Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
274 views
in Technique[技术] by (71.8m points)

java - JSch 0.1.53 session.connect() throws "End of IO Stream Read"

I downloaded a new JSch 0.1.53 library and JSch (sftp) download task no longer works. This release fails on session.connect() function throwing an error Session.connect: java.io.IOException: End of IO Stream Read.

My old jsch.jar(2011-10-06) works fine to the same host, maybe I am missing a new config props?

Session session=null;
ChannelSftp channel=null;
try {
    JSch.setLogger(SSHUtil.createJschLogger());

    JSch jsch=new JSch();
    session=jsch.getSession("myuser", "11.22.33.44", 22);
    session.setConfig("StrictHostKeyChecking", "no"); 
    session.setPassword("mypwd");
    session.connect(2000); // <-- FAILS HERE
    channel = (ChannelSftp)session.openChannel("sftp");
    channel.connect(2000);
    ...

This is an extensive JSch logging indicating whats going on.

INFO : Connecting to 11.22.33.44 port 22
INFO : Connection established
INFO : Remote version string: SSH-2.0-OpenSSH_6.6.1
INFO : Local version string: SSH-2.0-JSCH-0.1.53
INFO : CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO : aes256-ctr is not available.
INFO : aes192-ctr is not available.
INFO : aes256-cbc is not available.
INFO : aes192-cbc is not available.
INFO : CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO : diffie-hellman-group14-sha1 is not available.
INFO : ecdh-sha2-nistp256 is not available.
INFO : ecdh-sha2-nistp384 is not available.
INFO : ecdh-sha2-nistp521 is not available.
INFO : CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO : ecdsa-sha2-nistp256 is not available.
INFO : ecdsa-sha2-nistp384 is not available.
INFO : ecdsa-sha2-nistp521 is not available.
INFO : SSH_MSG_KEXINIT sent
INFO : SSH_MSG_KEXINIT received
INFO : kex: server: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
INFO : kex: server: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
INFO : kex: server: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
INFO : kex: server: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
INFO : kex: server: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
INFO : kex: server: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
INFO : kex: server: none,[email protected]
INFO : kex: server: none,[email protected]
INFO : kex: server:
INFO : kex: server:
INFO : kex: client: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
INFO : kex: client: ssh-rsa,ssh-dss
INFO : kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO : kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO : kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO : kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO : kex: client: none
INFO : kex: client: none
INFO : kex: client:
INFO : kex: client:
INFO : kex: server->client aes128-ctr hmac-md5 none
INFO : kex: client->server aes128-ctr hmac-md5 none
INFO : SSH_MSG_KEX_DH_GEX_REQUEST(1024<1024<1024) sent
INFO : expecting SSH_MSG_KEX_DH_GEX_GROUP
INFO : Disconnecting from 11.22.33.44 port 22
Exception in thread "main" com.jcraft.jsch.JSchException: Session.connect: java.io.IOException: End of IO Stream Read
        at com.jcraft.jsch.Session.connect(Session.java:558)
        at com.jcraft.jsch.Session.connect(Session.java:183)
        at my.test.DownloadSFTP.main(DownloadSFTP.java:37)
Caused by: java.io.IOException: End of IO Stream Read
        at com.jcraft.jsch.IO.getByte(IO.java:84)
        at com.jcraft.jsch.Session.read(Session.java:918)
        at com.jcraft.jsch.Session.connect(Session.java:323)

I have also a very old Jsch.jar (2011-10-06) where download task works fine, this is a log. A Reason I wanted to upgrade is this very slow transferring files. New release should do things better I have read.

