mwiede/jsch

Auth fail for methods 'publickey,password'

Praj777-am opened this issue · 7 comments

Praj777-am commented

Hi,
I have 2 instance of failures where Jsch [version 0.2.x latest changes] fails to connect with below debug logs indicating issue with password authentication for both cases , but logs don't give exact issue -

Connecting to server.ie:22
Connecting to server.ie port 22
Remote version string: SSH-2.0-9.99 sshlib: 7.0.0.2
Local version string: SSH-2.0-JSCH_0.2.7
CheckCiphers: chacha20-poly1305@openssh.com
CheckKexes: curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
curve25519-sha256 is not available.
curve25519-sha256@libssh.org is not available.
curve448-sha512 is not available.
kex proposal before removing unavailable algos is: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
kex proposal after removing unavailable algos is: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
CheckSignatures: ssh-ed25519,ssh-ed448
ssh-ed25519 is not available.
ssh-ed448 is not available.
server_host_key proposal before removing unavailable algos is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
server_host_key proposal after removing unavailable algos is: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
server_host_key proposal before known_host reordering is: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
server_host_key proposal after known_host reordering is: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
SSH_MSG_KEXINIT sent
SSH_MSG_KEXINIT received
kex: server: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
kex: server: ssh-dss
kex: server: aes256-ctr,twofish256-ctr,twofish-ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr,aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour,cast128-cbc
kex: server: aes256-ctr,twofish256-ctr,twofish-ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr,aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour,cast128-cbc
kex: server: hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
kex: server: hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
kex: server: zlib,none
kex: server: zlib,none
kex: server: 
kex: server: 
kex: client: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,ext-info-c
kex: client: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
kex: client: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
kex: client: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
ex: client: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
kex: client: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
kex: client: none
kex: client: none
kex: client: 
kex: client: 
kex: algorithm: diffie-hellman-group14-sha1
kex: host key algorithm: ssh-dss
kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: none
kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: none
SSH_MSG_KEXDH_INIT sent
expecting SSH_MSG_KEXDH_REPLY
ssh_dss_verify: signature true
Permanently added 'server.ie' (DSA) to the list of known hosts.
SSH_MSG_NEWKEYS sent
SSH_MSG_NEWKEYS received
SSH_MSG_SERVICE_REQUEST sent
SSH_MSG_SERVICE_ACCEPT received
Authentications that can continue: publickey,password
Next authentication method: publickey
PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
Signature algorithms unavailable for non-agent identities = [ssh-ed25519, ssh-ed448]
No server-sig-algs found, using PubkeyAcceptedAlgorithms = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256, ssh-rsa, ssh-dss]
rsa-sha2-512 preauth success
rsa-sha2-512 auth failure
rsa-sha2-256 preauth success
rsa-sha2-256 auth failure
ssh-rsa preauth failure
Authentications that can continue: password
Next authentication method: password
Disconnecting from server.ie port 22
Could not retrieve client for server.ie
Caused by: com.jcraft.jsch.JSchException: Auth fail for methods 'publickey,password'
at com.jcraft.jsch.Session.connect(Session.java:527) ~[JSch-0.x.jar:?]

where I am using session.setConfig to add older algorithms to enable backward compatibility -

Jsch Session server_host_key algorithms set : ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
Jsch Session PubkeyAcceptedAlgorithms set : ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
Jsch Session kex algorithms set : curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
Jsch Session mac algorithms set : hmac-md5,hmac-sha1,hmac-md5-96,hmac-sha1-96,hmac-sha2-256
Jsch Session cipher algorithms set : aes128-cbc,aes192-cbc,aes256-cbc,3des-ctr,3des-cbc,blowfish-cbc

From logs I dont see clear indication of why the password auth fails? The above issue is not present with Jsch version 0.1.54, I have requested for server logs, but do we have more info on what might cause this?

I also have session.setConfig for preferredAuthenticationType as below - this code works with 0.1.54

session.setConfig("PreferredAuthentications", "publickey,password");

