[PROTOCOL_ERROR] Strict KEX mode encountered a message that is not permitted at this time #966
Comments
|
Please try the latest release The release |
Hi @hpoettker , I have upgrade up to 0.39.0 and the java.lang.IllegalStateException: Not connected
net.schmizz.sshj.SSHClient.checkConnected(SSHClient.java:841)
net.schmizz.sshj.SSHClient.auth(SSHClient.java:203)
net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:290)
net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:260)
net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:244)P.S. max |
|
Thanks for testing with Please share debug logs from the application. And also from the server, if you can. |
here the java client code with row number on left side: public class _schedService {
....
client = new SSHClient();
303 Log.APPLICATION.info("exec client");
//client.loadKnownHosts();
client.addHostKeyVerifier(new PromiscuousVerifier());
306 Log.APPLICATION.info("exec addHostKeyVerifier");
client.setConnectTimeout(30000);
309 Log.APPLICATION.info("exec setConnectTimeout");
client.getConnection().getKeepAlive().setKeepAliveInterval(30000);
311 Log.APPLICATION.info("exec getKeepAlive");
client.connect(host, port);
313 Log.APPLICATION.info("exec connect");
314 client.authPassword(uname, pwd);
315 Log.APPLICATION.info("exec authPassword");
sftp1 = client.newSFTPClient();
Log.APPLICATION.info("Creato SFTPClient");
}here the logs with row number in the middle: Dec 11, 2024 @ 09:55:52.395 - - 303 - exec client RMI TCP Connection(6)-127.0.0.1 -
Dec 11, 2024 @ 09:55:52.396 - - 306 - exec addHostKeyVerifier RMI TCP Connection(6)-127.0.0.1 -
Dec 11, 2024 @ 09:55:52.396 - - 309 - exec setConnectTimeout RMI TCP Connection(6)-127.0.0.1 -
Dec 11, 2024 @ 09:55:52.396 - - 311 - exec getKeepAlive RMI TCP Connection(6)-127.0.0.1 -
Dec 11, 2024 @ 09:55:52.866 - - 313 - exec connect RMI TCP Connection(6)-127.0.0.1
net.schmizz.sshj.transport.TransportException: [PROTOCOL_ERROR] invalid packet length: 274966857
at net.schmizz.sshj.transport.Decoder.checkPacketLength(Decoder.java:185)
at net.schmizz.sshj.transport.Decoder.decryptLength(Decoder.java:173)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:86)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:200)
at net.schmizz.sshj.transport.Reader.run(Reader.java:60)
|
|
sshj (like most libraries) has built in logging that you can parametrize to log at different levels. Can you apply for example the following configuration to produce more granular logging and post the logs? This snippet above would work for logback. How it works in your application depends on the logging implementation and potentially the application framework. |
we added log4j config, here the logs: Socket closed
net.schmizz.sshj.transport.TransportException: Socket closed
at
net.schmizz.sshj.transport.TransportImpl.write(TransportImpl.java:437)
at net.schmizz.sshj.transport.TransportImpl.sendServiceRequest(TransportImpl.java:340)
at net.schmizz.sshj.transport.TransportImpl.reqService(TransportImpl.java:323)
at net.schmizz.sshj.AbstractService.request(AbstractService.java:74)
at net.schmizz.sshj.userauth.UserAuthImpl.authenticate(UserAuthImpl.java:66) at net.schmizz.sshj.SSHClient.auth(SSHClient.java:223)
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:204)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:290) at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:260)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:244)
at service.threads.DeleteFileThread.run(DeleteFileThread.java:104)
Caused by: java.net.SocketException: Socket closed
at java.base/java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:113)
at java.base/java.net.SocketOutputStream.write(SocketOutputStream.java:150)
at net.schmizz.sshj.transport.TransportImpl.write(TransportImpl.java:434)
... 10 morewe also check by command line to see any fw issue: sftp -P XXX YYYY@ZZZZZ .
sh: sftp: not found
/ # sftp
sh: sftp: not found
/ # apk add openssh
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
(1/10) Installing openssh-keygen (8.6_p1-r3)
(2/10) Installing ncurses-terminfo-base (6.2_p20210612-r1)
(3/10) Installing ncurses-libs (6.2_p20210612-r1)
(4/10) Installing libedit (20210216.3.1-r0)
(5/10) Installing openssh-client-common (8.6_p1-r3)
(6/10) Installing openssh-client-default (8.6_p1-r3)
(7/10) Installing openssh-sftp-server (8.6_p1-r3)
(8/10) Installing openssh-server-common (8.6_p1-r3)
(9/10) Installing openssh-server (8.6_p1-r3)
(10/10) Installing openssh (8.6_p1-r3)
Executing busybox-1.33.1-r8.trigger
Executing glibc-bin-2.33-r0.trigger
/usr/glibc-compat/sbin/ldconfig: /usr/glibc-compat/lib/ld-linux-x86-64.so.2 is not a symbolic link
OK: 51 MiB in 41 packages
/ # sftp
usage: sftp [-46AaCfNpqrv] [-B buffer_size] [-b batchfile] [-c cipher]
[-D sftp_server_path] [-F ssh_config] [-i identity_file]
[-J destination] [-l limit] [-o ssh_option] [-P port]
[-R num_requests] [-S program] [-s subsystem | sftp_server]
destination
/ # sftp -P XXX YYYY@ZZZZZ
The authenticity of host-P XXX YYYY@ZZZZZ can't be established.
RSA key fingerprint is ********************************************.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '-P XXX YYYY@ZZZZZ ' (RSA) to the list of known hosts.
Password Authentication
Enter password for YYYY
Connected to YYYY@ZZZZZ
|
Hi Team,
we get the exception at the bottom in connection to sftp client authentication:
lib version:
sshj:0.34.0
the same java client on windows server works:
OpenJDK 64-Bit Server VM; 11.0.4; 11.0.4+11; mixed mode
regards.
The text was updated successfully, but these errors were encountered: