Spring Integration / JSch: Auth fail

心不动则不痛 提交于 2019-12-01 08:43:49

问题


I'm trying to use Spring Integration's SFTP Inbound Channel Adapter, but I'm stuck here:

20:29:30,458 INFO  [com.jcraft.jsch] (task-scheduler-6) Connecting to deployment port 22
20:29:30,484 INFO  [com.jcraft.jsch] (task-scheduler-6) Connection established
20:29:30,514 INFO  [com.jcraft.jsch] (task-scheduler-6) Remote version string: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
20:29:30,514 INFO  [com.jcraft.jsch] (task-scheduler-6) Local version string: SSH-2.0-JSCH-0.1.45
20:29:30,514 INFO  [com.jcraft.jsch] (task-scheduler-6) CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
20:29:30,515 INFO  [com.jcraft.jsch] (task-scheduler-6) CheckKexes: diffie-hellman-group14-sha1
20:29:30,515 INFO  [com.jcraft.jsch] (task-scheduler-6) diffie-hellman-group14-sha1 is not available.
20:29:30,516 INFO  [com.jcraft.jsch] (task-scheduler-6) SSH_MSG_KEXINIT sent
20:29:30,537 INFO  [com.jcraft.jsch] (task-scheduler-6) SSH_MSG_KEXINIT received
20:29:30,538 INFO  [com.jcraft.jsch] (task-scheduler-6) kex: server->client aes128-ctr hmac-md5 none
20:29:30,538 INFO  [com.jcraft.jsch] (task-scheduler-6) kex: client->server aes128-ctr hmac-md5 none
20:29:30,540 INFO  [com.jcraft.jsch] (task-scheduler-6) SSH_MSG_KEXDH_INIT sent
20:29:30,540 INFO  [com.jcraft.jsch] (task-scheduler-6) expecting SSH_MSG_KEXDH_REPLY
20:29:30,572 INFO  [com.jcraft.jsch] (task-scheduler-6) ssh_rsa_verify: signature true
20:29:30,572 INFO  [com.jcraft.jsch] (task-scheduler-6) Host 'deployment' is known and mathces the RSA host key
20:29:30,573 INFO  [com.jcraft.jsch] (task-scheduler-6) SSH_MSG_NEWKEYS sent
20:29:30,573 INFO  [com.jcraft.jsch] (task-scheduler-6) SSH_MSG_NEWKEYS received
20:29:30,573 INFO  [com.jcraft.jsch] (task-scheduler-6) SSH_MSG_SERVICE_REQUEST sent
20:29:30,597 INFO  [com.jcraft.jsch] (task-scheduler-6) SSH_MSG_SERVICE_ACCEPT received
20:29:30,650 INFO  [com.jcraft.jsch] (task-scheduler-6) Authentications that can continue: publickey,keyboard-interactive,password
20:29:30,651 INFO  [com.jcraft.jsch] (task-scheduler-6) Next authentication method: publickey
20:29:30,678 INFO  [com.jcraft.jsch] (task-scheduler-6) Authentications that can continue: password
20:29:30,679 INFO  [com.jcraft.jsch] (task-scheduler-6) Next authentication method: password
20:29:30,679 INFO  [com.jcraft.jsch] (task-scheduler-6) Disconnecting from deployment port 22
20:29:30,679 DEBUG [org.springframework.integration.channel.PublishSubscribeChannel] (task-scheduler-6) preSend on channel 'errorChannel', message: [Payload=org.springframework.integration.MessagingException: Failed to obtain pooled item][Headers={timestamp=1366655370679, id=c6f7922d-d121-4f7e-b60c-5e1905960f5e}]
20:29:30,680 DEBUG [org.springframework.integration.handler.LoggingHandler] (task-scheduler-6) (inner bean)#24 received message: [Payload=org.springframework.integration.MessagingException: Failed to obtain pooled item][Headers={timestamp=1366655370679, id=c6f7922d-d121-4f7e-b60c-5e1905960f5e}]
20:29:30,681 ERROR [org.springframework.integration.handler.LoggingHandler] (task-scheduler-6) org.springframework.integration.MessagingException: Failed to obtain pooled item
    at org.springframework.integration.util.SimplePool.getItem(SimplePool.java:170)
    at org.springframework.integration.file.remote.session.CachingSessionFactory.getSession(CachingSessionFactory.java:83)
    at org.springframework.integration.file.remote.synchronizer.AbstractInboundFileSynchronizer.synchronizeToLocalDirectory(AbstractInboundFileSynchronizer.java:143)
    at org.springframework.integration.file.remote.synchronizer.AbstractInboundFileSynchronizingMessageSource.receive(AbstractInboundFileSynchronizingMessageSource.java:146)
    at org.springframework.integration.endpoint.SourcePollingChannelAdapter.receiveMessage(SourcePollingChannelAdapter.java:111)
    at org.springframework.integration.endpoint.AbstractTransactionSynchronizingPollingEndpoint.doPoll(AbstractTransactionSynchronizingPollingEndpoint.java:67)
    at org.springframework.integration.endpoint.AbstractPollingEndpoint$1.call(AbstractPollingEndpoint.java:146)
    at org.springframework.integration.endpoint.AbstractPollingEndpoint$1.call(AbstractPollingEndpoint.java:144)
    at org.springframework.integration.endpoint.AbstractPollingEndpoint$Poller$1.run(AbstractPollingEndpoint.java:236)
    at org.springframework.integration.util.ErrorHandlingTaskExecutor$1.run(ErrorHandlingTaskExecutor.java:52)
    at org.springframework.core.task.SyncTaskExecutor.execute(SyncTaskExecutor.java:49)
    at org.springframework.integration.util.ErrorHandlingTaskExecutor.execute(ErrorHandlingTaskExecutor.java:49)
    at org.springframework.integration.endpoint.AbstractPollingEndpoint$Poller.run(AbstractPollingEndpoint.java:231)
    at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:53)
    at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:81)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:439)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
    at java.util.concurrent.FutureTask.run(FutureTask.java:138)
    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:98)
    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:206)
    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
    at java.lang.Thread.run(Thread.java:680)
Caused by: java.lang.IllegalStateException: failed to create SFTP Session
    at org.springframework.integration.sftp.session.DefaultSftpSessionFactory.getSession(DefaultSftpSessionFactory.java:266)
    at org.springframework.integration.file.remote.session.CachingSessionFactory$1.createForPool(CachingSessionFactory.java:55)
    at org.springframework.integration.file.remote.session.CachingSessionFactory$1.createForPool(CachingSessionFactory.java:53)
    at org.springframework.integration.util.SimplePool.doGetItem(SimplePool.java:180)
    at org.springframework.integration.util.SimplePool.getItem(SimplePool.java:160)
    ... 22 more
Caused by: java.lang.IllegalStateException: failed to connect
    at org.springframework.integration.sftp.session.SftpSession.connect(SftpSession.java:204)
    at org.springframework.integration.sftp.session.DefaultSftpSessionFactory.getSession(DefaultSftpSessionFactory.java:262)
    ... 26 more
Caused by: com.jcraft.jsch.JSchException: Auth cancel
    at com.jcraft.jsch.Session.connect(Session.java:463)
    at com.jcraft.jsch.Session.connect(Session.java:158)
    at org.springframework.integration.sftp.session.SftpSession.connect(SftpSession.java:196)
    ... 27 more

