Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auth fail for methods 'publickey' using ssh-agent #328

Open
cloneit opened this issue May 18, 2023 · 6 comments
Open

Auth fail for methods 'publickey' using ssh-agent #328

cloneit opened this issue May 18, 2023 · 6 comments

Comments

@cloneit
Copy link

cloneit commented May 18, 2023
edited

First of all, thank you maintaining this library.

I was facing Auth fail issue with Jsch 0.1.55 version. I recently saw this forked repository and tried to use the forked version of this Jsch version: 0.2.8. I am running on java_v11_oracle_runtime:0.18.1.

I am getting failure while running this for cloning a git repo using ssh-agent:

Auth fail for methods 'publickey' 11:32:22 at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:255) 11:32:22 at org.eclipse.jgit.api.CloneCommand.fetch(CloneCommand.java:302) 11:32:22 at org.eclipse.jgit.api.CloneCommand.call(CloneCommand.java:200)

Below is the code snippet for creating a Jsch session using ssh-agent and SSHSessionFactory:

`SshSessionFactory.setInstance(new JschConfigSessionFactory()
{
@OverRide
protected void configure(Host host, Session session)
{
session.setConfig("StrictHostKeyChecking", "false");
}

            @Override
            protected JSch createDefaultJSch(FS fs) throws JSchException
            {
                com.jcraft.jsch.SSHAgentConnector con = null;

                try
                {
                    con = new SSHAgentConnector();
                }
                catch (AgentProxyException e)
                {
                    logger.warn("Failed to init SSH Agent Proxy: ", e);
                }

                if (con == null || cmdLine.hasOption("usePrivateKey"))
                {
                    return super.createDefaultJSch(fs);
                }
                else
                {
                    final JSch jsch = new JSch();
                    JSch.setConfig("PreferredAuthentications", "publickey");
                    IdentityRepository irepo = new AgentIdentityRepository(con);
                    jsch.setIdentityRepository(irepo);
                    return jsch;
                }
            }
        });
        `

Would appreciate if you can help on this?

Thanks,
Ramesh
@norrisjeremy
Copy link
Contributor

Hi @cloneit,

  1. Do you have an SSH agent running and preloaded with an SSH key authorized by the server to which you are connecting?
  2. Have you tried enabling logging in JSch to get more detailed information?

Thanks,
Jeremy

@cloneit
Copy link
Author

cloneit commented May 18, 2023

Hi @norrisjeremy ,

Yes. SSH-agent are running and keys are pre-loaded. Below are the logs from the machine:

[ssh-agent] Looking for ssh-agent implementation...
[ssh-agent] Exec ssh-agent (binary ssh-agent on a remote machine)
Running ssh-add
Identity added: *******
[ssh-agent] Started.

@norrisjeremy
Copy link
Contributor

Hi @cloneit,

I'm not sure then. You have supplied very little information that we can use to assist you.
All I can say is that the error message Auth fail for methods 'publickey' means that the authentication to the server failed, which would indicate that the ssh-agent lacked a key that is authorized by the server to which you are connected.

Thanks,
Jeremy

@cloneit
Copy link
Author

cloneit commented May 18, 2023
edited

Hi @norrisjeremy ,

I can see both public and private keys getting pre-loaded in the logs. It is working with 0.1.55 version and Java version 8.

Now we are on Java v11 and using below lib versions.

Tried the workaround following these threads: #85 and #65

Added JunitSocketFactory lib as we are on Java11 and UnixDomainSocketFactory is available on Java v16+.

is it something missing from the implementation(code-snippet shared above)?

           `<dependency>
		<groupId>com.github.mwiede</groupId>
		<artifactId>jsch</artifactId>
		<version>0.2.8</version>
	 </dependency>`

            `<dependency>
		<groupId>com.kohlschutter.junixsocket</groupId>
		<artifactId>junixsocket-core</artifactId>
		<version>2.6.2</version>
		<type>pom</type>
            </dependency>`
            
            `<dependency>
		<groupId>org.eclipse.jgit</groupId>
		<artifactId>org.eclipse.jgit</artifactId>
		<version>5.3.2.201906051522-r</version>
	</dependency>`

@cloneit
Copy link
Author

cloneit commented May 22, 2023

Hi @norrisjeremy ,

Did you got chance to look at my above reply?

Thanks,
Ramesh

@norrisjeremy
Copy link
Contributor

Hi @cloneit,

Based upon the limited information you have provided (as you still haven't enabled logging in JSch), we can only conclude that the issue you are having is one of the following:

  1. The SSH agent you are attempting to use with JSch isn't actually loaded with a private key that is authorized on the server you are contacting as you believe.
  2. Or JSch isn't actually using the the SSH agent as you believe.

Additionally, you appear to be using an old version of JGit (5.3.2.201906051522) that was released almost four years ago instead of a more recent release, so it's quite possible that you are simply encountering some sort of issue in JGit.

Thanks,
Jeremy

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cloneit @norrisjeremy