Steps to recreate the sshj issue

gistfile1.txt

1. create a ‘~/.ssh/config’ file with the following content;
#
# All hosts defaults
#
Host *
Protocol 1,2
FallBackToRsh no
ForwardAgent yes
ForwardX11 yes
PasswordAuthentication yes
RhostsAuthentication no
RhostsRSAAuthentication no
RSAAuthentication yes
NoHostAuthenticationForLocalhost yes
StrictHostKeyChecking no
KeepAlive yes

2. now for this user id, connect to a remote UNIX machine.  The moment you connect to a UNIX remote machine, you will see the RSA1 come up.

3. Verify that the key got added up to your ~/.ssh/known_hosts file.

4. Create a SSHv1 compatible key pair using the command "ssh-keygen -t rsa1".
This command will create identity(private key) and identity.pub (public key) and save it under ~/.ssh folder.

5. Verify that the public key looks like a sshv1 key by running cat ~/.ssh/identity.pub

6. Now try to do a passwordless setup to a remote machine, so that no password is asked by running scp ~/.ssh/identity.pub <username>@<machinename>:~/.ssh/

7. Now append it to the authorized keys by running cat ~/.ssh/identity.pub > ~/.ssh/authorized_keys on the remote machine.

8. Verify that the passwordless setup was indeed completed by running ssh <userName>@<machineName> from your local machine, and you shouldn't be prompted for a password.

9. Now try to run the following sample program to simulate the problem from your local machine.

SSHClient client = new SSHClient();
client.loadKnownHosts();
client.connect(REMOTE_MACHINE);
client.authPassword(USERNAME, PASSWORD);
Session session = client.startSession();
Command command = session.exec("who am i");
String output = command.getOutputAsString();
System.out.println(output);
session.close();
client.close();

Thanks for agreeing to take some time for me Jeroen. You know what they say.. "Known devil is better than the unknown angel"... and that is the main reason why I am trying to see if this can be sorted out within sshj itself instead of me going around exploring other libraries :) So far I have been extremely comfortable with using sshj and am reluctant on moving away from it, which explains my constant pestering on this issue Thanks & Regards Krishnan Mahadevan "All the desirable things in life are either illegal, expensive, fattening or in love with someone else!" On Thu, Jan 5, 2012 at 3:15 PM, Jeroen van Erp < reply@reply.github.com

…

wrote: Hi Krishnan, I've got some code already, but nowhere near functional. The protocol is (somewhat) different ;-) I know all about sysops ;) They can be a pain As is the API of JSch, we switched away from that in favor of Sshj for the overthere framework. I'll try to see whether I can squeeze in some time Regards, Jeroen BTW there are also other libraries out there, I think apache also has something, though no clue on how advanced that is. On Jan 5, 2012, at 10:26 AM, krmahadevan wrote: > Jeroen > > Upgrading to SSHv2 is not an option for me since I will have to convince > the environments team about this change and its really as good as banging > my head against a wall. They wont do it because currently with SSHv1 > itself > everything is working fine and if its working fine, you know what they > say > when you want to induce changes. > > Was really hoping that I get some help on this, because I am really not > keen on going back to exploring JSch again and try to build a full > blooded > implementation leveraging it (mainly because I find the API really > difficult to understand and use ) > > Thanks & Regards > Krishnan Mahadevan > > "All the desirable things in life are either illegal, expensive, > fattening > or in love with someone else!" > > On Thu, Jan 5, 2012 at 2:43 PM, Jeroen van Erp < > ***@***.*** > > > wrote: > > > > Hi Krishnan, > > > > I haven't had the time to look at it, work issues have been eating up > > too > > much time :( > > > > The easiest and safest route would be to upgrade to SSHv2 which is more > > widely supported and safer. Building support for SSHv1 keys is tricky > > but > > nevertheless doable > > > > Regards, > > Jeroen > > > > On Jan 5, 2012, at 10:10 AM, krmahadevan wrote: > > > > > @jeroen > > > @shikhar, > > > > > > Can you please let me know if this issue is fixed ? I am now being > > > asked > > > to explore other libraries if this issue is not fixed in sshj. Please > > > advise. > > > --- > > > > > > Reply to this email directly or view it on GitHub: > > > https://gist.github.com/1321719 > > --- > > > > Reply to this email directly or view it on GitHub: > > https://gist.github.com/1321719 > --- > > Reply to this email directly or view it on GitHub: > https://gist.github.com/1321719 --- Reply to this email directly or view it on GitHub: https://gist.github.com/1321719

Hi Krishnan,

Last night I did a bit of hacking, I think I tackled the Host key verification at least, could you try that? It will still fail then with the fact that it can't load the key for the passwordless ssh. If that is indeed the case, we're a bit closer to a solution.

You can find the code at: http://github.com/hierynomus/sshj under the branch known-hosts. Can you try it and post the logs?

Thx!

Jeroen, Thank you so much for helping me with this. I am bit new to this entire thing of github. If possible can you please walk me through on how to Clone your branch. Create a local build which I can consume in my test project to test out your implementation. Thanks & Regards Krishnan Mahadevan "All the desirable things in life are either illegal, expensive, fattening or in love with someone else!"

…

On Tue, Jan 10, 2012 at 1:26 PM, Jeroen van Erp < ***@***.*** > wrote: Hi Krishnan, Last night I did a bit of hacking, I think I tackled the Host key verification at least, could you try that? It will still fail then with the fact that it can't load the key for the passwordless ssh. If that is indeed the case, we're a bit closer to a solution. You can find the code at: http://github.com/hierynomus/sshj under the branch known-hosts. Can you try it and post the logs? Thx! --- Reply to this email directly or view it on GitHub: https://gist.github.com/1321719

Hi Krishnan,

Easiest is to download the zip from this url: https://github.com/hierynomus/sshj/zipball/known-hosts, and then use maven2 or maven3 to build the project, that will give you a jar in the target directory, which you can add to the classpath of your application. (I'm assuming you know maven ;) )

Regards,
Jeroen

Ah ok. I didnt know i could pull the code as a zip. Yeah i do know a little bit of maven. Please give me sometime. Will get back to you with the logs.

On Tuesday, 10 January 2012, Jeroen van Erp < ***@***.***> wrote: Hi Krishnan, Easiest is to download the zip from this url: https://github.com/hierynomus/sshj/zipball/known-hosts, and then use maven2 or maven3 to build the project, that will give you a jar in the target directory, which you can add to the classpath of your application. (I'm assuming you know maven ;) ) Regards, Jeroen --- Reply to this email directly or view it on GitHub: https://gist.github.com/1321719

## Thanks & Regards Krishnan Mahadevan "All the desirable things in life are either illegal, expensive, fattening or in love with someone else!" My Scribblings @ http://wakened-cognition.blogspot.com/

@jeroen,

Here are the logs that were generated when I made use of the zip file (0.8.0-SNAPSHOT) and built a jar out of it which I added up to my classpath.

