subject:"[jira] [Commented] (KARAF-3492) Can't connect to Karaf sshd using key authentication"

[jira] [Commented] (KARAF-3492) Can't connect to Karaf sshd using key authentication

2015-02-01 Thread Jens Offenbach (JIRA)


[ 
https://issues.apache.org/jira/browse/KARAF-3492?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14300922#comment-14300922
 ] 

Jens Offenbach commented on KARAF-3492:
---

{code:borderStyle=solid}
./client -h localhost -a 8101 -u karaf instance:connect test
{code}

This command makes a lot of sense! In our cloud environment, each port that 
must be accessible from the outside must be added to a security group. Having a 
dynamic number of child instances requires that each ssh port is put into that 
security group. The redirection over the root instance is a way that all child 
instances can be managed from the outside without any further additions to the 
security group.

 Can't connect to Karaf sshd using key authentication
 

 Key: KARAF-3492
 URL: https://issues.apache.org/jira/browse/KARAF-3492
 Project: Karaf
  Issue Type: Bug
  Components: karaf-shell
Affects Versions: 4.0.0, 3.0.2
Reporter: Jean-Baptiste Onofré
Assignee: Jean-Baptiste Onofré
 Fix For: 4.0.0, 3.0.4


 The following doesn't work with Apache Karaf 3.0.2, whereas it worked with 
 3.0.1.
 {code}
 su - karaf -c  client -h localhost -a 8101 -u karaf -r 50 -d 2 \
 instance:connect -u karaf -p karaf test1 \\\ feature:repo-list \\\ \ 
 Logging in as karaf
 455 [sshd-SshClient[bea319b]-nio2-thread-1] WARN
 org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at
 [localhost/127.0.0.1:8101, DSA,
 b6:f6:d6:3f:8b:2f:ad:a4:0f:3f:3d:c3:7b:96:fd:ae] presented unverified {}
 key: {}
 Connecting to host localhost on port 8103
 Connecting to unknown server. Automatically adding to known hosts.
 Storing the server key in known_hosts.
 Error executing command: Authentication failed
 {code}
 Increasing the verbose level:
 {code}
 client -v -h localhost -a 8101 -u karaf -r 50 -d 2  instance:connect -u
 karaf test1 \ feature:repo-list \ 
 39 [main] INFO org.apache.sshd.common.util.SecurityUtils - BouncyCastle not
 registered, using the default JCE provider
 Logging in as karaf
 367 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientSessionImpl - Client session created
 380 [main] INFO org.apache.sshd.client.session.ClientSessionImpl - Start
 flagging packets as pending until key exchange is done
 383 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientSessionImpl - Server version string:
 SSH-2.0-SSHD-CORE-0.12.0
 384 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientSessionImpl - Kex: server-client
 [aes128-ctr, hmac-sha1, none] {} {}
 384 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientSessionImpl - Kex: client-server
 [aes128-ctr, hmac-sha1, none] {} {}
 444 [sshd-SshClient[bea319b]-nio2-thread-1] WARN
 org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at
 [localhost/127.0.0.1:8101, DSA,
 22:8b:f8:9d:bc:c6:40:d8:fe:52:aa:90:c0:f2:70:ec] presented unverified {}
 key: {}
 457 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientSessionImpl - Dequeing pending packets
 524 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientUserAuthServiceNew - Received
 SSH_MSG_USERAUTH_FAILURE
 568 [sshd-SshClient[bea319b]-nio2-thread-2] INFO
 org.apache.sshd.client.session.ClientUserAuthServiceNew - Received
 SSH_MSG_USERAUTH_SUCCESS
 Connecting to host localhost on port 8102
 Error executing command: Authentication failed 
 {code}
 Switching to DEBUG:
 {code}
 2015-01-15 11:28:48,920 | DEBUG | 5]-nio2-thread-1 | ClientSessionImpl

 | 28 - org.apache.sshd.core - 0.12.0 | Received SSH_MSG_SERVICE_ACCEPT
 2015-01-15 11:28:48,920 | INFO  | 5]-nio2-thread-1 |
 ClientUserAuthServiceNew | 28 - org.apache.sshd.core - 0.12.0 |
 Received SSH_MSG_USERAUTH_FAILURE
 2015-01-15 11:28:48,920 | DEBUG | 5]-nio2-thread-1 |
 ClientUserAuthServiceNew | 28 - org.apache.sshd.core - 0.12.0 |
 Authentications that can continue: keyboard-interactive, password, publickey
 2015-01-15 11:28:48,922 | DEBUG | 5]-nio2-thread-1 | Nio2Session  

 | 28 - org.apache.sshd.core - 0.12.0 | Caught exception, now calling handler
 2015-01-15 11:28:48,922 | WARN  | 5]-nio2-thread-1 | ClientSessionImpl

 | 28 - org.apache.sshd.core - 0.12.0 | Exception caught
 java.lang.IllegalStateException: No SSH_AUTH_SOCK environment variable set
 at
 org.apache.karaf.shell.ssh.KarafAgentFactory.createClient(KarafAgentFactory.java:71)
 at
 org.apache.sshd.client.auth.UserAuthPublicKey.init(UserAuthPublicKey.java:78)
 at
 org.apache.sshd.client.session.ClientUserAuthServiceNew.tryNext(ClientUserAuthServiceNew.java:212)
 at

[jira] [Commented] (KARAF-3492) Can't connect to Karaf sshd using key authentication

2015-01-31 Thread JIRA


[ 
https://issues.apache.org/jira/browse/KARAF-3492?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14300099#comment-14300099
 ] 

Jean-Baptiste Onofré commented on KARAF-3492:
-

On Karaf 3.0.2, I uncommented the key in etc/keys.properties, and I did:

{code}
./client -h localhost -a 8101 -u karaf la
{code}

It works without problem.

