is / jsch Goto Github PK
View Code? Open in Web Editor NEWMirror of JSch from JCraft.
License: Other
Mirror of JSch from JCraft.
License: Other
JSch Java Secure Channel by [email protected], JCraft,Inc. http://www.jcraft.com/jsch/ Last modified: Thu Mar 18 13:58:16 UTC 2015 Description =========== JSch is a pure Java implementation of SSH2. JSch allows you to connect to an sshd server and use port forwarding, X11 forwarding, file transfer, etc., and you can integrate its functionality into your own Java programs. JSch is licensed under BSD style license. Documentation ============= * README files all over the source tree have info related to the stuff in the directories. * ChangeLog: what changed from the previous version? Directories & Files in the Source Tree ====================================== * src/com/ has source trees of JSch * example/ has some samples, which demonstrate the usages. * tools/ has scripts for Ant. Why JSch? ========== Our intension in developing this stuff is to enable users of our pure java X servers, WiredX(http://wiredx.net/) and WeirdX, to enjoy secure X sessions. Our efforts have mostly targeted the SSH2 protocol in relation to X Window System and X11 forwarding. Of course, we are also interested in adding other functionality - port forward, file transfer, terminal emulation, etc. Features ======== * JSch is in pure Java, but it depends on JavaTM Cryptography Extension (JCE). JSch is know to work with: o J2SE 1.4.0 or later (no additional libraries required). o J2SE 1.3 and Sun's JCE reference implementation that can be obtained at http://java.sun.com/products/jce/ o J2SE 1.2.2 and later and Bouncycastle's JCE implementation that can be obtained at http://www.bouncycastle.org/ * SSH2 protocol support. * Key exchange: diffie-hellman-group-exchange-sha1, diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha256, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521 * Cipher: blowfish-cbc,3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc 3des-ctr,aes128-ctr,aes192-ctr,aes256-ctc, arcfour,arcfour128,arcfour256 * MAC: hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96 * Host key type: ssh-dss,ssh-rsa, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 * Userauth: password * Userauth: publickey(DSA,RSA,ECDSA) * Userauth: keyboard-interactive * Userauth: gssapi-with-mic * X11 forwarding. * xauth spoofing. * connection through HTTP proxy. * connection through SOCKS5, SOCKS4 proxy. * port forwarding. * stream forwarding. * signal sending. The unofficial patch for sshd of openssh will be find in the thread http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=104295745607575&w=2 * envrironment variable passing. * remote exec. * generating DSA and RSA key pairs. * supporting private keys in OpenSSL(traditional SSLeay) and PKCS#8 format. * SSH File Transfer Protocol(version 0, 1, 2, 3) * partial authentication * packet compression: zlib, [email protected] JZlib(http://www.jcraft.com/jzlib/) has been used. * hashed known_hosts file. * NONE Cipher switching. http://www.psc.edu/networking/projects/hpn-ssh/none.php * JSch is licensed under BSD style license(refer to LICENSE.txt). How To Try ========== This archive does not include java byte code, so please compile the source code by your self. $ cd jsch-?.?.?/src $ javac com/jcraft/jsch/*java com/jcraft/jsch/jce/*java com/jcraft/jzlib/*.java '/examples/' directory has included some samples to demonstrate what JSch can do. Please refer to '/examples/README' file. AES cipher ========== JSch supports aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr, aes256-ctr but you require AES support in your J2SE to choose some of them. If you are using Sun's J2SE, J2SE 1.4.2 or later is required. And then, J2SE 1.4.2(or later) does not support aes256 by the default, because of 'import control restrictions of some countries'. We have confirmed that by applying "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 1.4.2" on http://java.sun.com/j2se/1.4.2/download.html#docs we can enjoy 'aes256-cbc,aes256-ctr'. Stream Forwarding ================= JSch has a unique functionality, Stream Forwarding. Stream Forwarding allows you to plug Java I/O streams directly into a remote TCP port without assigning and opening a local TCP port. In port forwarding, as with the -L option of ssh command, you have to assign and open a local TCP port and that port is also accessible by crackers on localhost. In some case, that local TCP port may be plugged to a secret