Here's what I see in the console

Jan 11, 2012 10:47:14 PM net.schmizz.sshj.common.SecurityUtils$BouncyCastleRegistration run
INFO: Trying to register BouncyCastle as a JCE provider
Jan 11, 2012 10:47:14 PM net.schmizz.sshj.common.SecurityUtils$BouncyCastleRegistration run
INFO: Registration succeeded
Jan 11, 2012 10:47:15 PM net.schmizz.sshj.transport.TransportImpl init
INFO: Client identity string: SSH-2.0-SSHJ_0_7
Jan 11, 2012 10:47:15 PM net.schmizz.sshj.transport.TransportImpl init
INFO: Server identity string: SSH-1.99-OpenSSH_4.3
Jan 11, 2012 10:47:15 PM net.schmizz.sshj.transport.KeyExchanger sendKexInit
INFO: Sending SSH_MSG_KEXINIT
Jan 11, 2012 10:47:15 PM net.schmizz.sshj.transport.KeyExchanger handle
INFO: Received SSH_MSG_KEXINIT
Jan 11, 2012 10:47:15 PM net.schmizz.sshj.transport.kex.AbstractDHG init
INFO: Sending SSH_MSG_KEXDH_INIT
Jan 11, 2012 10:47:16 PM net.schmizz.sshj.transport.KeyExchanger handle
INFO: Received kex followup data
Jan 11, 2012 10:47:16 PM net.schmizz.sshj.transport.kex.AbstractDHG next
INFO: Received SSH_MSG_KEXDH_REPLY
Jan 11, 2012 10:47:16 PM net.schmizz.sshj.transport.verification.OpenSSHKnownHosts hostKeyChangedAction
WARNING: Host key for stage2sc5403.sc4..com has changed!
Jan 11, 2012 10:47:16 PM net.schmizz.sshj.transport.TransportImpl die
SEVERE: Dying because - net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4..com on port 22
Jan 11, 2012 10:47:16 PM net.schmizz.sshj.transport.TransportImpl setService
INFO: Setting active service to null-service
Jan 11, 2012 10:47:16 PM net.schmizz.concurrent.Promise tryRetrieve
SEVERE: <> woke to: net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4..com on port 22
Exception in thread "main" net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4..com on port 22
at net.schmizz.sshj.transport.KeyExchanger.verifyHost(KeyExchanger.java:222)
at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:373)
at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:477)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:127)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:195)
at net.schmizz.sshj.transport.Reader.run(Reader.java:72)

For some reason I can never get the debug level logs to be printed despite me using

System.setProperty("logback.configurationFile", "/Users/krmahadevan/Documents/eclipse-workspace/playground/streethawk/logback.xml");

Not sure what is going on there.

Jeroen, I posted the logs with the jar that you provided with. Please let me know incase you need anything additional from me to proceed further. Thanks & Regards Krishnan Mahadevan "All the desirable things in life are either illegal, expensive, fattening or in love with someone else!" On Tue, Jan 10, 2012 at 1:43 PM, Krishnan Mahadevan < krishnan.mahadevan1978@gmail.com> wrote:

…

Ah ok. I didnt know i could pull the code as a zip. Yeah i do know a little bit of maven. Please give me sometime. Will get back to you with the logs. On Tuesday, 10 January 2012, Jeroen van Erp < ***@***.***> wrote: > Hi Krishnan, > > Easiest is to download the zip from this url: > https://github.com/hierynomus/sshj/zipball/known-hosts, and then use > maven2 or maven3 to build the project, that will give you a jar in the > target directory, which you can add to the classpath of your application. > (I'm assuming you know maven ;) ) > > Regards, > Jeroen > --- > > Reply to this email directly or view it on GitHub: > https://gist.github.com/1321719 ## Thanks & Regards Krishnan Mahadevan "All the desirable things in life are either illegal, expensive, fattening or in love with someone else!" My Scribblings @ http://wakened-cognition.blogspot.com/

Hi Krishnan, I'd really also like the debug/trace level logging. To get that, it should be enough to include a directory on your class path that contains a log back.xml file which has the correct settings. There is no need for system.setProperty. With the TRACE level logging we can actually see what's being sent by the server and more :-). Regards, Jeroen

…

On Jan 12, 2012, at 1:19 PM, krmahadevan wrote: Jeroen, I posted the logs with the jar that you provided with. Please let me know incase you need anything additional from me to proceed further. Thanks & Regards Krishnan Mahadevan "All the desirable things in life are either illegal, expensive, fattening or in love with someone else!" On Tue, Jan 10, 2012 at 1:43 PM, Krishnan Mahadevan < ***@***.***> wrote: > Ah ok. I didnt know i could pull the code as a zip. Yeah i do know a > little bit of maven. Please give me sometime. Will get back to you with the > logs. > > On Tuesday, 10 January 2012, Jeroen van Erp < > ***@***.***> > wrote: > > > Hi Krishnan, > > > > Easiest is to download the zip from this url: > > https://github.com/hierynomus/sshj/zipball/known-hosts, and then use > > maven2 or maven3 to build the project, that will give you a jar in the > > target directory, which you can add to the classpath of your application. > > (I'm assuming you know maven ;) ) > > > > Regards, > > Jeroen > > --- > > > > Reply to this email directly or view it on GitHub: > > https://gist.github.com/1321719 > ## > > Thanks & Regards > Krishnan Mahadevan > > "All the desirable things in life are either illegal, expensive, fattening > or in love with someone else!" > My Scribblings @ http://wakened-cognition.blogspot.com/ --- Reply to this email directly or view it on GitHub: https://gist.github.com/1321719

Hi Krishnan,

I've just pushed some additional logging to my branch, could you download and build it again, and try it? Preferably with 'trace' level logging also turned on :)

Thx!
Jeroen

@jeroen,

Finally I figured out how to get back the debug logs.. Me and my silly bone headed mistakes :)

Here goes the complete logs of what I am seeing right now..

[TestNG] Running:
/private/var/folders/y-/y-VVVJSMHAKi99dCLf-CN+OChX2/-Tmp-/testng-eclipse-1966238102/testng-customsuite.xml

16:47:00,188 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback.groovy]
16:47:00,188 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback-test.xml]
16:47:00,188 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Found resource [logback.xml] at [file:/Users/krmahadevan/Documents/eclipse-workspace/playground/streethawk/target/classes/logback.xml]
16:47:00,346 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - debug attribute not set
16:47:00,347 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.ConsoleAppender]
16:47:00,352 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [STDOUT]
16:47:00,442 |-WARN in ch.qos.logback.core.ConsoleAppender[STDOUT] - This appender no longer admits a layout as a sub-component, set an encoder instead.
16:47:00,442 |-WARN in ch.qos.logback.core.ConsoleAppender[STDOUT] - To ensure compatibility, wrapping your layout in LayoutWrappingEncoder.
16:47:00,442 |-WARN in ch.qos.logback.core.ConsoleAppender[STDOUT] - See also http://logback.qos.ch/codes.html#layoutInsteadOfEncoder for details
16:47:00,442 |-INFO in ch.qos.logback.classic.joran.action.RootLoggerAction - Setting level of ROOT logger to DEBUG
16:47:00,442 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [STDOUT] to Logger[ROOT]

