Java 使用 JSch 跳过 Kerberos 身份验证提示
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/29669459/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Skipping Kerberos authentication prompts with JSch
提问by Haritz
I am using the Connect()method in the SshJava class below in order to connect to a server using SSH (JSch) and running a command in the server.
我正在使用下面 Java 类中的Connect()方法,Ssh以便使用 SSH (JSch) 连接到服务器并在服务器中运行命令。
The problem is that when running Connect()the server prompts the next messages:
问题是运行Connect()服务器时提示下一条消息:
Kerberos username [********]:
Kerberos password for ********:
And in order to continue running I need to manually press the Enterkey twice, one for the user name and one for the password. I have tried to add the next code:
为了继续运行,我需要手动按Enter两次键,一次是用户名,一次是密码。我试图添加下一个代码:
// Press ENTER
Robot r = new Robot();
r.keyPress(KeyEvent.VK_ENTER);
r.keyRelease(KeyEvent.VK_ENTER);
But this code only works for the user name, I can not figure out how to automatically press ENTER when the server asks for the password. So far I have tried to put another code snippet as the one shown above below the
但是此代码仅适用于用户名,我不知道如何在服务器要求输入密码时自动按 ENTER。到目前为止,我已经尝试将另一个代码片段作为上面显示的代码片段放在下面
session.connect();
line.
线。
package ConnectSSH;
import java.awt.Robot;
import java.awt.event.KeyEvent;
import java.io.*;
import com.jcraft.jsch.ChannelExec;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.Session;
import com.jcraft.jsch.UserInfo;
public class Ssh{
private static final String user = "********";
private static final String host = "********";
private static final Integer port = 22;
private static final String pass = "********";
public void Connect() throws Exception{
JSch jsch = new JSch();
Session session = jsch.getSession(user, host, port);
UserInfo ui = new SUserInfo(pass, null);
session.setUserInfo(ui);
session.setPassword(pass);
//Press ENTER
Robot r = new Robot();
r.keyPress(KeyEvent.VK_ENTER);
r.keyRelease(KeyEvent.VK_ENTER);
session.connect();
ChannelExec channelExec = (ChannelExec)session.openChannel("exec");
InputStream in = channelExec.getInputStream();
channelExec.setCommand("RUN COMMAND");
channelExec.connect();
BufferedReader reader = new BufferedReader(new InputStreamReader(in));
String linea = null;
int index = 0;
while ((linea = reader.readLine()) != null) {
System.out.println(++index + " : " + linea);
}
channelExec.disconnect();
session.disconnect();
}
}
And this is the SUserInfoclass
这是SUserInfo班级
package ConnectSSH;
import com.jcraft.jsch.UserInfo;
public class SUserInfo implements UserInfo {
private String password;
private String passPhrase;
public SUserInfo (String password, String passPhrase) {
this.password = password;
this.passPhrase = passPhrase;
}
public String getPassphrase() {
return passPhrase;
}
public String getPassword() {
return password;
}
public boolean promptPassphrase(String arg0) {
return true;
}
public boolean promptPassword(String arg0) {
return false;
}
public boolean promptYesNo(String arg0) {
return true;
}
public void showMessage(String arg0) {
System.out.println("SUserInfo.showMessage()");
}
}
And this is what the logger returns:
这是记录器返回的内容:
INFO: Connecting to ****** port 22
INFO: Connection established
INFO: Remote version string: SSH-2.0-Sun_SSH_1.1.2
INFO: Local version string: SSH-2.0-JSCH-0.1.52
INFO: CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO: aes256-ctr is not available.
INFO: aes192-ctr is not available.
INFO: aes256-cbc is not available.
INFO: aes192-cbc is not available.
INFO: CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO: diffie-hellman-group14-sha1 is not available.
