steve
Reputation: 1
Apache Mina SSH failing because "No more authentication methods available" for NETCONF application
I'm trying to SSH to a network device but am currently failing the authentication. I'm able to connect via the command ssh -i /home/usr/private_key [email protected] but am having no luck with trying to emulate that with Mina SSH. I'm quite confident the username, host, and keypair are correct.
Error:
com.cisco.stbarth.netconf.anc.NetconfException$ProtocolException: org.apache.sshd.common.SshException: No more authentication methods available
at com.cisco.stbarth.netconf.anc.NetconfSSHClient.createSession(NetconfSSHClient.java:164)
at com.cisco.stbarth.netconf.anc.EditConfigApplication.main(EditConfigApplication.java:40)
Caused by: org.apache.sshd.common.SshException: No more authentication methods available
at org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:141)
at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:56)
at org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:35)
at org.apache.sshd.common.future.VerifiableFuture.verify(VerifiableFuture.java:121)
at com.cisco.stbarth.netconf.anc.NetconfSSHClient.createSession(NetconfSSHClient.java:145)
... 1 more
Caused by: org.apache.sshd.common.SshException: No more authentication methods available
at org.apache.sshd.client.session.ClientUserAuthService.tryNext(ClientUserAuthService.java:390)
at org.apache.sshd.client.session.ClientUserAuthService.processUserAuth(ClientUserAuthService.java:331)
at org.apache.sshd.client.session.ClientUserAuthService.process(ClientUserAuthService.java:267)
at org.apache.sshd.common.session.helpers.CurrentService.process(CurrentService.java:109)
at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:625)
at org.apache.sshd.common.session.helpers.AbstractSession.lambda$handleMessage$0(AbstractSession.java:546)
at org.apache.sshd.common.util.threads.ThreadUtils.runAsInternal(ThreadUtils.java:68)
at org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:545)
at org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1718)
at org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:506)
at org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)
at org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:409)
at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:382)
at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:377)
at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
...
Snippet from NetconfSSHClient.java:
public synchronized NetconfSession createSession() throws NetconfException.ProtocolException {
ClientSession session;
try {
ConnectFuture connect = client.connect(this.username, this.hostname, this.port);
connect.verify(timeout);
session = connect.getSession();
} catch (IOException e) {
throw new NetconfException.ProtocolException(e);
}
if (keypair != null)
session.addPublicKeyIdentity(keypair);
try {
** AuthFuture auth = session.auth().verify(timeout); // line that is erroring **
if (!auth.isSuccess())
throw auth.getException();
ChannelSubsystem channel = session.createSubsystemChannel("netconf");
OpenFuture open = channel.open().verify(timeout);
if (!open.isOpened())
throw open.getException();
NetconfSession netconfSession = new NetconfSession(
this, channel.getInvertedOut(), channel.getInvertedIn(), session::close);
netconfSession.hello();
return netconfSession;
} catch (Throwable e) {
try {
session.close();
} catch (IOException f) {}
throw (e instanceof NetconfException.ProtocolException) ?
(NetconfException.ProtocolException)e : new NetconfException.ProtocolException(e);
}
}
Snippet from EditConfigApplication.java:
public class EditConfigApplication {
private static final String HOSTNAME = "12.345.678.90";
private static final int PORT = 830;
private static final String USERNAME = "username";
private static final String KEY_PATH = "anx/.ssh/private_key";
private static final String FILE_PATH = "anx/edit-config.xml";
public static void main(String[] args) {
NetconfSSHClient client = null;
NetconfSession session = null;
try {
client = new NetconfSSHClient(HOSTNAME, PORT, USERNAME);
KeyPair keyPair = loadKeyPair(KEY_PATH);
client.setKeyPair(keyPair);
client.setStrictHostKeyChecking(false);
client.setTimeout(3600000);
client.setKeepalive(15000);
session = client.createSession();
XMLElement configXML = createEditRequest(FILE_PATH);
session.editConfig(Netconf.Datastore.CANDIDATE, configXML);
System.out.println("Edited configuration successfully.");
session.commit();
System.out.println("Committed successfully.");
} catch (NetconfException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
System.err.println("Failed to read the configuration file.");
} finally {
try {
if (session != null) {
session.close();
}
if (client != null) {
client.close();
}
} catch (NetconfException.ProtocolException e) {
e.printStackTrace();
}
}
}
private static KeyPair loadKeyPair(String privateKeyPath) throws IOException {
String privateKeyContent = new String(Files.readAllBytes(Paths.get(privateKeyPath)), StandardCharsets.UTF_8);
privateKeyContent = privateKeyContent.replaceAll("-----BEGIN (.*)-----", "")
.replaceAll("-----END (.*)-----", "")
.replaceAll("\\s", "");
byte[] keyBytes = Base64.getDecoder().decode(privateKeyContent);
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf;
PrivateKey privateKey;
PublicKey publicKey = null;
try {
kf = KeyFactory.getInstance("RSA");
privateKey = kf.generatePrivate(spec);
// Extract the modulus and public exponent from the private key
RSAPrivateCrtKeySpec privKeySpec = kf.getKeySpec(privateKey, RSAPrivateCrtKeySpec.class);
RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(privKeySpec.getModulus(), privKeySpec.getPublicExponent());
publicKey = kf.generatePublic(pubKeySpec);
} catch (Exception e) {
throw new RuntimeException(e);
}
return new KeyPair(publicKey, privateKey);
}
...
}
pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.cisco.stbarth.netconf</groupId>
<artifactId>anc</artifactId>
<version>0.4-SNAPSHOT</version>
<properties>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
</properties>
<dependencies>
<dependency>
<groupId>org.apache.sshd</groupId>
<artifactId>sshd-core</artifactId>
<version>2.13.1</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
<version>3.2.4</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>shade</goal>
</goals>
<configuration>
<transformers>
<transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
<mainClass>com.cisco.stbarth.netconf.anc.EditConfigApplication</mainClass>
</transformer>
</transformers>
</configuration>
</execution>`
</executions>
</plugin>
</plugins>
</build>
</project>
I feel that this is due to a proxy jump that creates nested SSH sessions. Any input is helpful!
Upvotes: 0
Views: 201