16:47:00.590 INFO n.schmizz.sshj.common.SecurityUtils.run - Trying to register BouncyCastle as a JCE provider
16:47:00.951 INFO n.schmizz.sshj.common.SecurityUtils.run - Registration succeeded
16:47:01.000 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Parsing known hosts line: stage2sc5403.sc4.com,10.15.24.241 2048 35 18746809297593312449153909163703621761337578378768707897353720150453225577701367211457017231241384750514988610842630169074993633077940517956073653975728850147993307907306113826009550592016215460135403624328473220884432002262277766497002180788488805204560240694410167786260511105115731036405282962013852410028449464729641808955067866045047706489587523917987818381339462786605433590644624820998123917424659652549723707128053569543989036586102789210213926400400806667479448503021670566792738419324826748902887203455149346171938408926460327794800901772384385624553006469431213548745363930780302993004745354897800686444733
16:47:01.001 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Marker null found for string stage2sc5403.sc4.com,10.15.24.241
16:47:01.001 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Hostnames parsed: stage2sc5403.sc4.com,10.15.24.241
16:47:01.003 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - sType parsed: 2048 => KeyType unknown
16:47:01.006 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - e = 35, n = 18746809297593312449153909163703621761337578378768707897353720150453225577701367211457017231241384750514988610842630169074993633077940517956073653975728850147993307907306113826009550592016215460135403624328473220884432002262277766497002180788488805204560240694410167786260511105115731036405282962013852410028449464729641808955067866045047706489587523917987818381339462786605433590644624820998123917424659652549723707128053569543989036586102789210213926400400806667479448503021670566792738419324826748902887203455149346171938408926460327794800901772384385624553006469431213548745363930780302993004745354897800686444733
16:47:01.010 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Parsing known hosts line: hyper65.ca1.com,10.244.31.63 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAub0nFxHqwUk/r5Zcpui/JpL62Hcj8vFIAueSQf/n60j8powmQuVnqVuoBk9YoPdZ6ljk2hckRwM7YnEey3tYNdoznHC176JnZVwlvihs9G4pRRJiA3oprw5/Ow7VlaweM6x1QSLLj6joKrY2FQPy53hfJrv4Sa+cnecuPyEitSFCVZJDTzeDOYvEuEcyCpxqV5Xp5xZt2dcI2LXA2qibsJIXQpAzUGAc1j3N5B51+ErgzGlyRUadkiGeW484U+35eoFFsrci3XSIaBO1nmwz7BP6VTjeGYPTBxU98npTHzTuRV8uiiTscP1zVgvqau/pknSuLOAnpeb8XptvFi700Q==
16:47:01.010 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Marker null found for string hyper65.ca1.com,10.244.31.63
16:47:01.010 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Hostnames parsed: hyper65.ca1.com,10.244.31.63
16:47:01.011 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - sType parsed: ssh-rsa => KeyType ssh-rsa
16:47:01.011 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - sKey = AAAAB3NzaC1yc2EAAAABIwAAAQEAub0nFxHqwUk/r5Zcpui/JpL62Hcj8vFIAueSQf/n60j8powmQuVnqVuoBk9YoPdZ6ljk2hckRwM7YnEey3tYNdoznHC176JnZVwlvihs9G4pRRJiA3oprw5/Ow7VlaweM6x1QSLLj6joKrY2FQPy53hfJrv4Sa+cnecuPyEitSFCVZJDTzeDOYvEuEcyCpxqV5Xp5xZt2dcI2LXA2qibsJIXQpAzUGAc1j3N5B51+ErgzGlyRUadkiGeW484U+35eoFFsrci3XSIaBO1nmwz7BP6VTjeGYPTBxU98npTHzTuRV8uiiTscP1zVgvqau/pknSuLOAnpeb8XptvFi700Q==
16:47:01.574 INFO n.s.sshj.transport.TransportImpl.init - Client identity string: SSH-2.0-SSHJ_0_7
16:47:01.798 INFO n.s.sshj.transport.TransportImpl.init - Server identity string: SSH-1.99-OpenSSH_4.3
16:47:01.799 DEBUG net.schmizz.concurrent.Promise.deliver - Setting <> to null
16:47:01.800 INFO n.s.sshj.transport.KeyExchanger.sendKexInit - Sending SSH_MSG_KEXINIT
16:47:01.804 DEBUG net.schmizz.concurrent.Promise.deliver - Setting <> to SOME
16:47:01.804 DEBUG net.schmizz.concurrent.Promise.tryRetrieve - Awaiting <>
16:47:02.016 INFO n.s.sshj.transport.KeyExchanger.handle - Received SSH_MSG_KEXINIT
16:47:02.018 DEBUG n.s.sshj.transport.KeyExchanger.gotKexInit - Negotiated algorithms: [ kex=diffie-hellman-group14-sha1; sig=ssh-rsa; c2sCipher=aes128-ctr; s2cCipher=aes128-ctr; c2sMAC=hmac-sha1; s2cMAC=hmac-sha1; c2sComp=none; s2cComp=none ]
16:47:02.060 INFO net.schmizz.sshj.transport.kex.DHG14.init - Sending SSH_MSG_KEXDH_INIT
16:47:02.288 INFO n.s.sshj.transport.KeyExchanger.handle - Received kex followup data
16:47:02.289 INFO net.schmizz.sshj.transport.kex.DHG14.next - Received SSH_MSG_KEXDH_REPLY
16:47:02.335 DEBUG n.s.sshj.transport.KeyExchanger.verifyHost - Trying to verify host key with net.schmizz.sshj.transport.verification.OpenSSHKnownHosts@79fcf790
16:47:02.339 DEBUG n.s.s.t.v.OpenSSHKnownHosts.verify - Entry SimpleEntry[stage2sc5403.sc4.com,10.15.24.241, ssh-rsa, RSA Public Key modulus: 9480da90bb326ae3d3f9c48af36bcb26a9d86a0f1dd1a447caee0080632d5b5c1dc01027d8b63323ad64aa9d7fe38b6c57382420da801677030ead12e2b5c6c2bd87564c0472d3b4d6345b2d911e965788797f7b2d12e78028e68a315ee771629f5ca1f66aa30e4c1d58e295d63b8070e1ca0c0e67bfd64de2bb955628c1128483d34b5d3ddac30a6e06400d13040d0ad49fb13979236c8c1d61af0c36e09950c0cebb058a54bbdc644d2ab4ce7341b6f774993d6829f4d4dbe284e1a75265940bd6f7a463f5d37cbf86a5cdadedbcede23d6ccfa64b5c39addc0b76f527ce631e39899ae91ca8c799cbcd90b34760b201c68e348813897f832e856b2affa0bd public exponent: 23 ] applies to key with type ssh-rsa and adjustedHostname stage2sc5403.sc4.com
16:47:02.341 DEBUG n.s.s.t.v.OpenSSHKnownHosts.verify - Verifying match for received key RSA Public Key
modulus: e0a5af020947545476e050e3da2491f3d925eaf7f3bffbf1e0271949e78cca4c884be028d9b90cf5a1bf497abcc56e23f6da8e4b8c4ce74ccdf0d00a172f4b697038aedb4c7a5d929b7ff139aefbe5701276c1d48cf5c93e5bfc227ad9e6875256e4eea6c2a255dbccfc32243b1b6af178c43ee9dd714f845bab3adbef8accdade4913709215a747e06a8aed982253a2c71f8025274120e2eabcdeebf610bd4345a2fc374b8566c0bc0d9c5f4c678eb7078b25daf779e09427e781a3249bd9769c75aba941af3a137046c5f1fb353c9167fc978d0f984a06e6a04c159118e2220e5fa055c6b791f91790d24c65800967b9abbd29830af41ae05d0aa53379d333
public exponent: 23
with known host key: RSA Public Key
modulus: 9480da90bb326ae3d3f9c48af36bcb26a9d86a0f1dd1a447caee0080632d5b5c1dc01027d8b63323ad64aa9d7fe38b6c57382420da801677030ead12e2b5c6c2bd87564c0472d3b4d6345b2d911e965788797f7b2d12e78028e68a315ee771629f5ca1f66aa30e4c1d58e295d63b8070e1ca0c0e67bfd64de2bb955628c1128483d34b5d3ddac30a6e06400d13040d0ad49fb13979236c8c1d61af0c36e09950c0cebb058a54bbdc644d2ab4ce7341b6f774993d6829f4d4dbe284e1a75265940bd6f7a463f5d37cbf86a5cdadedbcede23d6ccfa64b5c39addc0b76f527ce631e39899ae91ca8c799cbcd90b34760b201c68e348813897f832e856b2affa0bd
public exponent: 23