port via SSH session. A sample program, /example/StreamForwarding.java , demonstrates this functionality. Generating Authentication Keys ============================== JSch allows you to generate DSA and RSA key pairs, which are in OpenSSH format. Please refer to 'examples/KeyGen.java'. Packet Compression ================== According to the draft from IETF sesch working group, the packet compression can be applied to each data stream directions; from sshd server to ssh client and from ssh client to sshd server. So, jsch allows you to choose which data stream direction will be compressed or not. For example, in X11 forwarding session, the packet compression for data stream from sshd to ssh client will save the network traffic, but usually the traffic from ssh client to sshd is light, so by omitting the compression for this direction, you may be able to save some CPU time. Please refer to a sample program 'examples/Compression.java'. Property ======== By setting properties, you can control the behavior of jsch. Here is an example of enabling the packet compression, Session session=jsch.getSession(user, host, 22); java.util.Properties config=new java.util.Properties(); config.put("compression.s2c", "zlib,none"); config.put("compression.c2s", "zlib,none"); session.setConfig(config); session.connect(); Current release has supported following properties, * compression.s2c: zlib, none default: none Specifies whether to use compression for the data stream from sshd to jsch. If "zlib,none" is given and the remote sshd does not allow the packet compression, compression will not be done. * compression.c2s: zlib, none default: none Specifies whether to use compression for the data stream from jsch to sshd. * StrictHostKeyChecking: ask | yes | no default: ask If this property is set to ``yes'', jsch will never automatically add host keys to the $HOME/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed. This property forces the user to manually add all new hosts. If this property is set to ``no'', jsch will automatically add new host keys to the user known hosts files. If this property is set to ``ask'', new host keys will be added to the user known host files only after the user has confirmed that is what they really want to do, and jsch will refuse to connect to hosts whose host key has changed. TODO ==== * re-implementation with java.nio. * replacing cipher, hash by JCE with pure Java code. * SSH File Transfer Protocol version 4. * error handling. Copyrights & Disclaimers ======================== JSch is copyrighted by ymnk, JCraft,Inc. and is licensed through BSD style license. Read the LICENSE.txt file for the complete license. Credits and Acknowledgments ============================ JSch has been developed by [email protected] and it can not be hacked without several help. * First of all, we want to thank JCE team at Sun Microsystems. For long time, we had planed to implement SSH2 in pure Java, but we had hesitated to do because tons of work must be done for implementing ciphers, hashes, etc., from the scratch. Thanks to newly added functionalities to J2SE 1.4.0, we could start this project. * We appreciate the OpenSSH project. The options '-ddd' of sshd, '---vvv' of ssh and the compile options '-DPACKET_DEBUG', '-DDEBUG_KEXDH' and '-DDEBUG_KEX' were very useful in debugging JSch. * We appreciate IETF sesch working group and SSH Communications Security Corp. Without the standardization of the protocol, we could not get the chance to implement JSch. * We appreciate Seigo Haruyama(http://www.unixuser.org/~haruyama/), who are interpreting drafts of SSH2 protocol in Japanese. His works were very useful for us to understand the technical terms in our native language. * We also appreciate SourceForge.net's awesome service to the Open Source Community. If you have any comments, suggestions and questions, write us at [email protected] ``SSH is a registered trademark and Secure Shell is a trademark of SSH Communications Security Corp (www.ssh.com)''.
You'd better read
http://stackoverflow.com/questions/6263630/jschexception-algorithm-negotiation-fail
And i found the sshd_config method in Malte Clasen's comment, really works for me.
Add one line:
KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
in /etc/ssh/sshd_config, if you can.
Currently, only RSA format private keys are compatible with jsch. Are there any plans to supports the openssh key format? I'm willing to take a crack at a PR if there is nobody else working on this.
