Jsch : End of IO Stream Read

Question

I'm using Jsch to create an ssh connection between my app and a service, this service has authentication that must be passed along with the connection tunnel, so a used ssh the following way:

Session session = jsch.getSession("user_name", "service_url.com", 1443);
Properties config = new Properties();

config.put("kex", "diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1");
//config.put("kex", "diffie-hellman-group-exchange-sha256"); //tried this individually also 
//config.put("kex", "diffie-hellman-group1-sha1"); //tried this individually also
config.put("StrictHostKeyChecking", "no");

session.setConfig(config);
session.setPassword("abc123");
try{
    session.connect(5000); // Exception raises here
}catch(JSchException hs){
    hs.printStackTrace(); // Exception caught here
}

but when reaching session.connect() I'm getting the following exception even before waiting for the 5000 ms mentioned in the connect() method:

com.jcraft.jsch.JSchException: Session.connect: java.io.IOException: End of IO Stream Read
    at com.jcraft.jsch.Session.connect(Session.java:558)
    at com.example.updaterjschtest.MainActivity$1$1.run(MainActivity.java:132)
    at java.lang.Thread.run(Thread.java:818)

Worth to mention that I came across this question and this question but the answers didn't help.

using putty:

Putty log:

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2016.07.28 14:02:35 =~=~=~=~=~=~=~=~=~=~=~=
Event Log: Writing new session log (SSH packets mode) to file: D:\MCS\MCS Tools\putty\putty.log
Event Log: Looking up host "update.solaceautomation.com"
Event Log: Connecting to 192.168.46.2 port 1443
Event Log: Server version: SSH-2.0-SOLACE_CLOUD_SERVICE
Event Log: We claim version: SSH-2.0-PuTTY_Release_0.60
Outgoing packet type 20 / 0x14 (SSH2_MSG_KEXINIT)

 .
 .
  00000250  00 00 00 00 00 00 00 00                          ........
Event Log: Using SSH protocol version 2
Incoming packet type 20 / 0x14 (SSH2_MSG_KEXINIT)
 .
 .
   00000250  00 00 00 00 00 00 00 00                          ........

Event Log: Doing Diffie-Hellman key exchange with hash SHA-1
Outgoing packet type 32 / 0x20 (SSH2_MSG_KEX_DH_GEX_INIT)

.
.
  00000250  00 00 00 00 00 00 00 00                          ........

Incoming packet type 33 / 0x21 (SSH2_MSG_KEX_DH_GEX_REPLY)
.
.
   00000250  00 00 00 00 00 00 00 00                          ........

Event Log: Host key fingerprint is:
Event Log: ssh-rsa 1024 bd:11:03:96:68:b5:c6:34:41:19:a3:fa:41:46:a7:52
Outgoing packet type 21 / 0x15 (SSH2_MSG_NEWKEYS)
Event Log: Initialised AES-256 SDCTR client->server encryption
Event Log: Initialised HMAC-SHA1 client->server MAC algorithm
Incoming packet type 21 / 0x15 (SSH2_MSG_NEWKEYS)
Event Log: Initialised AES-256 SDCTR server->client encryption
Event Log: Initialised HMAC-SHA1 server->client MAC algorithm
Outgoing packet type 5 / 0x05 (SSH2_MSG_SERVICE_REQUEST)
  00000000  00 00 00 0c 73 73 68 2d 75 73 65 72 61 75 74 68  ....ssh-userauth
Incoming packet type 6 / 0x06 (SSH2_MSG_SERVICE_ACCEPT)
  00000000  00 00 00 0c 73 73 68 2d 75 73 65 72 61 75 74 68  ....ssh-userauth
Outgoing packet type 50 / 0x32 (SSH2_MSG_USERAUTH_REQUEST)
  .
  .
  00000030  74 69 6f 6e 00 00 00 04 6e 6f 6e 65              tion....none
Incoming packet type 51 / 0x33 (SSH2_MSG_USERAUTH_FAILURE)
  00000000  00 00 00 08 70 61 73 73 77 6f 72 64 00           ....password.
Outgoing packet type 50 / 0x32 (SSH2_MSG_USERAUTH_REQUEST)
 .
 .
  00000040  00 XX XX XX XX XX XX XX XX XX XX                 .XXXXXXXXXX
Outgoing packet type 2 / 0x02 (SSH2_MSG_IGNORE)
  .
  .
  00000090  61 de 51 94                                      a.Q.
Event Log: Sent password
Incoming packet type 52 / 0x34 (SSH2_MSG_USERAUTH_SUCCESS)
Event Log: Access granted
Outgoing packet type 90 / 0x5a (SSH2_MSG_CHANNEL_OPEN)
  00000000  00 00 00 07 73 65 73 73 69 6f 6e 00 00 01 00 00  ....session.....
  00000010  00 40 00 00 00 40 00                             .@...@.
Incoming packet type 91 / 0x5b (SSH2_MSG_CHANNEL_OPEN_CONFIRMATION)
  00000000  00 00 01 00 00 00 00 00 00 00 40 00 00 00 40 00  ..........@...@.
Event Log: Opened channel for session
Outgoing packet type 98 / 0x62 (SSH2_MSG_CHANNEL_REQUEST)
  00000000  00 00 00 00 00 00 00 07 70 74 79 2d 72 65 71 01  ........pty-req.
  00000010  00 00 00 05 78 74 65 72 6d 00 00 00 50 00 00 00  ....xterm...P...
  00000020  18 00 00 00 00 00 00 00 00 00 00 00 10 03 00 00  ................
  00000030  00 7f 80 00 00 96 00 81 00 00 96 00 00           .............
Incoming packet type 99 / 0x63 (SSH2_MSG_CHANNEL_SUCCESS)
  00000000  00 00 01 00                                      ....
Event Log: Allocated pty (ospeed 38400bps, ispeed 38400bps)
Outgoing packet type 98 / 0x62 (SSH2_MSG_CHANNEL_REQUEST)
  00000000  00 00 00 00 00 00 00 05 73 68 65 6c 6c 01        ........shell.
Incoming packet type 99 / 0x63 (SSH2_MSG_CHANNEL_SUCCESS)
  00000000  00 00 01 00                                      ....
Event Log: Started a shell/command