16:47:02.342 WARN n.s.s.t.v.OpenSSHKnownHosts.hostKeyChangedAction - Host key RSA Public Key modulus: e0a5af020947545476e050e3da2491f3d925eaf7f3bffbf1e0271949e78cca4c884be028d9b90cf5a1bf497abcc56e23f6da8e4b8c4ce74ccdf0d00a172f4b697038aedb4c7a5d929b7ff139aefbe5701276c1d48cf5c93e5bfc227ad9e6875256e4eea6c2a255dbccfc32243b1b6af178c43ee9dd714f845bab3adbef8accdade4913709215a747e06a8aed982253a2c71f8025274120e2eabcdeebf610bd4345a2fc374b8566c0bc0d9c5f4c678eb7078b25daf779e09427e781a3249bd9769c75aba941af3a137046c5f1fb353c9167fc978d0f984a06e6a04c159118e2220e5fa055c6b791f91790d24c65800967b9abbd29830af41ae05d0aa53379d333 public exponent: 23 for stage2sc5403.sc4.com has changed!
16:47:02.343 WARN n.s.s.t.v.OpenSSHKnownHosts.hostKeyChangedAction - Checked against Known Hosts entry: SimpleEntry[stage2sc5403.sc4.com,10.15.24.241, ssh-rsa, RSA Public Key modulus: 9480da90bb326ae3d3f9c48af36bcb26a9d86a0f1dd1a447caee0080632d5b5c1dc01027d8b63323ad64aa9d7fe38b6c57382420da801677030ead12e2b5c6c2bd87564c0472d3b4d6345b2d911e965788797f7b2d12e78028e68a315ee771629f5ca1f66aa30e4c1d58e295d63b8070e1ca0c0e67bfd64de2bb955628c1128483d34b5d3ddac30a6e06400d13040d0ad49fb13979236c8c1d61af0c36e09950c0cebb058a54bbdc644d2ab4ce7341b6f774993d6829f4d4dbe284e1a75265940bd6f7a463f5d37cbf86a5cdadedbcede23d6ccfa64b5c39addc0b76f527ce631e39899ae91ca8c799cbcd90b34760b201c68e348813897f832e856b2affa0bd public exponent: 23 ]
16:47:02.343 DEBUG n.s.sshj.transport.KeyExchanger.verifyHost - Trying to verify host key with net.schmizz.sshj.transport.verification.OpenSSHKnownHosts@4e1263db
16:47:02.344 ERROR n.s.sshj.transport.TransportImpl.die - Dying because - net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22
16:47:02.344 DEBUG n.s.sshj.transport.TransportImpl.notifyDisconnect - Default disconnect listener - HOST_KEY_NOT_VERIFIABLE
16:47:02.345 DEBUG n.s.sshj.transport.KeyExchanger.notifyError - Got notified of net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22
16:47:02.345 DEBUG n.s.s.t.TransportImpl$NullService.notifyError - Notified of net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22
16:47:02.345 ERROR net.schmizz.concurrent.Promise.tryRetrieve - <> woke to: net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22
16:47:02.345 INFO n.s.sshj.transport.TransportImpl.setService - Setting active service to null-service
16:47:02.345 DEBUG n.s.sshj.transport.TransportImpl.sendDisconnect - Sending SSH_MSG_DISCONNECT: reason=[HOST_KEY_NOT_VERIFIABLE], msg=[Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22]
16:47:02.346 DEBUG net.schmizz.concurrent.Promise.deliver - Setting <> to SOME
16:47:02.346 DEBUG net.schmizz.sshj.transport.Reader.run - Stopping
FAILED: f
net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22
at net.schmizz.sshj.transport.KeyExchanger.verifyHost(KeyExchanger.java:222)
at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:373)
at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:477)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:127)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:195)
at net.schmizz.sshj.transport.Reader.run(Reader.java:72)

@jeroen, I have included the debug logs. Please let me know incase you need something additional from me. Thanks & Regards Krishnan Mahadevan

…

On Tue, Jan 17, 2012 at 2:28 PM, Jeroen van Erp < ***@***.*** > wrote: Hi Krishnan, I've just pushed some additional logging to my branch, could you download and build it again, and try it? Preferably with 'trace' level logging also turned on :) Thx! Jeroen --- Reply to this email directly or view it on GitHub: https://gist.github.com/1321719

Hi Krishnan,

I've done some investigation. It seems like the following is at least happening on your side:

1. In ~/known_hosts there is (at least) an RSA1 key for the host.
2. The host supports SSHv2, given the identification string: SSH-1.99-OpenSSH_4.3

I'm trying to see whether I can add true SSHv1 support to SSHj, but this is non-trivial to say the least. It would then be the ONLY open source Java SSH library I've found until now which supports the protocol.

In the meantime I've added some code which you could try out. Please download from https://github.com/hierynomus/sshj/zipball/ssh-1
(Note: I've renamed the branch).

Could you see where that gets you?