Can I use it safely
We are using jsch 0.1.54. We use it to simply create a SSH connection with a remote SSH server with PAM enabled in our application (Let's call it Application ALPHA)
Now, our current code is working fine for all our users. However, recently one user is getting
Session.connect: java.net.SocketException: Socket is not connected (Read failed)
This user simply uses a username and password authentication. Now, this user has VPN via which client can talk to SSH . But we have ruled out a server issue, since other clients/products are able to connect to the SSH server and the application ALPHA is also able to connect to the same SSH server in a different machine and using a different username . The user was not able to test using his credentials on a different machine due to various compliance issues.
I am listing out the properties that we use
final Properties pty= new Properties();
pty.put("StrictHostKeyChecking", "no");
pty.put("PreferredAuthentications", "publickey,password,keyboard-interactive");
What can be the different reason for this to happen, since we have been unable to recreate this as of now.
Hi Team,
We are getting com.jcraft.jsch.JSchException: verify: false exception Intermittently with latest version JSCH. Where it is claimed to fixed in 0.1.50.
com.jcraft.jsch.JSchException: verify: false
at com.jcraft.jsch.Session.connect(Session.java:307)
at com.jcraft.jsch.Session.connect(Session.java:160)
Please have a look.
OutputStream out = shell.getOutputStream();
out.write((command + "\n").getBytes());
out.flush();
com.jcraft.jsch.ProxyHTTP:
Can you throw the exception out...
`
try{
foo=response.indexOf(' ');
int bar=response.indexOf(' ', foo+1);
code=Integer.parseInt(response.substring(foo+1, bar));
reason=response.substring(bar+1);
}
catch(Exception e){
// Can you throw the exception out...
}
if(code!=200){
throw new IOException("proxy error: "+reason);
}
`
When I use this JSch lib, I got this error “reject HostKey”.
Anyone who know why ? How debug it ? Any suggest is good.
in _put and _get method, monitor.count don't pass the total data length read/write, instead passing data length read/write every loop, it's not accordidate to the document as,
boolean count(long count)
Will be called periodically as more data is transfered.
Parameters:
count - the number of bytes transferred so far
Returns:
true if the transfer should go on, false if the transfer should be cancelled.
I found a bug that Remote Port Forwardings are mixed,
although it's remote server is different from each other.
A method that provides Local Port Forwarding checks a Session instance.
PortWatcher.java
static String[] getPortForwarding(Session session){
java.util.Vector foo=new java.util.Vector();
synchronized(pool){
for(int i=0; i<pool.size(); i++){
PortWatcher p=(PortWatcher)(pool.elementAt(i));
if(p.session==session){
foo.addElement(p.lport+":"+p.host+":"+p.rport);
}
}
}
String[] bar=new String[foo.size()];
for(int i=0; i<foo.size(); i++){
bar[i]=(String)(foo.elementAt(i));
}
return bar;
}
But a method that provides Remote Port Forwardings DO NOT CHECK a Session instance.
ChannelForwardedTCPIP.java
static String[] getPortForwarding(Session session){
Vector foo = new Vector();
synchronized(pool){
for(int i=0; i<pool.size(); i++){
Config config = (Config)(pool.elementAt(i));
if(config instanceof ConfigDaemon)
foo.addElement(config.allocated_rport+":"+config.target+":");
else
foo.addElement(config.allocated_rport+":"+config.target+":"+((ConfigLHost)config).lport);
}
}
String[] bar=new String[foo.size()];
for(int i=0; i<foo.size(); i++){
bar[i]=(String)(foo.elementAt(i));
}
return bar;
}
when process waiting for input,how can i get the cursor's staus?
It would be awesome to refactor to use Netty as the underlying network transport library so that we can perform event-based I/O in a non-blocking manner. I will investigate the feasibility of such an implementation. To facilitate allowing more people to contribute, I will also make my fork build via Maven.
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in [email protected] and (if CBC is used) the [email protected] MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
Hello:
Can I add a timeout when executing the exce command?
Otherwise, there will be long links waiting for script execution
Thank you。
Connecting to satety device with jsch programe,but it‘s not working,the error message is “Connection failed: SSH_MSG_DISCONNECT: 2 The connection is closed by SSH Server”,what‘s the meaning of the message?
Hi,
I used spring integration sftp SftpRemoteFileTemplate to upload file. It uses internally jsch library, concretely I see version 0.1.54.
