Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auth fail for methods 'publickey,password,keyboard-interactive' #614

Open
Praj777-am opened this issue Aug 5, 2024 · 2 comments
Open

Auth fail for methods 'publickey,password,keyboard-interactive' #614

Praj777-am opened this issue Aug 5, 2024 · 2 comments

Comments

@Praj777-am
Copy link

Seeing connect failures with Jsch version 0.2.18 whereas it works fine with 0.1.54 version , currently not able to get any host logs.
I have set PreferredAuthentications to PublicKey and PubkeyAcceptedAlgorithms -

Set PubkeyAcceptedAlgorithms algorithms as ssh-rsa,ssh-dss,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256

But I still see this issue, not sure what I might be missing here?


Remote version string: SSH-2.0-SSHD
 Local version string: SSH-2.0-JSCH_0.2.18
CheckCiphers: chacha20-poly1305@openssh.com
CheckKexes: sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
sntrup761x25519-sha512@openssh.com is not available.
curve25519-sha256 is not available.
curve25519-sha256@libssh.org is not available.
curve448-sha512 is not available.
CheckSignatures: ssh-ed25519,ssh-ed448
ssh-ed25519 is not available.
 ssh-ed448 is not available.
 SSH_MSG_KEXINIT sent
 SSH_MSG_KEXINIT received
server proposal: KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
server proposal: host key algorithms: ssh-rsa
server proposal: ciphers c2s: aes128-ctr,aes192-ctr,aes256-ctr
server proposal: ciphers s2c: aes128-ctr,aes192-ctr,aes256-ctr
 server proposal: MACs c2s: hmac-sha1,hmac-sha1-96,hmac-sha256,hmac-sha256@ssh.com,hmac-sha2-256,hmac-sha2-512
server proposal: MACs s2c: hmac-sha256,hmac-sha1,hmac-sha1-96,hmac-sha256@ssh.com,hmac-sha2-256,hmac-sha2-512
 server proposal: compression c2s: none,zlib
 server proposal: compression s2c: none,zlib
 server proposal: languages c2s:
server proposal: languages s2c:
 client proposal: KEX algorithms: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00@openssh.com
 client proposal: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
 client proposal: ciphers c2s: blowfish-cbc,3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,3des-ctr,aes256-ctc,arcfour,arcfour128,arcfour256,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
 client proposal: ciphers s2c: blowfish-cbc,3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,3des-ctr,aes256-ctc,arcfour,arcfour128,arcfour256,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
 client proposal: MACs c2s: hmac-md5,hmac-md5-96,hmac-sha1-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
client proposal: MACs s2c: hmac-md5,hmac-md5-96,hmac-sha1-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
client proposal: compression c2s: none
client proposal: compression s2c: none
 client proposal: languages c2s:
 client proposal: languages s2c:
 kex: algorithm: diffie-hellman-group-exchange-sha1
 kex: host key algorithm: ssh-rsa
kex: server->client cipher: aes128-ctr MAC: hmac-sha1-96 compression: none
 kex: client->server cipher: aes128-ctr MAC: hmac-sha1-96 compression: none
SSH_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent
 expecting SSH_MSG_KEX_DH_GEX_GROUP
SSH_MSG_KEX_DH_GEX_INIT sent
expecting SSH_MSG_KEX_DH_GEX_REPLY
ssh_rsa_verify: ssh-rsa signature true
 Permanently added 'host.test.com' (RSA) to the list of known hosts.
SSH_MSG_NEWKEYS sent
SSH_MSG_NEWKEYS received
SSH_MSG_SERVICE_REQUEST sent
SSH_MSG_SERVICE_ACCEPT received
SSH_MSG_SERVICE_ACCEPT received
SSH_MSG_SERVICE_ACCEPT received
 Authentications that can continue: publickey
Next authentication method: publickey
Caused by: com.jcraft.jsch.JSchException: Auth fail for methods 'publickey,password,keyboard-interactive'
        at com.jcraft.jsch.Session.connect(Session.java:520) ~[jsch-0.2.18.jar:0.2.18]
        ... 16 more
@norrisjeremy
Copy link
Contributor

Hi @Praj777-am,

I suspect it will work if you do not include the rsa-sha2-512 & rsa-sha2-256 algorithms in your PubkeyAcceptedAlgorithms setting, as I suspect the server you are connecting to does not operate correctly when JSch attempts to authentication using these algorithms.

Thanks,
Jeremy

@marcjulianfleck
Copy link

Any news on this? We experiencing the same issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants