7

I'm using JGit in scala to access a remote Git repo, and I need to use SSH for authentication. JGit uses JSch to provide secure access.

I followed this tutorial : http://www.codeaffine.com/2014/12/09/jgit-authentication/

However, i have always, an ,com.jcraft.jsch.JSchException: Auth fail

my method is:

def sshCloneRemoteRepository() = {

// 1 / Override SSH configuration with JschConfigSessionFactory
val sshSessionFactory: SshSessionFactory  = new JschConfigSessionFactory() {

  override protected def createDefaultJSch(fs: FS): JSch = {
    val defaultJSch = super.createDefaultJSch(fs)
    defaultJSch.removeAllIdentity()
    defaultJSch.addIdentity(new File("/home/xw/.ssh/id_rsa").getAbsolutePath)
    defaultJSch.setKnownHosts("/home/xw/.ssh/known_hosts")
    val configRepository:ConfigRepository = com.jcraft.jsch.OpenSSHConfig.parseFile("/home/xw/.ssh/config")
    defaultJSch.setConfigRepository(configRepository)
    defaultJSch
  }

  override protected def configure(host:OpenSshConfig.Host, session:Session ) {
    // This still checks existing host keys and will disable "unsafe" authentication mechanisms
    // if the hostkey doesn't match.
    session.setConfig("StrictHostKeyChecking", "no")
  }
}

// 2 / Preparing cloneCommand
val cloneCommand: CloneCommand = Git.cloneRepository()
cloneCommand.setURI(sshOriginRepositoryPath)
cloneCommand.setDirectory(localRepository)
cloneCommand.setRemote(originBranch)
cloneCommand.setTransportConfigCallback( new TransportConfigCallback() {
  override def configure(transport:Transport ) {
    val sshTransport:SshTransport = transport match {
      case t:SshTransport => t
      case _ => throw new ClassCastException("Variable of type Transport cannot be cast to the SshTransport")
    }
    sshTransport.setSshSessionFactory(sshSessionFactory)
  }

})

but I have always, this exception: 

org.eclipse.jgit.api.errors.TransportException: ssh://git@vod.canal-bis.com:22/edt/json-edito.git: Auth fail
    at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:139) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    at org.eclipse.jgit.api.CloneCommand.fetch(CloneCommand.java:193) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    at org.eclipse.jgit.api.CloneCommand.call(CloneCommand.java:133) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    at fr.canal.face.services.TGitServicee$class.sshCloneRemoteRepository(GitServicee.scala:109) ~[classes/:na]
    at fr.canal.face.services.GitServicee$.sshCloneRemoteRepository(GitServicee.scala:22) [classes/:na]
    at fr.canal.face.biz.actors.EditoPullerActor.cloneOrPull(EditoPullerActor.scala:50) [classes/:na]
    at fr.canal.face.biz.actors.EditoPullerActor$$anonfun$receive$1.applyOrElse(EditoPullerActor.scala:34) [classes/:na]
    at akka.actor.Actor$class.aroundReceive(Actor.scala:465) [akka-actor_2.11-2.3.6.jar:na]
    at fr.canal.face.biz.actors.EditoPullerActor.aroundReceive(EditoPullerActor.scala:22) [classes/:na]
    at akka.actor.ActorCell.receiveMessage(ActorCell.scala:516) [akka-actor_2.11-2.3.6.jar:na]
    at akka.actor.ActorCell.invoke(ActorCell.scala:487) [akka-actor_2.11-2.3.6.jar:na]
    at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:238) [akka-actor_2.11-2.3.6.jar:na]
    at akka.dispatch.Mailbox.run(Mailbox.scala:220) [akka-actor_2.11-2.3.6.jar:na]
    at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(AbstractDispatcher.scala:393) [akka-actor_2.11-2.3.6.jar:na]
    at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) [scala-library-2.11.2.jar:na]
    at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) [scala-library-2.11.2.jar:na]
    at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) [scala-library-2.11.2.jar:na]
    at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) [scala-library-2.11.2.jar:na]
Caused by: org.eclipse.jgit.errors.TransportException: ssh://git@vod.canal-bis.com:22/edt/json-edito.git: Auth fail
    at org.eclipse.jgit.transport.JschConfigSessionFactory.getSession(JschConfigSessionFactory.java:159) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    at org.eclipse.jgit.transport.SshTransport.getSession(SshTransport.java:136) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:262) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    at org.eclipse.jgit.transport.TransportGitSsh.openFetch(TransportGitSsh.java:161) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    at org.eclipse.jgit.transport.FetchProcess.executeImp(FetchProcess.java:136) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    at org.eclipse.jgit.transport.FetchProcess.execute(FetchProcess.java:122) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    at org.eclipse.jgit.transport.Transport.fetch(Transport.java:1138) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:130) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    ... 17 common frames omitted
Caused by: com.jcraft.jsch.JSchException: Auth fail
    at com.jcraft.jsch.Session.connect(Session.java:512) ~[jsch-0.1.50.jar:na]
    at org.eclipse.jgit.transport.JschConfigSessionFactory.getSession(JschConfigSessionFactory.java:116) ~[org.eclipse.jgit-3.7.0.201502260915-r.jar:3.7.0.201502260915-r]
    ... 24 common frames omitted
Rüdiger Herrmann
  • 20,512
  • 11
  • 62
  • 79
Houssem Ben Slama
  • 111
  • 1
  • 1
  • 4
  • 1
    What have you tried so far (please amend the question)? Can you clone with native Git? Have you tried a minimal configuration i.e. without the extra code in `createDefaultJSch`? What is the orphan `defaultJSch` used for? – Rüdiger Herrmann Oct 29 '15 at 11:55
  • i tried a simple implementation without createDefaultJSch, but i have the same exception, always, .. – Houssem Ben Slama Oct 29 '15 at 12:43
  • 1
    What about native Git (see above)? Can you authenticate with the remote URL at all? – Rüdiger Herrmann Oct 29 '15 at 13:23
  • yes of course, when i tried, git clone ssh://git@vod.canal-bis.com:22/edt/json-edito.git, with command line, i get a sucess result, – Houssem Ben Slama Oct 29 '15 at 13:28
  • 1
    Did you try to strip down the ssh configuration files to contain only the bare neccessary? I vaguely remember that JGit cannot understand all of the native ssh config files. In doubt post the contents of `/home/xw/.ssh/config`. Maybe someone can spot the mistake. – Rüdiger Herrmann Oct 29 '15 at 15:51
  • I tried, but always, the same exception, but, when i print the host, user and port params of session, i got "null" for the 3 params, ( in the overriden configue method on new JschConfigSessionFactory() { .. – Houssem Ben Slama Oct 29 '15 at 17:10

3 Answers3

4

I Solved my problem, the code is fine, but the Auth fail problem is caused by my proxy configuration that i have in my .ssh/config file ( My machine => Amazon AWS Machine => Stach Git Server ) , So the code in this tutorial : http://www.codeaffine.com/2014/12/09/jgit-authentication/ word fine, thanks Rudiger

Houssem Ben Slama
  • 111
  • 1
  • 1
  • 4
4

try generated a new key use ssh-keygen -t rsa -m PEM for the default key

Kai
  • 679
  • 9
  • 11
0

You can also do this

override protected def createDefaultJSch(fs: FS): JSch = {
....
session.setConfig("StrictHostKeyChecking", "no") //instead of configure()
....
defaultJSch
}

instead of configure function and this should work.

Shash
  • 11
  • 3