Another instance had below logs -

Connecting to server.com port 22
Remote version string: SSH-2.0-SFTP 2.0 Server
Local version string: SSH-2.0-JSCH_0.2.7
CheckCiphers: chacha20-poly1305@openssh.com
CheckKexes: curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
curve25519-sha256 is not available.
curve25519-sha256@libssh.org is not available.
curve448-sha512 is not available.
kex proposal before removing unavailable algos is: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
kex proposal after removing unavailable algos is: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
CheckSignatures: ssh-ed25519,ssh-ed448
ssh-ed25519 is not available.
ssh-ed448 is not available.
server_host_key proposal before removing unavailable algos is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
server_host_key proposal after removing unavailable algos is: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
server_host_key proposal before known_host reordering is: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
server_host_key proposal after known_host reordering is: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
SSH_MSG_KEXINIT sent
SSH_MSG_KEXINIT received
kex: server: curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group18-sha512,diffie-hellman-group17-sha512,diffie-hellman-group16-sha512,diffie-hellman-group15-sha512,diffie-hellman-group14-sha256,ext-info-s
kex: server: rsa-sha2-512,rsa-sha2-256,ssh-rsa
kex: server: aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc
kex: server: aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc
kex: server: hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha1
kex: server: hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha1
kex: server: none
kex: server: none
kex: server:
kex: server:
kex: client: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,ext-info-c
kex: client: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
kex: client: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-ctr,3des-cbc,blowfish-cbc
kex: client: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-ctr,3des-cbc,blowfish-cbc
kex: client: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1,hmac-md5-96,hmac-sha1-96,hmac-sha2-256
kex: client: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1,hmac-md5-96,hmac-sha1-96,hmac-sha2-256
kex: client: none
kex: client: none
kex: client:
kex: client:
kex: algorithm: ecdh-sha2-nistp256
kex: host key algorithm: rsa-sha2-512
kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none
SSH_MSG_KEX_ECDH_INIT sent
expecting SSH_MSG_KEX_ECDH_REPLY
ssh_rsa_verify: rsa-sha2-512 signature true
Permanently added 'server.com' (RSA) to the list of known hosts.
SSH_MSG_NEWKEYS sent
SSH_MSG_NEWKEYS received
SSH_MSG_SERVICE_REQUEST sent
SSH_MSG_EXT_INFO received
server-sig-algs=<ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa>
SSH_MSG_SERVICE_ACCEPT received 
Authentications that can continue: publickey,password
Next authentication method: publickey
PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
Signature algorithms unavailable for non-agent identities = [ssh-ed25519, ssh-ed448]
PubkeyAcceptedAlgorithms in server-sig-algs = [ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256, ssh-rsa]
PubkeyAcceptedAlgorithms not in server-sig-algs = [ssh-ed25519, ssh-dss]
Disconnecting from server.com port 22
Caused by: com.jcraft.jsch.JSchException: SSH_MSG_DISCONNECT: 11 Permission denied (password,publickey,keyboard-interactive)
        at com.jcraft.jsch.Session.read(Session.java:1259) ~[JSch-0.x.jar:?]
        at com.jcraft.jsch.UserAuthPublicKey._start(UserAuthPublicKey.java:216) ~[JSch-0.x.jar:?]
        at com.jcraft.jsch.UserAuthPublicKey.start(UserAuthPublicKey.java:105) ~[JSch-0.x.jar:?]
        at com.jcraft.jsch.Session.connect(Session.java:480) ~[JSch-0.x.jar:?]
norrisjeremy commented

Hi @Praj777-am,

It seems that you may be interacting with very old SSH servers that do not RSA/SHA2 signature algorithms and reject authentication due to the initial attempts with rsa-sha2-512 & rsa-sha2-256 (they likely have a max limit on authentication attempts per session).

You likely will want to remove the rsa-sha2-512 & rsa-sha2-256 algorithms from the PubkeyAcceptedAlgorithms setting in order to interact with these servers.

Thanks,
Jeremy

Praj777-am commented

yes, they seem to be quite old, but If I do remove from PubkeyAcceptedAlgorithms , won't it cause an issue with latest servers which do support rsa-sha2-512 & rsa-sha2-256 ? Can't we have both supported at the same time ? either through server config or explicit setting?

norrisjeremy commented

Hi @Praj777-am,

The sequence of events that is happening is:

JSch tries rsa-sha2-512: server rejects it.
JSch then tries rsa-sha2-256: server rejects it.
Server now rejects any further attempts because of the two previous failures.
There is nothing else JSch can do here: if you want to interact with this particular server, it appears you will need to drop the rsa-sha2-512 & rsa-sha2-256 algorithms.

Thanks,
Jeremy

Praj777-am commented

Also for the second instance logs - where I saw

Caused by: com.jcraft.jsch.JSchException: SSH_MSG_DISCONNECT: 11 Permission denied (password,publickey,keyboard-interactive)
        at com.jcraft.jsch.Session.read(Session.java:1259) ~[JSch-0.x.jar:?]

How do we know this is due to rsa-sha2- issue alone? can there be more to this because we don't see rsa-sha2-256 auth failure ?

norrisjeremy commented

Hi @norrisjeremy,

For the second one, the SSH_MSG_DISCONNECT: 11 Permission denied (password,publickey,keyboard-interactive) message appears to be produced by the server.
You would need to troubleshoot that on the server to determine why it is rejecting your session.

Thanks,
Jeremy

Praj777-am commented

got it, also can we have a list of supported remote server versions that will work without issue with the latest version of jsch? I see Remote version string: SSH-2.0-SFTP 2.0 Server or Remote version string: SSH-2.0-9.99 sshlib: 7.0.0.2 , If we can have any pointers or suggestion on what is the version of remote-SFTP for which it works.. that would help us convey our clients to upgrade their versions. is this data available?

Thanks,
Praj

norrisjeremy commented

Hi @Praj777-am,

We do not maintain such a list. You're welcome to develop one yourself.

Thanks,
Jeremy