I'm using com.jcraft.jsch.JSch to create an SFTP connection.
Is there a way to bypass/skip the authenticity warning that pops up when the connection's authenticity can't be established?
Here's more detail:
My code looks a little like this:
Session session = jsch.getSession(user, host, port);
UserInfo ui = new MyUserInfo();
session.setUserInfo(ui);
session.connect();
When the session.connect(); line is called, I get a popup that reads:
The authenticity of host <MY HOST> can't be established.
...
Are you sure you want to continue connecting?
[No] [Yes]
Is there a way to programmatically bypass/skip this popup and accept the connection?
Take a look at these examples from Jsch: http://www.jcraft.com/jsch/examples/Exec.java.html http://www.jcraft.com/jsch/examples/Shell.java.html You'll notice that both of them create a custom UserInfo class and pass it to the session object with session.setUserInfo(UserInfo ui);.
The way to avoid that popup window is to pass in your own UserInfo object. You can do this by extending the UserInfo class and overriding the promptYesNo function, like this:
public boolean promptYesNo(String str){ return true; }
Note that all of the functions whose names start with the word "prompt" are used to prompt the user for information with a popup dialog. You can override those functions to pass in the information in some other way.
I know this thread is very old and doesn't require any reply if its already solved, But a week back I too was working on an application that had a similar requirement.
What Jon7 said was right; Adding to that theres a different way too i.e. without extending any class.
Session session = jsch.getSession(user, host, port);
...
Properties prop = new Properties();
prop.setProperty("StrictHostKeyChecking", "no");
session.setConfig(prop);
session.connect();
Just another way that can help others :)
regards,
icr
Related
I tried to use JSch:
#Test
public void test() throws Exception {
var session = new JSch().getSession("host");
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
session.setConfig(config);
var version = session.getServerVersion();
System.out.println("version = " + version);
}
but I'm getting
java.lang.NullPointerException: Cannot read the array length because "str" is null
It seems that this implementation requires you to connect and authenticate.
How can I get this information with Java, without the need to authenticate?
This Python code works for me on a server that requires authentication yet I didn't have to authenticate in order to get the remote version.
import paramiko
ssh = paramiko.Transport(("host", 22))
ssh.start_client()
print(ssh.remote_version)
ssh.close()
The SSH identification string is sent in plain text right after opening the connection.
So you do not need an SSH library to obtain the string.
You can do with a simple code like shown here:
Read Data from a Java Socket
Or just try to login using dummy credentials with JSch and then read Session.getServerVersion.
You do not even have to try to login. You can abort the connection right at the host key check:
config.put("StrictHostKeyChecking", "yes");
I have two VM's. On machine 'A' SSH login happens using Private Key and on machine 'B' login happens using UserName and Pwd.
So, I would like to keep my code generic for both the systems. Let me know is this possible, if yes can you help me out.
jsch.addIdentity(Private_Key_Path);
session = jsch.getSession(telnetUser, telnetHost, port);
session.setConfig("PreferredAuthentications", "publickey,keyboard-interactive,password");
session.setPassword(telnetPwd);
session.setConfig("config");
session.connect();
So I'm writing a little program that needs to connect to a remote server through SFTP, pull down a file, and then processes the file. I came across JSch through some answers here and it looked perfect for the task. So far, easy to use and I've got it working, with one minor thing I'd like to fix. I'm using the following code to connect and pull the file down:
JSch jsch = new JSch();
Session session = null;
try {
session = jsch.getSession("username", "127.0.0.1", 22);
session.setConfig("StrictHostKeyChecking", "no");
session.setPassword("password");
session.connect();
Channel channel = session.openChannel("sftp");
channel.connect();
ChannelSftp sftpChannel = (ChannelSftp) channel;
sftpChannel.cd(REMOTE_FTP_DIR);
sftpChannel.lcd(INCOMING_DIR);
sftpChannel.get(TMP_FILE, TMP_FILE);
sftpChannel.exit();
session.disconnect();
} catch (JSchException e) {
e.printStackTrace();
} catch (SftpException e) {
e.printStackTrace();
}
So this works and I get the file. I'm running this code on a linux server and when I run the code JSch asks me for my Kerberos username and password. It looks like:
Kerberos username [george]:
Kerberos password for george:
I just hit enter for both questions and then the program seems to continue on with no problems. However I need this code to be automated through a cron task and so I'd rather not having it pausing the program to ask me these two questions. Is there something I'm not supplying it so that it won't ask this? Something I need to do to stop it asking? Hopefully someone has some ideas. Thanks.