INFO : Connecting to 11.22.33.44 port 22
INFO : Connection established
INFO : Remote version string: SSH-2.0-OpenSSH_6.6.1
INFO : Local version string: SSH-2.0-JSCH-0.1.44
INFO : CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO : aes256-ctr is not available.
INFO : aes192-ctr is not available.
INFO : aes256-cbc is not available.
INFO : aes192-cbc is not available.
INFO : arcfour256 is not available.
INFO : SSH_MSG_KEXINIT sent
INFO : SSH_MSG_KEXINIT received
INFO : kex: server->client aes128-ctr hmac-md5 none
INFO : kex: client->server aes128-ctr hmac-md5 none
INFO : SSH_MSG_KEXDH_INIT sent
INFO : expecting SSH_MSG_KEXDH_REPLY
INFO : ssh_rsa_verify: signature true
WARN : Permanently added '11.22.33.44' (RSA) to the list of known hosts.
INFO : SSH_MSG_NEWKEYS sent
INFO : SSH_MSG_NEWKEYS received
INFO : SSH_MSG_SERVICE_REQUEST sent
INFO : SSH_MSG_SERVICE_ACCEPT received
INFO : Authentications that can continue: publickey,keyboard-interactive,password
INFO : Next authentication method: publickey
INFO : Authentications that can continue: keyboard-interactive,password
INFO : Next authentication method: keyboard-interactive
INFO : Authentication succeeded (keyboard-interactive).
INFO : Disconnecting from 11.22.33.44 port 22
INFO : Caught an exception, leaving main loop due to socket closed

EDIT I had an idea to backstep releases in a Maven repository and actually it is this very new release not working properly. Previous jsch-0.1.52.jar release works fine. I try to contact library developers.

This is a log from a working 0.1.52 release.

INFO : Connecting to 11.22.33.44 port 22
INFO : Connection established
INFO : Remote version string: SSH-2.0-OpenSSH_6.6.1
INFO : Local version string: SSH-2.0-JSCH-0.1.52
INFO : CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
INFO : aes256-ctr is not available.
INFO : aes192-ctr is not available.
INFO : aes256-cbc is not available.
INFO : aes192-cbc is not available.
INFO : CheckKexes: diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
INFO : diffie-hellman-group14-sha1 is not available.
INFO : ecdh-sha2-nistp256 is not available.
INFO : ecdh-sha2-nistp384 is not available.
INFO : ecdh-sha2-nistp521 is not available.
INFO : CheckSignatures: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
INFO : ecdsa-sha2-nistp256 is not available.
INFO : ecdsa-sha2-nistp384 is not available.
INFO : ecdsa-sha2-nistp521 is not available.
INFO : SSH_MSG_KEXINIT sent
INFO : SSH_MSG_KEXINIT received
INFO : kex: server: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
INFO : kex: server: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
INFO : kex: server: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
INFO : kex: server: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
INFO : kex: server: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
INFO : kex: server: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
INFO : kex: server: none,[email protected]
INFO : kex: server: none,[email protected]
INFO : kex: server:
INFO : kex: server:
INFO : kex: client: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
INFO : kex: client: ssh-rsa,ssh-dss
INFO : kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO : kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
INFO : kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO : kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
INFO : kex: client: none
INFO : kex: client: none
INFO : kex: client:
INFO : kex: client:
INFO : kex: server->client aes128-ctr hmac-md5 none
INFO : kex: client->server aes128-ctr hmac-md5 none
INFO : SSH_MSG_KEXDH_INIT sent
INFO : expecting SSH_MSG_KEXDH_REPLY
INFO : ssh_rsa_verify: signature true
WARN : Permanently added '11.22.33.44' (RSA) to the list of known hosts.
INFO : SSH_MSG_NEWKEYS sent
INFO : SSH_MSG_NEWKEYS received
INFO : SSH_MSG_SERVICE_REQUEST sent
INFO : SSH_MSG_SERVICE_ACCEPT received
INFO : Authentications that can continue: publickey,keyboard-interactive,password
INFO : Next authentication method: publickey
INFO : Authentications that can continue: keyboard-interactive,password
INFO : Next authentication method: keyboard-interactive
INFO : Authentication succeeded (keyboard-interactive).
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

The JSch 0.1.53 supports (and prefers) the diffie-hellman-group-exchange-sha256 KEX, what the server claims to support too, so the JSch tries to use it.

For some reason the server disconnects you afterwards.

To workaround that, force the JSch to use the diffie-hellman-group1-sha1 KEX, what the JSch 0.1.52 prefers:

session.setConfig("kex", "diffie-hellman-group1-sha1"); 

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...