I am absolutely sure that the private key is correct because I can do this:

$ sftp web@deployment
Connected to deployment.
sftp> quit

And I have copied ~/.ssh/id_rsa to ...path.../src/main/resources/keys/sftp_rsa.

This is my configuration:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:int="http://www.springframework.org/schema/integration"
       xmlns:int-sftp="http://www.springframework.org/schema/integration/sftp"
       xmlns:context="http://www.springframework.org/schema/context"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/integration http://www.springframework.org/schema/integration/spring-integration.xsd

        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
        http://www.springframework.org/schema/integration/sftp http://www.springframework.org/schema/integration/sftp/spring-integration-sftp.xsd">

    <context:property-placeholder location="classpath:sftp.properties" ignore-resource-not-found="false"
                                  ignore-unresolvable="true"/>

    <bean id="sftpSessionFactory" class="org.springframework.integration.sftp.session.DefaultSftpSessionFactory">
        <property name="host" value="${sftp.host}"/>
        <property name="port" value="${sftp.port}"/>
        <property name="user" value="${sftp.username}"/>
        <property name="privateKey" value="${sftp.private_key_file}"/>
        <property name="privateKeyPassphrase" value="${sftp.private_key_passphrase}"/>
    </bean>

    <int-sftp:inbound-channel-adapter id="sftpInboundChannelAdapter"
                                      channel="receiveChannel"
                                      session-factory="sftpSessionFactory"
                                      local-directory="file:local-dir"
                                      remote-directory="${sftp.remote_directory}"
                                      auto-create-local-directory="true"
                                      delete-remote-files="false"
                                      filename-regex=".*">
        <int:poller fixed-rate="5000" max-messages-per-poll="1"/>
    </int-sftp:inbound-channel-adapter>

    <int:channel id="receiveChannel">
        <int:queue/>
    </int:channel>

</beans>

My sftp.properties looks like this:

sftp.host=deployment
sftp.username=web
sftp.private_key_file=classpath:keys/sftp_rsa
sftp.private_key_passphrase=<censored>
sftp.remote_directory=/censored/path
sftp.port=22

I have seen a similar entry but this didn't help because I am using Java 1.6 and not 1.4.

Any hints?


回答1:


As discussed in the other question you cite, the smoking gun is this...

20:29:30,650 INFO  [com.jcraft.jsch] (task-scheduler-6) Authentications that can continue: publickey,keyboard-interactive,password
20:29:30,651 INFO  [com.jcraft.jsch] (task-scheduler-6) Next authentication method: publickey
20:29:30,678 INFO  [com.jcraft.jsch] (task-scheduler-6) Authentications that can continue: password

Pk authorization is failing; when it's successful it doesn't fall back to pw...

INFO: SSH_MSG_SERVICE_ACCEPT receivedINFO: Authentications that can continue: publickey,keyboard-interactive,password
INFO: Next authentication method: publickey
INFO: Authentication succeeded (publickey).

I just ran the sftp sample with the sample key file from github and got the identical results that you did; I then copied my id_rsa file (like you) and it works fine. If you are using eclipse, be sure to F5 (refresh) the src/main/resources after copying the key file, otherwise it won't use the file on the current filesystem.



来源:https://stackoverflow.com/questions/16154361/spring-integration-jsch-auth-fail

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!