search

mwiede / jsch

fork of the popular jsch library
Other
664 stars 124 forks source link

Exception During Authentication - IOException: End of IO Stream Read #499

Closed austinarbor-wk closed 4 months ago

austinarbor-wk commented 4 months ago

One of our users is getting the below logs when trying to connect to their sftp server. They are using a username, private key, and private key password. I've been racking my brain trying to reproduce and/or figure out what's causing this, but unfortunately have not had any luck yet. Do you have any ideas what could be causing this?

I've asked for the server-side logs but haven't been able to able to get them yet.

I saw in some other issues that putting ssh-rsa before rsa-sha2-512 and rsa-sha2-256 might be needed sometimes? Do you think that could be the case here?

2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | Connecting to <destination> port 22
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | Connection established
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | Remote version string: SSH-2.0-Axway.Gateway
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | Local version string: SSH-2.0-JSCH_0.2.16
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | CheckCiphers: chacha20-poly1305@openssh.com
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | CheckKexes: sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | CheckSignatures: ssh-ed25519,ssh-ed448
2024-02-06 10:34:37 | DEBUG | com.jcraft.jsch.JSch | server_host_key proposal before known_host reordering is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
2024-02-06 10:34:37 | DEBUG | com.jcraft.jsch.JSch | server_host_key proposal after known_host reordering is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | SSH_MSG_KEXINIT sent
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | SSH_MSG_KEXINIT received
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | server proposal: KEX algorithms: diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | server proposal: host key algorithms: ssh-rsa
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | server proposal: ciphers c2s: aes256-cbc,aes128-cbc,aes256-ctr,aes128-ctr
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | server proposal: ciphers s2c: aes256-cbc,aes128-cbc,aes256-ctr,aes128-ctr
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | server proposal: MACs c2s: hmac-sha1,hmac-sha2-256
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | server proposal: MACs s2c: hmac-sha1,hmac-sha2-256
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | server proposal: compression c2s: none
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | server proposal: compression s2c: none
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | server proposal: languages c2s: 
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | server proposal: languages s2c: 
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | client proposal: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,ext-info-c,kex-strict-c-v00@openssh.com
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | client proposal: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | client proposal: ciphers c2s: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,blowfish-cbc,3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,3des-ctr,aes256-ctc,arcfour,arcfour128,arcfour256
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | client proposal: ciphers s2c: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,blowfish-cbc,3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,3des-ctr,aes256-ctc,arcfour,arcfour128,arcfour256
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | client proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-md5-96,hmac-sha1-96
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | client proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-md5-96,hmac-sha1-96
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | client proposal: compression c2s: none
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | client proposal: compression s2c: none
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | client proposal: languages c2s: 
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | client proposal: languages s2c: 
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | kex: algorithm: ecdh-sha2-nistp256
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | kex: host key algorithm: ssh-rsa
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | SSH_MSG_KEX_ECDH_INIT sent
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | expecting SSH_MSG_KEX_ECDH_REPLY
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | ssh_rsa_verify: ssh-rsa signature true
2024-02-06 10:34:37 | WARN  | com.jcraft.jsch.JSch | Permanently added '<destination>' (RSA) to the list of known hosts.
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | SSH_MSG_NEWKEYS sent
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | SSH_MSG_NEWKEYS received
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | SSH_MSG_SERVICE_REQUEST sent
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | SSH_MSG_SERVICE_ACCEPT received
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | Authentications that can continue: publickey,keyboard-interactive,password
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | Next authentication method: publickey
2024-02-06 10:34:37 | DEBUG | com.jcraft.jsch.JSch | PubkeyAcceptedAlgorithms = ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
2024-02-06 10:34:37 | DEBUG | com.jcraft.jsch.JSch | No server-sig-algs found, using PubkeyAcceptedAlgorithms = [ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256, ssh-rsa, ssh-dss]
2024-02-06 10:34:37 | WARN  | com.jcraft.jsch.JSch | an exception during authentication 
java.io.IOException: End of IO Stream Read
2024-02-06 10:34:37 | INFO  | com.jcraft.jsch.JSch | Disconnecting from <destination> port 22

com.jcraft.jsch.JSchException: Auth fail for methods 'publickey,password'
norrisjeremy commented 4 months ago

Hi @austinarbor-wk,

Yes, I suspect this server doesn't correctly support RSA/SHA-2 and it is failing when JSch attempts RSA/SHA-2 based authentication. So you either will want to remove the RSA/SHA-2 algorithms (rsa-sha2-512 & rsa-sha2-256) from the PubkeyAcceptedAlgorithms config setting, or make sure RSA/SHA-1 (ssh-rsa) has a higher priority by appearing earlier in the comma delimited list for the PubkeyAcceptedAlgorithms config setting.

Thanks, Jeremy

austinarbor-wk commented 4 months ago

@norrisjeremy thanks for your quick response! We use a generalized "works-for-everyone" config and the same code is also used for servers which do support rsa-sha2-512 and rsa-sha2-256 and we don't know ahead of time what the server will support. Do you think moving ssh-rsa ahead in the priority list will make those no longer work, or should it essentially be a no-op?

norrisjeremy commented 4 months ago

Hi @austinarbor-wk,

If the other types of servers you connect to support both RSA/SHA-2 and RSA/SHA-1, by prioritizing RSA/SHA-1 in the list, you will coercing JSch into performing insecure authentication with these servers (since RSA/SHA-1 is generally considered cryptographically insecure). Ultimately this will be a judgement call that only you can make, since only you better the nature of your application, the type servers you are connecting to, etc., and not us.

Thanks, Jeremy

austinarbor-wk commented 4 months ago

@norrisjeremy thanks for the info, appreciate the quick responses!

austinarbor-wk commented 4 months ago

confirming that moving ssh-rsa in front of the other rsa algorithms resolved the exception