I created an instance (instance:create), updated the etc/keys.properties of the 
instance to uncomment the key, started the instance, and tried:

{code}
./client -h localhost -a 8102 -u karaf la
{code}

It works without problem.

I tried:

{code}
./client -h localhost -a 8101 -u karaf instance:connect test
Logging in as karaf
299 [sshd-SshClient[231c0dc6]-nio2-thread-2] WARN 
org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at 
[localhost/127.0.0.1:8101, DSA, 
a5:29:4b:e5:f7:58:2a:f8:8f:46:7a:54:92:ef:16:3e] presented unverified {} key: {}
Connecting to host localhost on port 8102
Error executing command: Authentication failed
Server key for host localhost/127.0.0.1:8102 does not match the stored key !! 
Terminating session.
{code}

it doesn't work (and actually it doesn't make sense, externally, you should use 
directly client or ssh).

From the root instance, I tried:

{code}
karaf@root() instance:connect test
Connecting to host localhost on port 8102
Server key for host localhost/127.0.0.1:8102 does not match the stored key !! 
Terminating session.
Error executing command: Authentication failed
{code}

It doesn't work: I already created a Jira about that (I gonna linked both).

 Can't connect to Karaf sshd using key authentication
 

 Key: KARAF-3492
 URL: https://issues.apache.org/jira/browse/KARAF-3492
 Project: Karaf
  Issue Type: Bug
  Components: karaf-shell
Affects Versions: 3.0.2
Reporter: Jean-Baptiste Onofré
Assignee: Jean-Baptiste Onofré

 The following doesn't work with Apache Karaf 3.0.2, whereas it worked with 
 3.0.1.
 {code}
 su - karaf -c  client -h localhost -a 8101 -u karaf -r 50 -d 2 \
 instance:connect -u karaf -p karaf test1 \\\ feature:repo-list \\\ \ 
 Logging in as karaf
 455 [sshd-SshClient[bea319b]-nio2-thread-1] WARN
 org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at
 [localhost/127.0.0.1:8101, DSA,
 b6:f6:d6:3f:8b:2f:ad:a4:0f:3f:3d:c3:7b:96:fd:ae] presented unverified {}
 key: {}
 Connecting to host localhost on port 8103
 Connecting to unknown server. Automatically adding to known hosts.
 Storing the server key in known_hosts.
 Error executing command: Authentication failed
 {code}
 Increasing the verbose level:
 {code}
 client -v -h localhost -a 8101 -u karaf -r 50 -d 2  instance:connect -u
 karaf test1 \ feature:repo-list \ 
 39 [main] INFO org.apache.sshd.common.util.SecurityUtils - BouncyCastle not
 registered, using the default JCE provider
 Logging in as karaf
 367 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientSessionImpl - Client session created
 380 [main] INFO org.apache.sshd.client.session.ClientSessionImpl - Start
 flagging packets as pending until key exchange is done
 383 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientSessionImpl - Server version string:
 SSH-2.0-SSHD-CORE-0.12.0
 384 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientSessionImpl - Kex: server-client
 [aes128-ctr, hmac-sha1, none] {} {}
 384 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientSessionImpl - Kex: client-server
 [aes128-ctr, hmac-sha1, none] {} {}
 444 [sshd-SshClient[bea319b]-nio2-thread-1] WARN
 org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at
 [localhost/127.0.0.1:8101, DSA,
 22:8b:f8:9d:bc:c6:40:d8:fe:52:aa:90:c0:f2:70:ec] presented unverified {}
 key: {}
 457 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientSessionImpl - Dequeing pending packets
 524 [sshd-SshClient[bea319b]-nio2-thread-1] INFO
 org.apache.sshd.client.session.ClientUserAuthServiceNew - Received
 SSH_MSG_USERAUTH_FAILURE
 568 [sshd-SshClient[bea319b]-nio2-thread-2] INFO
 org.apache.sshd.client.session.ClientUserAuthServiceNew - Received
 SSH_MSG_USERAUTH_SUCCESS
 Connecting to host localhost on port 8102
 Error executing command: Authentication failed 
 {code}
 Switching to DEBUG:
 {code}
 2015-01-15 11:28:48,920 | DEBUG | 5]-nio2-thread-1 | ClientSessionImpl

 | 28 - org.apache.sshd.core - 0.12.0 | Received SSH_MSG_SERVICE_ACCEPT
 2015-01-15 11:28:48,920 | INFO  | 5]-nio2-thread-1 |
 ClientUserAuthServiceNew | 28 - org.apache.sshd.core - 0.12.0 |
 Received SSH_MSG_USERAUTH_FAILURE
 2015-01-15 11:28:48,920 | DEBUG | 5]-nio2-thread-1 |
 ClientUserAuthServiceNew | 28 - org.apache.sshd.core

[jira] [Commented] (KARAF-3492) Can't connect to Karaf sshd using key authentication

[jira] [Commented] (KARAF-3492) Can't connect to Karaf sshd using key authentication

2 matches

Site Navigation

Mail list logo

Footer information