Open 0312birdzhang opened 4 years ago
在要登录的主机上可以看到登录成功了
Oct 19 15:58:52 mytesthost sshd[29138]: Connection from 192.168.2.33 port 23736
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: Client protocol version 2.0; client software version JSCH-0.1.54
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: no match: JSCH-0.1.54
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: Enabling compatibility mode for protocol 2.0
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: Local version string SSH-2.0-OpenSSH_5.3
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: permanently_set_uid: 74/74
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: list_hostkey_types: ssh-rsa,ssh-dss
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: SSH2_MSG_KEXINIT sent
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: SSH2_MSG_KEXINIT received
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: kex: client->server aes128-ctr hmac-md5 none
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: kex: server->client aes128-ctr hmac-md5 none
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: expecting SSH2_MSG_KEXDH_INIT
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: SSH2_MSG_NEWKEYS sent
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: expecting SSH2_MSG_NEWKEYS
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: SSH2_MSG_NEWKEYS received
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: KEX done
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: userauth-request for user testuser service ssh-connection method none
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: attempt 0 failures 0
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: PAM: initializing for "testuser"
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: userauth-request for user testuser service ssh-connection method gssapi-with-mic
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: attempt 1 failures 0
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: PAM: setting PAM_RHOST to "192.168.2.33"
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: PAM: setting PAM_TTY to "ssh"
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: Unspecified GSS failure. Minor code may provide more information\nKey table file '/etc/krb5.keytab' not found\n
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: userauth-request for user testuser service ssh-connection method password
Oct 19 15:58:52 mytesthost sshd[29139]: debug1: attempt 2 failures 0
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: PAM: password authentication accepted for testuser
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: do_pam_account: called
Oct 19 15:58:52 mytesthost sshd[29138]: Accepted password for testuser from 192.168.2.33 port 23736 ssh2
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: monitor_child_preauth: testuser has been authenticated by privileged process
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: temporarily_use_uid: 805/100 (e=0/0)
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: restore_uid: 0/0
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: SELinux support disabled
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: PAM: establishing credentials
Oct 19 15:58:52 mytesthost sshd[29138]: pam_unix(sshd:session): session opened for user testuser by (uid=0)
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: temporarily_use_uid: 805/100 (e=0/0)
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: restore_uid: 0/0
Oct 19 15:58:52 mytesthost sshd[29138]: User child is on pid 29141
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: PAM: establishing credentials
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: permanently_set_uid: 805/100
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: Entering interactive session for SSH2.
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: server_init_dispatch_20
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: server_input_channel_open: ctype session rchan 1 win 1048576 max 16384
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: input_session_request
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: channel 0: new [server-session]
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: session_new: session 0
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: session_open: channel 0
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: session_open: session 0: link with channel 0
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: server_input_channel_open: confirm session
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: server_input_channel_req: channel 0 request pty-req reply 0
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: session_by_channel: session 0 channel 0
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: session_input_channel_req: session 0 req pty-req
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: Allocating pty.
Oct 19 15:58:52 mytesthost sshd[29138]: debug1: session_new: session 0
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: session_pty_req: session 0 alloc /dev/pts/3
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: server_input_channel_req: channel 0 request env reply 0
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: session_by_channel: session 0 channel 0
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: session_input_channel_req: session 0 req env
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: server_input_channel_req: channel 0 request shell reply 0
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: session_by_channel: session 0 channel 0
Oct 19 15:58:52 mytesthost sshd[29141]: debug1: session_input_channel_req: session 0 req shell
Oct 19 15:58:52 mytesthost sshd[29142]: debug1: Setting controlling tty using TIOCSCTTY.
I can't speak chinese so I write comment with english.
Server Side Check Point:
1. Check Message Receive
Check dev/websocket/WSSecureShell class.
onMessageFromClient() method is handling messages from the client.
2. Check Message Write
Check dev/util/ssh/SecureShellWsWriterSecure or SecureShellWsWriter class.
JSch ChannelShell calls write() method of above class.
In write() method,
ws.getBasicRemote().sendText(
String.format(
"{\"method\":\"data\",\"params\":{\"isSecured\":true,\"data\":{\"iv\":\"%s\",\"cipherData\":\"%s\",\"encoding\":\"base64\"}}}",
ivPartBase64,
encPartBase64
)
);
this code is a part of writing message to client.
Client Side Check Point:
1. Check Message Write
Check connectWebsocketWithTerminal() function in WebContent/js/terminal.js (line:281)
As you know, chrome-like browser will show you in/out messages of websocket through developer tools.
2. Check Message Receive
Once websocket received the message, wsHandleMessage() function in WebContent/js/terminal.js (line:253) will be called.
"ev.data" is a raw text message from the server.
Sorry for use chinese. Thank you very much, i will feedback when i resolve it.
"Fixed" by disable encrypt when using http protocol, it's weird.
I wonder have you checked server's character encoding.
I found out that some codes are hardcoded which I assume that server's character encoding set to be utf-8.
I tried to set character encoding to utf-8 when connecting to the server. (Java side)
In dev/websocket/WSSecureShell.java, onOpenWebsocket() method, the implementation guesses server's character encoding and store it to shEncOpt
variable.
Please check a value of shEncOpt
that is correct encoding string. ( or you can just simply set shEncOpt
value as "en_US.UTF-8" for a quick test. )
If your problem is not from a character encoding problem, you have to figure out where is the problem manually by debugging.
For example, (encrypt mode)
dev/websocket/WSSecureShell: onMessageFromClient()
method be called.
Print msg
and confirm a value of the msg
is same as you expected.
Check dev/jsonrpc/params/ParamOnData: getBytes(key)
method, which decrypts cipher successfully.
You can check byte array directly or encode it to UTF-8 string and print it to log window.
( ex> before return, System.out.printnln( new String( decryptData, StandardCharsets.UTF_8 ) );
)dev/util/ssh/SecureShellWsWriterSecure: write()
method that input byte array is utf-8 encoded string bytes.
Note that CryptoJS library encode string as utf-8 after decrypt cipher text. So, byte array data, which has to be encrypted, must be utf-8 encoded string bytes.I'm sorry that this is all I can do to help you. I wish your problem will be solved.
Thank you
如图所示,客户端发送消息后服务端只回复了一个
{"id":1,"result":"Success"}
,然后就没有然后了请问有什么方法可以调试吗?