Regards,
Jeroen

@jeroen,

I see one of the unit tests failing when I work with this [For now am proceeding with mvn install -DskipTests=true]

Results :

Failed tests:
testRsa1Entry(net.schmizz.sshj.transport.verification.OpenSSHKnownHostsTest)

Tests run: 22, Failures: 1, Errors: 0, Skipped: 0

java.lang.AssertionError: at org.junit.Assert.fail(Assert.java:91) at org.junit.Assert.assertTrue(Assert.java:43) at org.junit.Assert.assertTrue(Assert.java:54) at net.schmizz.sshj.transport.verification.OpenSSHKnownHostsTest.testRsa1Entry(OpenSSHKnownHostsTest.java:107) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20) at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28) at org.junit.rules.ExternalResource$1.evaluate(ExternalResource.java:43) at org.junit.runners.BlockJUnit4ClassRunner.runNotIgnored(BlockJUnit4ClassRunner.java:79) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:71) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184) at org.junit.runners.ParentRunner.run(ParentRunner.java:236) at org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:62) at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTestSet(AbstractDirectoryTestSuite.java:140) at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(AbstractDirectoryTestSuite.java:127) at org.apache.maven.surefire.Surefire.run(Surefire.java:177) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:345) at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:1009) 20:32:19.191 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - Parsing known hosts line: schmizz.net,69.163.155.180 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ== 20:32:19.192 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - Marker `null` found for string `schmizz.net,69.163.155.180` 20:32:19.192 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - Hostnames parsed: schmizz.net,69.163.155.180 20:32:19.192 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - sType parsed: ssh-rsa => KeyType ssh-rsa 20:32:19.192 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - sKey = AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ== 20:32:19.192 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - Parsing known hosts line: |1|dy7xSefq6NmJms6AzANG3w45W28=|SSCTlHs4pZbc2uaRoPvjyEAHE1g= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu64GJcCkdtckPGt8uKTyhG1ShT1Np1kh10eE49imQ4Nh9Y/IrSPzDtYUAazQ88ABc2NffuOKkdn2qtUwZ1ulfcdNfN3oTim3BiVHqa041pKG0L+onQe8Bo+CaG5KBLy/C24eNGM9EcfQvDQOnq1eD3lnR/l8fFckldzjfxZgar0yT9Bb3pwp50oN+1wSEINJEHOgMIW8kZBQmyNr/B+b7yX+Y1s1vuYIP/i4WimCVmkdi9G87Ga8w7GxKalRD2QOG6Xms2YWRQDN6M/MOn4tda3EKolbWkctEWcQf/PcVJffTH4Wv5f0RjVyrQv4ha4FZcNAv6RkRd9WkiCsiTKioQ== 20:32:19.193 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - Marker `null` found for string `|1|dy7xSefq6NmJms6AzANG3w45W28=|SSCTlHs4pZbc2uaRoPvjyEAHE1g=` 20:32:19.193 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - Hostnames parsed: |1|dy7xSefq6NmJms6AzANG3w45W28=|SSCTlHs4pZbc2uaRoPvjyEAHE1g= 20:32:19.193 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - sType parsed: ssh-rsa => KeyType ssh-rsa 20:32:19.193 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - sKey = AAAAB3NzaC1yc2EAAAABIwAAAQEAu64GJcCkdtckPGt8uKTyhG1ShT1Np1kh10eE49imQ4Nh9Y/IrSPzDtYUAazQ88ABc2NffuOKkdn2qtUwZ1ulfcdNfN3oTim3BiVHqa041pKG0L+onQe8Bo+CaG5KBLy/C24eNGM9EcfQvDQOnq1eD3lnR/l8fFckldzjfxZgar0yT9Bb3pwp50oN+1wSEINJEHOgMIW8kZBQmyNr/B+b7yX+Y1s1vuYIP/i4WimCVmkdi9G87Ga8w7GxKalRD2QOG6Xms2YWRQDN6M/MOn4tda3EKolbWkctEWcQf/PcVJffTH4Wv5f0RjVyrQv4ha4FZcNAv6RkRd9WkiCsiTKioQ== 20:32:19.193 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - Parsing known hosts line: test.com,1.1.1.1 2048 35 22017496617994656680820635966392838863613340434802393112245951008866692373218840197754553998457793202561151141246686162285550121243768846314646395880632789308110750881198697743542374668273149584280424505890648953477691795864456749782348425425954366277600319096366690719901119774784695056100331902394094537054256611668966698242432417382422091372756244612839068092471592121759862971414741954991375710930168229171638843329213652899594987626853020377726482288618521941129157643483558764875338089684351824791983007780922947554898825663693324944982594850256042689880090306493029526546183035567296830604572253312294059766327 20:32:19.194 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - Marker `null` found for string `test.com,1.1.1.1` 20:32:19.194 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - Hostnames parsed: test.com,1.1.1.1 20:32:19.194 [main] DEBUG n.s.s.t.v.OpenSSHKnownHosts - sType parsed: 2048 => KeyType 20:32:19.194 [main] WARN n.s.s.t.v.OpenSSHKnownHosts - Not yet supporting RSA1 keys, need SSH-1 support.

@jeroen,

I tried with the branch you gave me. Here are the debug logs

20:36:58,494 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Found resource [/Users/krmahadevan/Documents/eclipse-workspace/playground/streethawk/src/main/resources/logback.xml] at [file:/Users/krmahadevan/Documents/eclipse-workspace/playground/streethawk/src/main/resources/logback.xml]
20:36:58,560 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - debug attribute not set
20:36:58,564 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.ConsoleAppender]
20:36:58,567 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [STDOUT]
20:36:58,639 |-WARN in ch.qos.logback.core.ConsoleAppender[STDOUT] - This appender no longer admits a layout as a sub-component, set an encoder instead.
20:36:58,639 |-WARN in ch.qos.logback.core.ConsoleAppender[STDOUT] - To ensure compatibility, wrapping your layout in LayoutWrappingEncoder.
20:36:58,639 |-WARN in ch.qos.logback.core.ConsoleAppender[STDOUT] - See also http://logback.qos.ch/codes.html#layoutInsteadOfEncoder for details
20:36:58,639 |-INFO in ch.qos.logback.classic.joran.action.RootLoggerAction - Setting level of ROOT logger to DEBUG
20:36:58,639 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [STDOUT] to Logger[ROOT]