To upload I use piping via PipeOutputStream<->PipeInputStream, that means bytes received from inputstream are sent to sft server in cca 32768B large packets what I understood. But this situation I don't.
My test case.
INFO com.jcraft.jsch - Caught an exception, leaving main loop due to Connection reset
INFO com.jcraft.jsch - Disconnecting from localhost port 3373
Caused by: com.jcraft.jsch.SftpException: java.io.IOException: Pipe closed
at com.jcraft.jsch.ChannelSftp._put(ChannelSftp.java:697) ~[jsch-0.1.54.jar:na]
at com.jcraft.jsch.ChannelSftp.put(ChannelSftp.java:540) ~[jsch-0.1.54.jar:na]
at com.jcraft.jsch.ChannelSftp.put(ChannelSftp.java:492) ~[jsch-0.1.54.jar:na]
at org.springframework.integration.sftp.session.SftpSession.write(SftpSession.java:155) ~[spring-integration-sftp-5.1.9.RELEASE.jar:5.1.9.RELEASE]
... 12 common frames omitted
Caused by: java.io.IOException: Pipe closed
at java.base/java.io.PipedInputStream.read(PipedInputStream.java:307) ~[na:na]
at java.base/java.io.PipedInputStream.read(PipedInputStream.java:377) ~[na:na]
at com.jcraft.jsch.ChannelSftp.fill(ChannelSftp.java:2909) ~[jsch-0.1.54.jar:na]
at com.jcraft.jsch.ChannelSftp.header(ChannelSftp.java:2935) ~[jsch-0.1.54.jar:na]
at com.jcraft.jsch.ChannelSftp.checkStatus(ChannelSftp.java:2473) ~[jsch-0.1.54.jar:na]
at com.jcraft.jsch.ChannelSftp._put(ChannelSftp.java:651) ~[jsch-0.1.54.jar:na]
... 15 common frames omitted
My question is: Why am I able to put so many data after connection is closed? Is possible to configure something?
I would like to receive error as soon as possible in order to stop data producing.
thanks
Am currently navigating remote sftp server using JSch and i can get the files wth no issues,but the moment i rename the file manually with mv command,i get "No Such File" exception.
Exception happens in this code section and inly after renaming the file manually and rerunning the application even after rebooting the machine.
sftp.get(sftp.pwd() + "/" + ls.getFilename().trim(),
public void executeSourceTask(String sourcePath) throws Exception {
log.log(Level.INFO, "******************SOURCE START PROCESSING***************************");
if (sftp == null) {
sftp = (ChannelSftp) session.openChannel("sftp");
sftp.connect();
}
if (!session.isConnected()) {
session.connect();
sftp = (ChannelSftp) session.openChannel("sftp");
sftp.connect();
}
SftpATTRS attrs = null;
Vector<LsEntry> v = null;
if (firstTime) {
sftp.cd(sourcePath);
v = sftp.ls(sourcePath);
firstTime = false;
} else {
attrs = sftp.stat(sourcePath);
if (attrs.isDir()) {
sftp.cd(sourcePath);
v = sftp.ls(sourcePath);
}
}
int fileNumber = v == null ? 0 : v.size();
for (int i = 0; i < fileNumber; i++) {
LsEntry ls = v.get(i);
attrs = ls.getAttrs();
//Navigate recursively through folders and subfolders
if (attrs.isDir()) {
if (!ls.getFilename().startsWith(".")) {
executeSourceTask(sourcePath + "/" + ls.getFilename());
}
} else if (!attrs.isDir()) {
if (!ls.getFilename().startsWith(".")) {
if (search_type.trim().equalsIgnoreCase("contains")) {
if (ls.getFilename().trim().contains(fileName.trim())) {
FileOutputStream fos = new FileOutputStream(new File(properties.getString("description") + "/" + ls.getFilename()));
try {
**sftp.get(sftp.pwd() + "/" + ls.getFilename().trim(),**
fos);
fos.close();
} catch (Exception ex) {
ex.printStackTrace();
} finally {
fos.close();
}
}
} else if (search_type.equalsIgnoreCase("equals")) {
if (ls.getFilename().equals(fileName)) {
sftp.get(ls.getFilename(), properties.getString("description") + File.separatorChar + ls.getFilename());
}
}
}
}
}
log.log(Level.INFO, "******************SOURCE END PROCESSING***************************");
}
with the api setPortForwardingL, we could connect to destination server in the path via the bastion host (client->bastion host->destination server) with password,
but if the connection between bastion host->destination server is authenciated by public key, how could i do ?
