com.jcraft.jsch.JSchException: Auth cancel

Question

I'm trying to write an Ant script to retrieve an URL via port tunnelling.

It works great when I use a password (the names xxxx'd out for privacy):

<project default="main">
  <target name="main">
    <sshsession host="xxxx"
    username="xxxx"
    password="xxxx">
      <LocalTunnel lport="1080" rhost="xxxx" rport="80"/>
      <sequential>
        <get src="http://localhost:1080/xxxx" dest="/tmp/xxxx"/>
      </sequential>
    </sshsession>
  </target>
</project>

But it doesn't work when I use a keyfile, like this:

    <sshsession host="xxxx"
    username="xxxx"
    keyfile="/Users/xxxx/.ssh/id_dsa"
    passphrase="xxxx">
      <LocalTunnel lport="1080" rhost="xxxx" rport="80"/>
      <sequential>
        <get src="http://localhost:1080/xxxx" dest="/tmp/xxxx"/>
      </sequential>
    </sshsession>

I get this exception:

/tmp/build.xml:8: com.jcraft.jsch.JSchException: Auth cancel
    at com.jcraft.jsch.Session.connect(Session.java:451)
    at com.jcraft.jsch.Session.connect(Session.java:150)
    at org.apache.tools.ant.taskdefs.optional.ssh.SSHBase.openSession(SSHBase.java:223)

• I'm sure I'm using the correct keyfile (I've tried using the wrong name, which gives a legitimate FileNotFoundException).
• I can successfully ssh from the command line without being prompted for a password.
• I'm sure I'm using the correct passphrase for the keyfile.

What's the cause of this error and what can I do about it?

Answer 1

I debugged the code. This was failing because my private key was failing authentication; JSch silently fell back to password authentication, which was canceled, because I didn't specify a password.

JSch error handling sucks a lot. Retrace your steps, regenerate a (separate) private key file, use ssh -i to guarantee you're using the right file, and keep your fingers crossed.

Answer 2

To get the jsch connection to work, you must specify the paths to both the known_hosts file and to the file containing the private key. This is done using the setKnownHosts and addIdentity methods.

        jsch.setKnownHosts("/path/to/.ssh/known_hosts");
        jsch.addIdentity("/path/to/.ssh/id_rsa");

If the key has a passphrase, you can add it to the addIdentity argument list:

        jsch.addIdentity("/path/to/.ssh/id_rsa", myPassPhrase);

See Javadocs

Answer 3

I had the same issue while using sshexec task. I added passphrase attibute too and it worked fine. create a passphrase for your private key and add this as a attribute in your task. Also don't forget to convert your private key to open ssh format if you generated the key using puttygen on windows.

Answer 4

I had a similar Issue today. So i thought i will share my solution aswell. I got the same exception but the problem was in fact that i had a umlaut within my password. after choosing a new password without it everything worked fine.

Answer 5

There is a brand new fork of Jsch out now. The exception handling is far more comprehensive. No more swallowing or defaulting. Head over to https://github.com/vngx/vngx-jsch to check it out. If something doesn't work the way you expect, please raise it as an issue, or send a pull request as we are actively maintaining it. We are also looking to get it up on the maven central repos soon.