20:36:58.857 INFO n.schmizz.sshj.common.SecurityUtils.run - Trying to register BouncyCastle as a JCE provider
20:36:59.240 INFO n.schmizz.sshj.common.SecurityUtils.run - Registration succeeded
20:36:59.291 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Parsing known hosts line: stage2sc5403.sc4.com,10.15.24.241 2048 35 18746809297593312449153909163703621761337578378768707897353720150453225577701367211457017231241384750514988610842630169074993633077940517956073653975728850147993307907306113826009550592016215460135403624328473220884432002262277766497002180788488805204560240694410167786260511105115731036405282962013852410028449464729641808955067866045047706489587523917987818381339462786605433590644624820998123917424659652549723707128053569543989036586102789210213926400400806667479448503021670566792738419324826748902887203455149346171938408926460327794800901772384385624553006469431213548745363930780302993004745354897800686444733
20:36:59.292 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Marker null found for string stage2sc5403.sc4.com,10.15.24.241
20:36:59.292 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Hostnames parsed: stage2sc5403.sc4.com,10.15.24.241
20:36:59.294 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - sType parsed: 2048 => KeyType
20:36:59.295 WARN n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Not yet supporting RSA1 keys, need SSH-1 support.
20:36:59.296 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Parsing known hosts line: hyper65.ca1.com,10.244.31.63 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAub0nFxHqwUk/r5Zcpui/JpL62Hcj8vFIAueSQf/n60j8powmQuVnqVuoBk9YoPdZ6ljk2hckRwM7YnEey3tYNdoznHC176JnZVwlvihs9G4pRRJiA3oprw5/Ow7VlaweM6x1QSLLj6joKrY2FQPy53hfJrv4Sa+cnecuPyEitSFCVZJDTzeDOYvEuEcyCpxqV5Xp5xZt2dcI2LXA2qibsJIXQpAzUGAc1j3N5B51+ErgzGlyRUadkiGeW484U+35eoFFsrci3XSIaBO1nmwz7BP6VTjeGYPTBxU98npTHzTuRV8uiiTscP1zVgvqau/pknSuLOAnpeb8XptvFi700Q==
20:36:59.296 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Marker null found for string hyper65.ca1.com,10.244.31.63
20:36:59.296 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - Hostnames parsed: hyper65.ca1.com,10.244.31.63
20:36:59.296 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - sType parsed: ssh-rsa => KeyType ssh-rsa
20:36:59.296 DEBUG n.s.s.t.v.OpenSSHKnownHosts.parseEntry - sKey = AAAAB3NzaC1yc2EAAAABIwAAAQEAub0nFxHqwUk/r5Zcpui/JpL62Hcj8vFIAueSQf/n60j8powmQuVnqVuoBk9YoPdZ6ljk2hckRwM7YnEey3tYNdoznHC176JnZVwlvihs9G4pRRJiA3oprw5/Ow7VlaweM6x1QSLLj6joKrY2FQPy53hfJrv4Sa+cnecuPyEitSFCVZJDTzeDOYvEuEcyCpxqV5Xp5xZt2dcI2LXA2qibsJIXQpAzUGAc1j3N5B51+ErgzGlyRUadkiGeW484U+35eoFFsrci3XSIaBO1nmwz7BP6VTjeGYPTBxU98npTHzTuRV8uiiTscP1zVgvqau/pknSuLOAnpeb8XptvFi700Q==
20:36:59.551 INFO n.s.sshj.transport.TransportImpl.init - Client identity string: SSH-2.0-SSHJ_0_7
20:36:59.772 INFO n.s.sshj.transport.TransportImpl.init - Server identity string: SSH-1.99-OpenSSH_4.3
20:36:59.773 DEBUG net.schmizz.concurrent.Promise.deliver - Setting <> to null
20:36:59.773 INFO n.s.sshj.transport.KeyExchanger.sendKexInit - Sending SSH_MSG_KEXINIT
20:36:59.777 DEBUG net.schmizz.concurrent.Promise.deliver - Setting <> to SOME
20:36:59.778 DEBUG net.schmizz.concurrent.Promise.tryRetrieve - Awaiting <>
20:37:00.641 INFO n.s.sshj.transport.KeyExchanger.handle - Received SSH_MSG_KEXINIT
20:37:00.643 DEBUG n.s.sshj.transport.KeyExchanger.gotKexInit - Negotiated algorithms: [ kex=diffie-hellman-group14-sha1; sig=ssh-rsa; c2sCipher=aes128-ctr; s2cCipher=aes128-ctr; c2sMAC=hmac-sha1; s2cMAC=hmac-sha1; c2sComp=none; s2cComp=none ]
20:37:00.693 INFO net.schmizz.sshj.transport.kex.DHG14.init - Sending SSH_MSG_KEXDH_INIT
20:37:00.945 INFO n.s.sshj.transport.KeyExchanger.handle - Received kex followup data
20:37:00.945 INFO net.schmizz.sshj.transport.kex.DHG14.next - Received SSH_MSG_KEXDH_REPLY
20:37:00.992 DEBUG n.s.sshj.transport.KeyExchanger.verifyHost - Trying to verify host key with net.schmizz.sshj.transport.verification.OpenSSHKnownHosts@60cbf9bd
20:37:00.992 DEBUG n.s.sshj.transport.KeyExchanger.verifyHost - Trying to verify host key with net.schmizz.sshj.transport.verification.OpenSSHKnownHosts@6f7918f0
20:37:00.993 ERROR n.s.sshj.transport.TransportImpl.die - Dying because - net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22
20:37:00.993 DEBUG n.s.sshj.transport.TransportImpl.notifyDisconnect - Default disconnect listener - HOST_KEY_NOT_VERIFIABLE
20:37:00.993 DEBUG n.s.sshj.transport.KeyExchanger.notifyError - Got notified of net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22
20:37:00.994 DEBUG n.s.s.t.TransportImpl$NullService.notifyError - Notified of net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22
20:37:00.994 ERROR net.schmizz.concurrent.Promise.tryRetrieve - <> woke to: net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22
Exception in thread "main" 20:37:00.994 INFO n.s.sshj.transport.TransportImpl.setService - Setting active service to null-service
20:37:00.994 DEBUG n.s.sshj.transport.TransportImpl.sendDisconnect - Sending SSH_MSG_DISCONNECT: reason=[HOST_KEY_NOT_VERIFIABLE], msg=[Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22]
20:37:00.995 DEBUG net.schmizz.concurrent.Promise.deliver - Setting <> to SOME
20:37:00.995 DEBUG net.schmizz.sshj.transport.Reader.run - Stopping
net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify ssh-rsa host key with fingerprint ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41 for stage2sc5403.sc4.com on port 22
at net.schmizz.sshj.transport.KeyExchanger.verifyHost(KeyExchanger.java:222)
at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:373)
at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:477)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:127)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:195)
at net.schmizz.sshj.transport.Reader.run(Reader.java:72)

Jeroen, Please let me know if the info I provided is good enough.

…

On Wed, Jan 18, 2012 at 8:01 PM, Jeroen van Erp < ***@***.*** > wrote: Hi Krishnan, I've done some investigation. It seems like the following is at least happening on your side: 1. In ~/known_hosts there is (at least) an RSA1 key for the host. 2. The host supports SSHv2, given the identification string: SSH-1.99-OpenSSH_4.3 I'm trying to see whether I can add true SSHv1 support to SSHj, but this is non-trivial to say the least. It would then be the ONLY open source Java SSH library I've found until now which supports the protocol. In the meantime I've added some code which you could try out. Please download from https://github.com/hierynomus/sshj/zipball/ssh-1 (Note: I've renamed the branch). Could you see where that gets you? Regards, Jeroen --- Reply to this email directly or view it on GitHub: https://gist.github.com/1321719

Hi Krishnan,

Perfect. The known_hosts file only contains an RSA1 key, which is not supported for SSHv2. Could you run with the ConsoleKnownHostsVerifier?

Adapt the code to:

SSHClient client = new SSHClient();
client.addHostKeyVerifier(new ConsoleKnownHostsVerifier());
client.loadKnownHosts();
client.connect(REMOTE_MACHINE);
client.authPassword(USERNAME, PASSWORD);
Session session = client.startSession();
Command command = session.exec("who am i");
String output = command.getOutputAsString();
System.out.println(output);
session.close();
client.close();

This should prompt you to add the key to the known_hosts file :-)

Regards,
Jeroen

Jeroen, Seems like a default constructor is not defined for ConsoleKnownHostsVerifier class. client.addHostKeyVerifier(new ConsoleKnownHostsVerifier(new File( "~/.ssh/known_hosts"), System.console())); I tried the above, but I keep hitting NullPointerExceptions being thrown (Pardon me if I sound silly, but never worked with Console class ) Caused by: java.lang.NullPointerException at net.schmizz.sshj.transport.verification.ConsoleKnownHostsVerifier.hostKeyUnverifiableAction(ConsoleKnownHostsVerifier.java:43) at net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.verify(OpenSSHKnownHosts.java:106) at net.schmizz.sshj.transport.KeyExchanger.verifyHost(KeyExchanger.java:218) at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:373) at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:477) at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:127) at net.schmizz.sshj.transport.Decoder.received(Decoder.java:195) at net.schmizz.sshj.transport.Reader.run(Reader.java:72) Caused by: net.schmizz.sshj.common.SSHException at net.schmizz.sshj.common.SSHException$1.chain(SSHException.java:56) at net.schmizz.sshj.common.SSHException$1.chain(SSHException.java:49) at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:572) ... 1 more

