Dear Yamanaka-san, Yes, I was using the original source code, and my test files are modified from the examples given but with the user prompting and progress dialog removed. An example is attached, with a simplified Makefile I created for testing.
I cut off two lines from the error message when I copied the screen
output; it is actually
GSSException: No valid credentials provided (Mechanism level: Failed to
find any Kerberos Ticket)
at
sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential
.java:133)
at
sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFact
ory.java:72)
at
sun.security.jgss.GSSManagerImpl.getCredentialElement(GSSManagerImpl.jav
a:149)
at
sun.security.jgss.GSSCredentialImpl.add(GSSCredentialImpl.java:389)
at
sun.security.jgss.GSSCredentialImpl.<init>(GSSCredentialImpl.java:60)
at
sun.security.jgss.GSSCredentialImpl.<init>(GSSCredentialImpl.java:37)
at
sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:96
)
at
sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:178)
at
sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:158)
at com.jcraft.jsch.jgss.GSSContextKrb5.init(Unknown Source)
at com.jcraft.jsch.UserAuthGSSAPIWithMIC.start(Unknown Source)
at com.jcraft.jsch.Session.connect(Unknown Source)
at com.jcraft.jsch.Session.connect(Unknown Source)
at ScpTo.main(ScpTo.java:53)
ScpTo Password SUCCESS
In any case, your suggestion worked. Adding that line to everyone of my
test file now allows the connection to succeed without those messages.
Still, that would mean that every application that wants to now use the
0.1.35 library instead of the 0.1.30 library will now have to modify
their code. I would have preferred that those error message be
suppressed automatically in the Jsch source code, if it makes sense.
Thank you for the quick response.
Best regards.
--- cllee
This e-mail is classified as INTERNAL USE ONLY.
--
Chia-Ling LEE
IT Security Risk Management
UBS AG, Stamford Branch
400 Atlantic St, Stamford, CT 06901
Tel: +1-(203)719-3486
E-mail: [EMAIL PROTECTED]
Internet: www.ubs.com
-----Original Message-----
From: Atsuhiko Yamanaka [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 18, 2007 10:41 AM
To: Lee, Chia-Ling
Cc: [email protected]
Subject: Re: [JSch-users] ANNOUNCE: JSch 0.1.35
Hi,
+-From: <[EMAIL PROTECTED]> ----------
|_Date: Thu, 18 Oct 2007 10:12:14 -0400 __
|
|I am testing Jsch 0.1.35 on the command line and the test programs
|generates a GSSException message everytime, even though the
connection
|is successful. For example,
|GSSException: No valid credentials provided (Mechanism level: Failed
to
|find any Kerberos Ticket)
| at
sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential
.java:133)
...
| at
sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:158)
| at com.jcraft.jsch.jgss.GSSContextKrb5.init(Unknown Source)
| at com.jcraft.jsch.UserAuthGSSAPIWithMIC.start(Unknown
Source)
| at com.jcraft.jsch.Session.connect(Unknown Source)
| at com.jcraft.jsch.Session.connect(Unknown Source)
I can not understand why GSSException is thrown from
GSSContextKrb5#init(byte[], int, int)
, which has been defined as follows,
public byte[] init(byte[] token, int s, int l) throws JSchException {
try{
return context.initSecContext(token, 0, l);
}
catch(GSSException ex){
throw new JSchException(ex.toString());
}
}
Are you really using the original source code?
|Another alternative is to put gssapi-with-mic at the back of that
|PreferredAuthentications option, or take it out completely. However,
I
|tried generating the documentation using javadoc but there is no
method
|that sets PreferredAuthentications. I looked into the source code
and it
|appears that this is a configuration that is set in Jsch.java. There
|appears to be no way to set this class variable apart from changing
the
|source code. Technically, that would be a change to the Jsch source
as
|well.
Session session=jsch.getSession(user, host);
...
session.setConfig("PreferredAuthentications",
"publickey,keyboard-interactive,password");
session.connect();
Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
+1-415-578-3454
Fax +81-22-224-8773
Skype callto://jcraft/
ScpTo.java
Description: ScpTo.java
Makefile.simple
Description: Makefile.simple
Visit our website at http://www.ubs.com This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mails are not encrypted and cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments.
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ JSch-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jsch-users