known hosts file are easy to detect hashed or not. I know there is "HashKnownHosts" configuration. But I think it is better automatically determine known hosts file using hash or not.
Hey Guys,
I am making a ssh connection to a linux host where I try to run a script as a background process by using nohup and &, but the moment my connection closed the remote shell script also terminates.
Not sure why the nohup option is not working . Any idea?
Best Regards
Robin
I am attempting to connect to the SFTP server using public key authentication. To do so I need to call JSch.AddIdentity() and pass in the private key.
The private key I need to use is stored in a Java KeyStore object. When the key is retrieved from the KeyStore it is a PrivateKey type. From trawling the internet it appears the private key is in the DER format.
What format is required for AddIdentity()?
I have searched for examples of converting the PrivateKey to a PEM string which is equivalent to the contents of a private key file used by SSH. But no luck so far.
Connection just hangs. I'm successfully connecting with the same host, user, and port from terminal and from an implementation I wrote in python using paramiko (I'm using RSA keys, no passwords). Increasing the timeout has no effect and no exceptions are thrown. I was using version 1.55 but have also tried 1.5 to see if it's version related. I'm connecting between two linux ubuntu/mint systems if that helps.
JSch jsch = new JSch();
jsch.setKnownHosts("/home/user/.ssh/known_hosts");
Session session = jsch.getSession(this.username, this.ip, 21);
Hashtable<String, String> config = new Hashtable<String, String>();
config.put("StrictHostKeyChecking", "no");
config.put("PreferredAuthentications", "publickey");
session.setConfig(config);
session.connect(5000);
System.out.println(session.isConnected());
The ctrl+c command cannot terminate commands in cat while using a large cat file,
When using shell mode, when executing scripts that require a long return time, ctrl+C cannot terminate normally, but waits for the return to end before executing ctrl+C
Is there any configuration enabled?
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)ater attack. Will Jsch consider supporting other key exchange algorithms, such as curve25519?
Hi ,
I got "java.lang.ArrayIndexOutOfBoundsException: null" when creating a ssh session:
java.lang.ArrayIndexOutOfBoundsException: null
at com.jcraft.jsch.Buffer.getByte(Buffer.java:148)
at com.jcraft.jsch.Buffer.getString(Buffer.java:188)
at com.jcraft.jsch.Session.read(Session.java:1003)
at com.jcraft.jsch.UserAuthPassword.start(UserAuthPassword.java:91)
at com.jcraft.jsch.Session.connect(Session.java:470)
at com.guangyan.collect.jobhandler.utils.SshMmlClient.doConnect(SshMmlClient.java:207)
the jsch version is 0.1.54, and my code is like:
session = jsch.getSession(host.getSshUsername().trim(), host.getIp().trim(), host.getSshPort());
session.setPassword(host.getSshPassword().trim());
session.setConfig(sshConf);
session.connect(timeout);
session.sendKeepAliveMsg();
session.setServerAliveInterval(1000);
session.setServerAliveCountMax(120);
channel = (ChannelShell)session.openChannel("shell");
((ChannelShell)channel).setPty(true);
channel.connect();
Add the ability to set client terminal size via "pty-req". Now the 'setPtySize' method exists in the ChannelSession class but that class is not public. Channel itself does not have setPtySize.
Problem is described on here on stackoverflow.
We have deployed some fix in our production which seems to be working fine. Will raise PR here so that it can be verified by experts and help others in need. Thanks.
SFTP server - Secure Transport no longer supports the following SFTP legacy Message Authentication Codes (MACs):
[email protected]
[email protected]
Supported MACs:
hmac-sha2-256
[email protected]
hmac-sha2-512
[email protected]
Looking at the Jsch code it seems we do not have a support for supported MACs so what is the recommended way.