…

On Wed, Jan 18, 2012 at 8:44 PM, Jeroen van Erp < ***@***.*** > wrote: Hi Krishnan, Perfect. The known_hosts file only contains an RSA1 key, which is not supported for SSHv2. Could you run with the ConsoleKnownHostsVerifier? Adapt the code to: ``` java SSHClient client = new SSHClient(); client.addHostKeyVerifier(new ConsoleKnownHostsVerifier()); //client.loadKnownHosts(); client.connect(REMOTE_MACHINE); client.authPassword(USERNAME, PASSWORD); Session session = client.startSession(); Command command = session.exec("who am i"); String output = command.getOutputAsString(); System.out.println(output); session.close(); client.close(); ``` This should prompt you to add the key to the known_hosts file :-) Regards, Jeroen --- Reply to this email directly or view it on GitHub: https://gist.github.com/1321719

@jeroen

I read on google that when code is executed via eclipse, the Console would always be null and there is no way of circumventing that.

But I see this come up even when I try to run my test from the command prompt

I used

mvn clean test -Dtest=TestBugFix

Hi Krishnan,

Via any non-interactive process (Eclipse or unit test through maven) the console will be null. Could you try connecting normally to the machine (ie. on the command line execute ssh -v -v -v USER@HOST.
And then accept the key if it asks for that, and post the logging of that?

Regards,
Jeroen

@jeroen,

Here's what I see when I tried the command that you provided me with :

LM-MAA-00387425:bluefin-gui krmahadevan$ ssh -v -v -v krmahadevan@stage2sc5403.sc4.com
OpenSSH_5.2p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /Users/krmahadevan/.ssh/config
debug1: Applying options for *
debug1: /Users/krmahadevan/.ssh/config line 6: Deprecated option "FallBackToRsh"
debug1: /Users/krmahadevan/.ssh/config line 10: Deprecated option "RhostsAuthentication"
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to stage2sc5403.sc4.com [10.15.24.241] port 22.
debug1: Connection established.
debug1: identity file /Users/krmahadevan/.ssh/identity type 0
debug1: identity file /Users/krmahadevan/.ssh/id_rsa type -1
debug1: identity file /Users/krmahadevan/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH_4*
debug1: Local version string SSH-1.5-OpenSSH_5.2
debug2: fd 3 setting O_NONBLOCK
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (2048 bits).
debug3: check_host_in_hostfile: filename /Users/krmahadevan/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /Users/krmahadevan/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'stage2sc5403.sc4.com' is known and matches the RSA1 host key.
debug1: Found key in /Users/krmahadevan/.ssh/known_hosts:1
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug2: cipher_init: set keylen (16 -> 32)
debug2: cipher_init: set keylen (16 -> 32)
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: RSA authentication using agent refused.
debug1: Trying RSA authentication with key '/Users/krmahadevan/.ssh/identity'
debug1: Received RSA challenge from server.
debug1: Sending response to host key RSA challenge.
debug1: Remote: RSA authentication accepted.
debug1: RSA authentication accepted by server.
debug1: Requesting pty.
debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-zn3lvU4w5R/xauthfile generate /tmp/launch-aAEx0D/org.x:0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null
Warning: untrusted X11 forwarding setup failed: xauth key data not generated
Warning: No xauth data; using fake authentication data for X11 forwarding.
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Remote: No xauth program; cannot forward with spoofing.
Warning: Remote host denied X11 forwarding.
debug2: fd 3 setting TCP_NODELAY
debug1: Requesting authentication agent forwarding.
debug1: Requesting shell.
debug1: Entering interactive session.
debug2: fd 0 setting O_NONBLOCK
debug1: fd 0 clearing O_NONBLOCK
Last login: Wed Jan 18 07:10:30 2012 from 10.239.62.229

Red Hat Enterprise Linux Server release 5.4 (Tikanga)
[krmahadevan@stage2sc5403 ~]$ exit

@jeroen

Please let me know if you need any further info.

-Krishnan

Hi Krishnan,

Why is you local SSH client forcing the SSHv1 protocol? Have you configured it differently?

Regards,
Jeroen

@jeroen,

I have a config file that is residing within my ".ssh" folder whose contents are as below

All hosts defaults

Host *
Protocol 1,2
FallBackToRsh no
ForwardAgent yes
ForwardX11 yes
PasswordAuthentication yes
RhostsAuthentication no
RhostsRSAAuthentication no
RSAAuthentication yes
NoHostAuthenticationForLocalhost yes
StrictHostKeyChecking no
KeepAlive yes

Would that be the reason behind the SSH Client forcing the SSHv1 protocol ? [ My very first post in this gist does talk about having it]

Could you remove that file, and try to connect again using the ssh command I provided? And send the logs.

@jeroen,

As per your suggestion, I removed the "config" file and retried. However this file cannot be removed from my continuous integration server hosted on a linux box, and that box does have this "config" configuration file.

Here are the logs

LM-MAA-00387425:.ssh krmahadevan$ ssh -v -v -v krmahadevan@stage2sc5403.sc4.com
OpenSSH_5.2p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to stage2sc5403.sc4.com [10.15.24.241] port 22.
debug1: Connection established.
debug1: identity file /Users/krmahadevan/.ssh/identity type 0
debug1: identity file /Users/krmahadevan/.ssh/id_rsa type -1
debug1: identity file /Users/krmahadevan/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 124/256
debug2: bits set: 518/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /Users/krmahadevan/.ssh/known_hosts
debug2: key_type_from_name: unknown key type '2048'
debug3: key_read: missing keytype
debug3: check_host_in_hostfile: filename /etc/ssh_known_hosts
debug3: check_host_in_hostfile: filename /Users/krmahadevan/.ssh/known_hosts
debug2: key_type_from_name: unknown key type '2048'
debug3: key_read: missing keytype
debug3: check_host_in_hostfile: filename /etc/ssh_known_hosts
debug3: check_host_in_hostfile: filename /Users/krmahadevan/.ssh/known_hosts
WARNING: RSA1 key found for host stage2sc5403.sc4.com
in /Users/krmahadevan/.ssh/known_hosts:1
RSA1 key fingerprint bc:0f:e7:87:b5:da:06:19:68:a6:76:38:e1:6b:70:1b.
+--[RSA1 2048]----+
| |
| |
| . |
| ..+ . |
| . *S o |
| . E ..o . |
| + *o .+ . |
| + =..+ |
| . ++. |
+-----------------+