Thought I'd post an answer here since in case anyone else ends up running into a similar issue. Turns out I am missing a piece of code that makes all the difference. I just needed to add
session.setConfig("PreferredAuthentications",
"publickey,keyboard-interactive,password");
before
session.connect();
and everything works perfectly now.
While the solution in the self-accepted answer is correct, it lacks any explanation.
The problem is that the OP have a Kerberos/GSSAPI authentication set as the preferred (the JSch default). Yet OP does not seem to actually use/want it, as OP claims not to specify any username or password for the Kerberos prompts.
This problem can appear spontaneously, when either Kerberos gets installed on the the client PC or the server starts to support Kerberos.
The solution is to remove the Kerberos/GSSAPI (gssapi-with-mic) from the list of preferred authentication methods in JSch:
session.setConfig(
"PreferredAuthentications", "publickey,keyboard-interactive,password");
All answers are correct, I'll just add here the way it can be done for Spring Integration when trying to integrate with an SFTP server.
So, if you are using SFTP Spring Integration and the weird user and password for Kerberos is prompting in the same way the OP is asking.
Then modify your Spring configuration (I'm using Java Spring Integration config, if you are using XML config you can try to translate it yourself - I really don't like XML config :P ):
So in the bean you are using as SessionFactory you need to add this change in config:
#Bean
public SessionFactory<LsEntry> sftpSessionFactory() {
DefaultSftpSessionFactory factory = new DefaultSftpSessionFactory(true);
factory.setHost("hostname");
factory.setPort(22);
factory.setUser("username");
factory.setPassword("superstrongpassword");
factory.setAllowUnknownKeys(true);
factory.setSessionConfig(buildSessionProperties());
return new CachingSessionFactory<>(factory);
}
/**
* Build JSch property PreferredAuthentications without "gssapi-with-mic"
* This way it won't prompt for Kerberos authentication every time it tries to connect
* to the SFTP.
*/
private Properties buildSessionProperties() {
Properties sessionProperties = new Properties();
sessionProperties.setProperty("PreferredAuthentications", "publickey,keyboard-interactive,password");
return sessionProperties;
}
I'm trying to send a mail using javax.mail. This is my code:
Properties props = new Properties();
props.setProperty("mail.smtp.host", host);
props.setProperty("mail.smtp.port", port);
props.setProperty("mail.user", user);
props.setProperty("mail.password", password);
Session session = Session.getDefaultInstance(props);
But I get this error:
javax.mail.MessagingException: Could not connect to SMTP host: smtp.wrong.server.com, port: 25;
The funny thing is that "smtp.wrong.server.com" isn't the value that I'm passing as host.
It is like Session.getDefaultInstance(props) is returning an already created session with the wrong host name.
There isn't any other place inside my EAR where javax.mail is used (at least not in my code, maybe inside a third party dependecy?).
This behaviour only happens, of course, in PRO environment. The same EAR deployed in DEV and TEST env works fine.
Any help would be appreciated
The problem was with Session.getDefaultInstance. I should use Session.getInstance
From javadoc:
getDefaultInstance
(...)the default session is potentially available to all code executing in the same Java virtual machine(...)Subsequent calls return the Session object that was created by the first call, and ignore the passed Properties object. Use the getInstance method to get a new Session object every time the method is called.
It seams your are not using the correct key for your proerties. see Javadoc for javax.mail.Session
It is expected that the client supplies values for the properties
listed in Appendix A of the JavaMail spec (particularly
mail.store.protocol, mail.transport.protocol, mail.host, mail.user,
and mail.from) as the defaults are unlikely to work in all cases.
I'm looking to have my application connect to the internet through a proxy server (in order to avoid captcha). The code I am currently using is this:
Properties props = System.getProperties();
props.put("http.proxyPort", proxyPort); //proxy port
props.put("http.proxyHost", proxyHost); //proxy host
props.put("http.proxySet", "true");
This code has been unsuccesful, however. Any suggestions?
You can try the following:
SocketAddress sa = new InetSocketAddress(proxy_host_name, proxy_port_address);
Proxy proxy = new Proxy(Proxy.Type.xxx, sa);
URLConnection con = new URL(url).openConnection(proxy);
You are probably using a kind of "User Friendly Website Proxy", like http://newipnow.com or www.proxyultra.com. But you need to use a real SOCKS proxy server.
A free server, that I found, working, in a list of public Proxies:
System.setProperty("http.proxyHost", "187.115.172.82");
System.setProperty("http.proxyPort", "8181");
There is no need to set the http.proxySet property.
Pick a server from the nice list here: Hide My Ass: Proxy List
Put the parameters on the command line or use setProperty.
java -Dhttp.proxyHost=proxy.host -Dhttp.proxyPort=3128 MainClass