CODEWITHSUNDEEP
javasshsftpjschpam
TJ von Mechow
TJ von Mechow

Reputation: 53

JSch PAM authentication - "Auth fail" - credentials are correct

I'm building an SFTP class responsible for listing the files of a remote directory. I'm using the JSch library to do so. I have a user set up already, and I can manually SSH to the remote server just fine. However, when JSch attempts to connect it responds with

com.jcraft.jsch.JSchException: Auth fail

One thing I noticed though; when I manually SSH onto the server, I see that it's using "PAM Authentication." What am I missing?

Properties config = new Properties();
config.put("StrictHostKeyChecking", "no");
Session session = jSch.getSession(username, destination, port);
session.setPassword(password);
session.setConfig(config);
session.connect();

Upvotes: 1

Views: 6135

Answers (2)

Martin Prikryl
Martin Prikryl

Reputation: 202232

If you are using PAM authentication on server-side, it's probable that you need to implement the keyboard-interactive authentication on client-side.

See What's the difference between “password” and “keyboard-interactive”? question to understand the relation between PAM and keyboard-interactive authentication.

For keyboard-interactive authentication implementation example, see the official UserAuthKI example.

Basically you need to implement the UIKeyboardInteractive interface (together with the UserInfo interface) and associate the implementation with the session using the Session.setUserInfo.

If the authentication is prompting for a single "password" only, implement the UIKeyboardInteractive.promptKeyboardInteractive method to return a single element array with the password.

Obligatory warning: Do not use StrictHostKeyChecking=no to blindly accept all host keys. That is a security flaw. You lose a protection against MITM attacks. For the correct (and secure) approach, see: How to resolve Java UnknownHostKey, while using JSch SFTP library?

Upvotes: 2

Sanjay Madnani
Sanjay Madnani

Reputation: 813

Below code is tested and working as expected for me. Just try below code:

 /**
     * Transfer a file to remote destination via JSCH library using sFTP protocol
     * 
     * @param username String remote SFTP server user name.
     * @param password String remote SFTP server user password
     * @param host String remote SFTP server IP address or host name.
     * @param file File to transfer to SFTP Server.
     * @param transferProtocol protocol to transfer a file. {@link FileTransferProtocol}
     * @return boolean true if file is transfered otherwise false.
     * @throws ApplicationException
     */
    public static boolean transferFile(final String username, final String password, final String host,
                                       final File file, final FileTransferProtocol transferProtocol) {
  //      throws ApplicationException {
        // currently can deal with sftp only.
 //       LOGGER.trace("Invoking transferFile...");
        JSch jsch = new JSch();
        try {
            Session session = jsch.getSession(username, host);
 //           LOGGER.debug("Session Host: " + session.getHost());
            session.setPassword(password);
            Properties properties = new Properties();
            properties.put("StrictHostKeyChecking", "no");
            session.setConfig(properties);
 //           LOGGER.debug("Connecting to a session Host Server...");
            session.connect();
 //           LOGGER.debug("session is established with host server.");
 //           Channel channel = session.openChannel(transferProtocol.ftpStringRepresentation());
            Channel channel = session.openChannel("sftp");
 //           LOGGER.debug("Connecting to a sftp Channel...");
            channel.connect();
 //           LOGGER.debug("Connected with sftp Channel.");
            ChannelSftp channelSftp = (ChannelSftp) channel;
            channelSftp.put(new FileInputStream(file), file.getName());
 //           LOGGER.debug("File transfered successfully");
            channelSftp.exit();
 //           LOGGER.debug("sftp channel disconnected.");
            channel.disconnect();
 //           LOGGER.debug("channel disconnected.");
            session.disconnect();
  //          LOGGER.debug("session disconnected.");
            return true;
        } catch (JSchException | FileNotFoundException | SftpException e) {
            e.printStackTrace();
//            LOGGER.error(e.getMessage(), e.getCause());
//            throw new ApplicationException(e.getMessage(), ApplicationSeverity.ERROR, e.getCause(), e);
        }
        return false;
    }

URL: https://github.com/SanjayMadnani/com.sanjay.common.common-utils/blob/master/common-utils/src/main/java/com/sanjay/common/util/FileUtil.java

Upvotes: 1

Related Questions