debug3: check_host_in_hostfile: filename /Users/krmahadevan/.ssh/known_hosts2
debug3: check_host_in_hostfile: filename /etc/ssh_known_hosts2
debug3: check_host_in_hostfile: filename /Users/krmahadevan/.ssh/known_hosts
debug2: key_type_from_name: unknown key type '2048'
debug3: key_read: missing keytype
debug3: check_host_in_hostfile: filename /etc/ssh_known_hosts
debug2: no key of type 2 for host stage2sc5403.sc4.com
The authenticity of host 'stage2sc5403.sc4.com (10.15.24.241)' can't be established
but keys of different type are already known for this host.
RSA key fingerprint is ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'stage2sc5403.sc4.com,10.15.24.241' (RSA) to the list of known hosts.
debug2: bits set: 509/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/krmahadevan/.ssh/id_rsa (0x0)
debug2: key: /Users/krmahadevan/.ssh/id_dsa (0x0)
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-with-mic,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/krmahadevan/.ssh/id_rsa
debug3: no such identity: /Users/krmahadevan/.ssh/id_rsa
debug1: Trying private key: /Users/krmahadevan/.ssh/id_dsa
debug3: no such identity: /Users/krmahadevan/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
krmahadevan@stage2sc5403.sc4.com's password:
debug3: packet_send2: adding 48 (len 65 padlen 15 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug2: channel 0: request shell confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Last login: Wed Jan 18 22:03:35 2012 from 10.239.62.173

Red Hat Enterprise Linux Server release 5.4 (Tikanga)
[krmahadevan@stage2sc5403 ~]$

Could you get these same logs from your CI server?

@jeroen,

Here are the logs from the CI server

[:1001]==>ssh -v -v -v coonradt@stage2sc5403.sc4.com
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /x/home/coonradt/.ssh/config
debug1: Applying options for *
debug1: /x/home/coonradt/.ssh/config line 6: Deprecated option "FallBackToRsh"
debug1: /x/home/coonradt/.ssh/config line 10: Deprecated option "RhostsAuthentication"
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to stage2sc5403.sc4.com [10.15.24.241] port 22.
debug1: Connection established.
debug1: identity file /x/home/coonradt/.ssh/identity type 0
debug3: Not a RSA1 key file /x/home/coonradt/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /x/home/coonradt/.ssh/id_rsa type 1
debug3: Not a RSA1 key file /x/home/coonradt/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /x/home/coonradt/.ssh/id_dsa type 2
debug1: loaded 3 keys
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_4.3
debug2: fd 3 setting O_NONBLOCK
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (2048 bits).
debug3: check_host_in_hostfile: filename /x/home/coonradt/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 183
debug3: check_host_in_hostfile: filename /x/home/coonradt/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 183
debug1: Host 'stage2sc5403.sc4.com' is known and matches the RSA1 host key.
debug1: Found key in /x/home/coonradt/.ssh/known_hosts:183
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug2: cipher_init: set keylen (16 -> 32)
debug2: cipher_init: set keylen (16 -> 32)
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying RSA authentication with key '/x/home/coonradt/.ssh/identity'
debug1: Received RSA challenge from server.
debug1: Sending response to host key RSA challenge.
debug1: Remote: RSA authentication accepted.
debug1: RSA authentication accepted by server.
debug1: Requesting pty.
debug3: tty_make_modes: ospeed 9600
debug3: tty_make_modes: ispeed 9600
debug3: tty_make_modes: 1 3
debug3: tty_make_modes: 2 28
debug3: tty_make_modes: 3 127
debug3: tty_make_modes: 4 21
debug3: tty_make_modes: 5 4
debug3: tty_make_modes: 6 0
debug3: tty_make_modes: 7 0
debug3: tty_make_modes: 8 17
debug3: tty_make_modes: 9 19
debug3: tty_make_modes: 10 26
debug3: tty_make_modes: 12 18
debug3: tty_make_modes: 13 23
debug3: tty_make_modes: 14 22
debug3: tty_make_modes: 18 15
debug3: tty_make_modes: 30 0
debug3: tty_make_modes: 31 0
debug3: tty_make_modes: 32 0
debug3: tty_make_modes: 33 0
debug3: tty_make_modes: 34 0
debug3: tty_make_modes: 35 0
debug3: tty_make_modes: 36 1
debug3: tty_make_modes: 37 0
debug3: tty_make_modes: 38 1
debug3: tty_make_modes: 39 1
debug3: tty_make_modes: 40 0
debug3: tty_make_modes: 41 1
debug3: tty_make_modes: 50 1
debug3: tty_make_modes: 51 1
debug3: tty_make_modes: 52 0
debug3: tty_make_modes: 53 1
debug3: tty_make_modes: 54 1
debug3: tty_make_modes: 55 0
debug3: tty_make_modes: 56 0
debug3: tty_make_modes: 57 0
debug3: tty_make_modes: 58 0
debug3: tty_make_modes: 59 1
debug3: tty_make_modes: 60 1
debug3: tty_make_modes: 61 1
debug3: tty_make_modes: 62 1
debug3: tty_make_modes: 70 1
debug3: tty_make_modes: 71 0
debug3: tty_make_modes: 72 1
debug3: tty_make_modes: 73 0
debug3: tty_make_modes: 74 0
debug3: tty_make_modes: 75 0
debug3: tty_make_modes: 90 1
debug3: tty_make_modes: 91 1
debug3: tty_make_modes: 92 0
debug3: tty_make_modes: 93 0
debug2: fd 3 setting TCP_NODELAY
debug1: Requesting shell.
debug1: Entering interactive session.
debug2: fd 0 setting O_NONBLOCK
debug1: fd 0 clearing O_NONBLOCK
Last login: Mon Oct 24 16:59:19 2011 from 10.244.44.71
Red Hat Enterprise Linux Server release 5.4 (Tikanga)
-bash2-3.2$

Jeroen,

Please let me know incase you require any further information from me on this.

Hi Krishan,

I know enough, somehow the SSH client on your CI machine is forcing SSHv1. However SSHv1 support is not yet built, and far as I know this is not supported in any of the open source SSH libraries. If you can find one, I'd be very grateful and will have an easier time building it in in SSHJ. For now I will continue on implementing SSHv1 support.

Regards,
Jeroen

Jeroen, I found this : http://quietcoffee.sourceforge.net/ They claim to support sshv1 and sshv2 protocol. And then I found this : http://www.pitman.co.za/projects/jssh/index.html I wasnt able to get this to build though because of some weird error. Just thought of keeping you in the loop about what I found. I also learnt that both ganymed and JSch support only sshv2 alone and they dont support sshv1. On the commercial products side, I found that Java SSH supports both the versions of ssh (http://www.javassh.com/products/j2ssh-maverick) but this is commercial and I need to buy licenses for making use of this. Hope that is of some use. Thanks & Regards Krishnan Mahadevan "All the desirable things in life are either illegal, expensive, fattening or in love with someone else!"

…

On Thu, Jan 19, 2012 at 7:53 PM, Jeroen van Erp < ***@***.*** > wrote: Hi Krishan, I know enough, somehow the SSH client on your CI machine is forcing SSHv1. However SSHv1 support is not yet built, and far as I know this is not supported in any of the open source SSH libraries. If you can find one, I'd be very grateful and will have an easier time building it in in SSHJ. For now I will continue on implementing SSHv1 support. Regards, Jeroen --- Reply to this email directly or view it on GitHub: https://gist.github.com/1321719