INFO: CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO: SSH_MSG_KEXINIT sent
INFO: SSH_MSG_KEXINIT received
INFO: kex: server: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
INFO: kex: server: ssh-rsa,ssh-dss
INFO: kex: server: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
INFO: kex: server: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
INFO: kex: server: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
INFO: kex: server: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
INFO: kex: server: none,zlib
INFO: kex: server: none,zlib
INFO: kex: server: ar-EG,ar-SA,bg-BG,ca-ES,cs-CZ,da-DK,de,de-AT,de-CH,de-DE,de-LU,el-CY,el-GR,en-AU,en-CA,en-GB,en-IE,en-MT,en-NZ,en-US,es,es-AR,es-BO,es-CL,es-CO,es-CR,es-EC,es-ES,es-GT,es-MX,es-NI,es-PA,es-PE,es-PY,es-SV,es-UY,es-VE,et-EE,fi-FI,fr,fr-BE,fr-CA,fr-CH,fr-FR,fr-LU,he-IL,hi-IN,hr-HR,hu-HU,is-IS,it,it-IT,ja-JP,kk-KZ,ko,ko-KR,lt-LT,lv-LV,mk-MK,mt-MT,nb-NO,nl-BE,nl-NL,nn-NO,pl,pl-PL,pt-BR,pt-PT,ro-RO,ru,ru-RU,sh-BA,sk-SK,sl-SI,sq-AL,sr-CS,sv,sv-SE,th-TH,tr-TR,uk-UA,zh,zh-CN,zh-HK,zh-TW,ar,ca,cz,da,el,et,fi,he,hu,ja,lt,lv,nl,no,no-NO,no-NY,nr,pt,sr-SP,sr-YU,th,tr,i-default
INFO: kex: server: ar-EG,ar-SA,bg-BG,ca-ES,cs-CZ,da-DK,de,de-AT,de-CH,de-DE,de-LU,el-CY,el-GR,en-AU,en-CA,en-GB,en-IE,en-MT,en-NZ,en-US,es,es-AR,es-BO,es-CL,es-CO,es-CR,es-EC,es-ES,es-GT,es-MX,es-NI,es-PA,es-PE,es-PY,es-SV,es-UY,es-VE,et-EE,fi-FI,fr,fr-BE,fr-CA,fr-CH,fr-FR,fr-LU,he-IL,hi-IN,hr-HR,hu-HU,is-IS,it,it-IT,ja-JP,kk-KZ,ko,ko-KR,lt-LT,lv-LV,mk-MK,mt-MT,nb-NO,nl-BE,nl-NL,nn-NO,pl,pl-PL,pt-BR,pt-PT,ro-RO,ru,ru-RU,sh-BA,sk-SK,sl-SI,sq-AL,sr-CS,sv,sv-SE,th-TH,tr-TR,uk-UA,zh,zh-CN,zh-HK,zh-TW,ar,ca,cz,da,el,et,fi,he,hu,ja,lt,lv,nl,no,no-NO,no-NY,nr,pt,sr-SP,sr-YU,th,tr,i-default
INFO: kex: client: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO: kex: client: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO: kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO: kex: client: none
INFO: kex: client: none
INFO: kex: client:
INFO: kex: client:
INFO: kex: server->client aes128-ctr hmac-md5 none
INFO: kex: client->server aes128-ctr hmac-md5 none
INFO: SSH_MSG_KEXDH_INIT sent
INFO: expecting SSH_MSG_KEXDH_REPLY
INFO: ssh_rsa_verify: signature true
WARN: Permanently added '********' (RSA) to the list of known hosts.
INFO: SSH_MSG_NEWKEYS sent
INFO: SSH_MSG_NEWKEYS received
INFO: SSH_MSG_SERVICE_REQUEST sent
INFO: SSH_MSG_SERVICE_ACCEPT received
INFO: Authentications that can continue: gssapi-with-mic,publickey,keyboard-interactive,password
INFO: Next authentication method: gssapi-with-mic
And then it shows the next message
然后它显示下一条消息
Kerberos username [******]: Kerberos password for ********:
Where the Enterkey is pressed automatically for the username by the robot, but the Enterkey for the password needs to be pressed from the keyboard.
其中Enter关键是通过机器人的用户名自动按下,但Enter需要从键盘按下密码密钥。
采纳答案by Martin Prikryl
You have a Kerberos/GSSAPI authentication set as the preferred, yet you do not seem to actually use/want it. As you do not specify any username or password for the Kerberos prompts.
您将 Kerberos/GSSAPI 身份验证设置为首选,但您似乎并不实际使用/想要它。因为您没有为 Kerberos 提示指定任何用户名或密码。
The solution is to remove the Kerberos/GSSAPI (gssapi-with-mic) from the list of preferred authentication methods:
解决方案是gssapi-with-mic从首选身份验证方法列表中删除 Kerberos/GSSAPI ( ):
session.setConfig(
"PreferredAuthentications",
"publickey,keyboard-interactive,password");
Reference: SFTP connection through Java asking for weird authentication.
回答by sauveer
Try adding this:
尝试添加这个:
config.put("PreferredAuthentications","publickey,keyboard-interactive,password");
session.setConfig(config);
