13.448000 #27499] DEBUG -- tcpsocket[ec]: sent 48 bytes
D, [2009-10-08T14:39:13.452000 #27499] DEBUG -- tcpsocket[ec]: read 48 bytes
D, [2009-10-08T14:39:13.458000 #27499] DEBUG -- tcpsocket[ec]: received packet 
nr 4 type 6 len 28
D, [2009-10-08T14:39:13.461000 #27499] DEBUG -- 
net.ssh.authentication.session[f6]: trying keyboard-interactive
D, [2009-10-08T14:39:13.464000 #27499] DEBUG -- 
net.ssh.authentication.methods.keyboard_interactive[f8]: trying 
keyboard-interactive
D, [2009-10-08T14:39:13.470000 #27499] DEBUG -- tcpsocket[ec]: queueing packet 
nr 5 type 50 len 76
D, [2009-10-08T14:39:13.471000 #27499] DEBUG -- tcpsocket[ec]: sent 96 bytes
D, [2009-10-08T14:39:13.476000 #27499] DEBUG -- tcpsocket[ec]: read 80 bytes
D, [2009-10-08T14:39:13.482000 #27499] DEBUG -- tcpsocket[ec]: received packet 
nr 5 type 51 len 60
D, [2009-10-08T14:39:13.484000 #27499] DEBUG -- 
net.ssh.authentication.session[f6]: allowed methods: 
publickey,gssapi-with-mic,password
D, [2009-10-08T14:39:13.485000 #27499] DEBUG -- 
net.ssh.authentication.methods.keyboard_interactive[f8]: keyboard-interactive 
failed
E, [2009-10-08T14:39:13.486000 #27499] ERROR -- 
net.ssh.authentication.session[f6]: all authorization methods failed (tried 
keyboard-interactive)
/path/to/jruby/lib/ruby/gems/1.8/gems/net-ssh-2.0.15/lib/net/ssh.rb:192:in 
`start': [USER] (Net::SSH::AuthenticationFailed)
        from ssh_troubleshooting.rb:3


I get similar errors if I set the authentication method to "password."

This may relate to something else I found when running Capistrano under JRuby 
on Linux. I can "cap deploy" from Linux to the Solaris boxes that I can't "cap 
deploy" to from Solaris; however, when I'm prompted for my password, I see two 
error messages: "stty: standard input: inappropriate ioctl for device"; the 
password is accepted but is echoed back to the user on the screen. Apparently 
Capistrano uses Highline to get user input from the console, and Highline likes 
termios. Since the termios gem has native extensions, it won't install under 
JRuby; however, Highline falls back to stty if there is no termios, and the 
stty error messages result from that.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira



---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email

[jruby-dev] [jira] Created: (JRUBY-4077) Net::SSH "all authorization methods failed" Solaris -> Solaris

Reply via email to