I did tried
config.put("mac.s2c", "hmac-sha1");
config.put("mac.c2s", "hmac-sha1");
With multiple options given below but does not help.
hmac-sha2-256
hmac-sha2-512
hmac-sha2-512-etm
-Thanks and Regards
Yoges
Use exec to execute the command, execute it in large concurrency, and block on the stream for a period of time
logger.info(new StringBuilder(this.ip).append(",执行输出命令:").append(command).toString());
try (InputStream stdout = openChannel.getInputStream()) {
openChannel.connect();
long startTime = System.currentTimeMillis();
byte[] tmp = new byte[1024];
while (true) {
while (stdout.available() > 0) {
int i = stdout.read(tmp, 0, 1024);
if (i < 0)
break;
result.append(new String(tmp, 0, i, Charset.defaultCharset()));
}
if (openChannel.isClosed()) {
if (stdout.available() > 0)
continue;
break;
}
// 超时
if (System.currentTimeMillis() - startTime > timeout) {
throw new TimeOutException("sh命令执行超时:" + command);
}
}
Hi,
my use case is to test the performance of the Sftp server where I am trying to open multiple connections and push the 5 GB files in order of 50,100,150,200, and so on to test the performance.
When I try to push more and more files, I observe slow data transfer. Which is almost the same ratio.
is there any config that can reduce the time to transfer the file in parallel under the thread?
Thanks,
shyam.
Hello,
Do you provide support for FTPS, not to be confused with SFTP?
If not what library would you recommend?
Thank you.
there?are you there?
My jgit checkout started to fail after moving it to ECDSA 256 key. The SSH connection was successful but checkout fails randomly.
JGIT Version - org.eclipse.jgit-5.0.1.201806211838
While executing echo $JAVA_HOME command, output is null
sSHClient.registerX11Forwarder(new ConnectListener() {
@Override
public void gotConnect(Forwarded chan) throws IOException {
//How to use this method
}
}
Hi, We are getting error when we are using higher version(0.1.53) of JSCH jar. but it work fine with JSCH version (0.1.52) while using camel-ftp route while making SFTP connection. Here we are using the proxy for getting connected to SFTP. Please let me know if you need more detail.
Camel Ticket : https://issues.apache.org/jira/browse/CAMEL-10903
Please find the below error :
This is the set of credentials was provided by HSBC but we were getting the following error:
org.apache.camel.component.file.GenericFileOperationFailedException: Cannot connect to sftp://[email protected]:22
at org.apache.camel.component.file.remote.SftpOperations.connect(SftpOperations.java:146)
at org.apache.camel.component.file.remote.RemoteFileConsumer.connectIfNecessary(RemoteFileConsumer.java:203)
at org.apache.camel.component.file.remote.SftpConsumer.doStart(SftpConsumer.java:52)
at org.apache.camel.support.ServiceSupport.start(ServiceSupport.java:61)
at org.apache.camel.impl.DefaultCamelContext.startService(DefaultCamelContext.java:3269)
at org.apache.camel.impl.DefaultCamelContext.doStartOrResumeRouteConsumers(DefaultCamelContext.java:3563)
at org.apache.camel.impl.DefaultCamelContext.doStartRouteConsumers(DefaultCamelContext.java:3499)
at org.apache.camel.impl.DefaultCamelContext.safelyStartRouteServices(DefaultCamelContext.java:3429)
at org.apache.camel.impl.DefaultCamelContext.doStartOrResumeRoutes(DefaultCamelContext.java:3197)
at org.apache.camel.impl.DefaultCamelContext.doStartCamel(DefaultCamelContext.java:3053)
at org.apache.camel.impl.DefaultCamelContext.access$000(DefaultCamelContext.java:175)
at org.apache.camel.impl.DefaultCamelContext$2.call(DefaultCamelContext.java:2848)
at org.apache.camel.impl.DefaultCamelContext$2.call(DefaultCamelContext.java:2844)
at org.apache.camel.impl.DefaultCamelContext.doWithDefinedClassLoader(DefaultCamelContext.java:2867)
at org.apache.camel.impl.DefaultCamelContext.doStart(DefaultCamelContext.java:2844)
at org.apache.camel.support.ServiceSupport.start(ServiceSupport.java:61)
at org.apache.camel.impl.DefaultCamelContext.start(DefaultCamelContext.java:2813)
at org.apache.camel.spring.SpringCamelContext.maybeStart(SpringCamelContext.java:270)
at org.apache.camel.spring.SpringCamelContext.onApplicationEvent(SpringCamelContext.java:136)
at org.apache.camel.spring.CamelContextFactoryBean.onApplicationEvent(CamelContextFactoryBean.java:340)
at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:163)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:136)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:380)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:334)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:851)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:540)
at org.springframework.context.support.ClassPathXmlApplicationContext.(ClassPathXmlApplicationContext.java:139)
at org.springframework.context.support.ClassPathXmlApplicationContext.(ClassPathXmlApplicationContext.java:93)
at com.bfm.etf.dixie.BDServer.loadApplicationContext(BDServer.java:98)
at com.bfm.etf.dixie.BDServer.main(BDServer.java:60)
Caused by: com.jcraft.jsch.JSchException: Session.connect: java.security.InvalidAlgorithmParameterException: Prime size must be multiple of 64, and can only range from 512 to 2048 (inclusive)
at com.jcraft.jsch.Session.connect(Session.java:558)
at org.apache.camel.component.file.remote.SftpOperations.connect(SftpOperations.java:118)
Enhancement: How can I update the "ls" command to pass thru options such as "+linerule=rdw" to the sftp server (in this case, on a remote mainframe)?
Hi,
Session.java
try { buf = read(buf); stimeout = 0; } catch (InterruptedIOException/*SocketTimeoutException*/ ee) { System.out.println("Caught an exception, stimeout:"+ stimeout + " , " + ee.getCause() + ", "+ Arrays.toString(ee.getStackTrace())); JSch.getLogger().log(Logger.INFO, "Caught an exception, " +ee.getMessage() + ", "+ ee.getCause() + ", "+ Arrays.toString(ee.getStackTrace())); if (!in_kex && stimeout < serverAliveCountMax) { sendKeepAliveMsg(); stimeout++; continue; } else if (in_kex && stimeout < serverAliveCountMax) { stimeout++; continue; } throw ee; }
when I set serverAliveInterval=1000 and serverAliveCountMax more than 0,
there is a chance to cause :
Caught an exception, leaving main loop due to com.jcraft.jsch.JSchException: Packet corrupt
I think the reason is when SocketTimeoutException continued, packet size has a chance to excced PACKET_MAX_SIZE(RFC 4253 6.1. Maximum Packet Length, 256*1024)
The exit status sometimes return -1 when i use jsch.
Even though -1 is returned, the script executes normally.
When exit status return -1, should I think the script executed successfully or failed? Please help me, thanks.
The implementation is as follows:
Session session = null; ChannelExec channelExec = null; int exitStatus; String responseMsg = null; try { JSch jSch = new JSch(); jSch.addIdentity(null, prvKey.getBytes(), null, null); session = jSch.getSession(user, host, port); session.setConfig("StrictHostKeyChecking", "no"); session.connect(CONNECT_TIMEOUT); channelExec = (ChannelExec) session.openChannel("exec"); InputStream inputStream = channelExec.getInputStream(); channelExec.setCommand(cmd); channelExec.connect(); byte[] tmp = new byte[1024]; while (true) { while (inputStream.available() > 0) { int i = inputStream.read(tmp, 0, 1024); if (i < 0) { break; } responseMsg = new String(tmp, 0, i); } if (channelExec.isClosed()) { if (inputStream.available() > 0) { continue; } exitStatus = channelExec.getExitStatus(); break; } try { Thread.sleep(1000); } catch (Exception e) { // Ignore exception. } } } finally { if (channelExec != null) { channelExec.disconnect(); } if (session != null) { session.disconnect(); } }
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.