1) Can you SSH to the `service_url.com:1443` with some standalone SSH client (e.g. PuTTY)? 2) What do you mean by *"connection tunnel"*? — Martin Prikryl, Jul 28 '16 at 11:21
@MartinPrikryl I can't use putty as the service allow only authentication along with connecting, and it doesn't allow keyboard authentication, if you can suggest me a tool that I can send the authentication info along with the url and port data it would be great. — Muhammed Refaat, Jul 28 '16 at 11:24
What is *"sending authentication info along with the url and port data"*? — Martin Prikryl, Jul 28 '16 at 11:37
@MartinPrikryl like I'm doing here, providing user_name and password along with the session info like url and port, but with putty, I'm providing the url & port and connect to them, then it asks me to input the login data, and the service doesn't support this way. — Muhammed Refaat, Jul 28 '16 at 11:39
That's nonsense. The password you provide in JSch is used by the library only after the server asks for it. The same as with PuTTY. Once the server asks for a password, PuTTY will prompt you for a one and send it to the server. There's no difference between JSch and PuTTY in this respect. — Martin Prikryl, Jul 28 '16 at 11:44
@MartinPrikryl if it's like you are saying, I think this could be my problem, as the server opens the connection only if the seeking client sends the authentication data along with it, I have to check that in the server and if possible, change this. — Muhammed Refaat, Jul 28 '16 at 11:47
That's nonsense too. You cannot *"send authentication data while connecting"*. The authentication in SSH in a complex **interactive** process. The client and the server first have to agree on an authentication method. And only after they agree on a password method, the password is sent. There's no other way. The fact that some libraries or clients allow you to enter the password upfront does not change it. They just keep the password ready for use, **once the server asks for it**. They do not sent it immediately. — Martin Prikryl, Jul 28 '16 at 11:50
So again, can you connect with PuTTY to the `service_url.com:1443`? If not, you do not have a programming question. — Martin Prikryl, Jul 28 '16 at 11:52
Actually the 1443 port number strikingly resembles 443 port number, which is used by HTTPS (hence **SSL, not SSH**). — Martin Prikryl, Jul 28 '16 at 11:54
@MartinPrikryl in this manner, it opens a shell and asks me for user_name, and after entering it, it asks for the password, after entering it, it doesn't goes anywhere like you can see in the photo in my question. — Muhammed Refaat, Jul 28 '16 at 11:58
That not a *"shell"*, that's a terminal window. Anyway, it looks good. What does PuTTY event log say? — Martin Prikryl, Jul 28 '16 at 12:00
@MartinPrikryl apparently it grants me the access, log added to the question (I removed unnecessary row data) — Muhammed Refaat, Jul 28 '16 at 12:06
Good, so PuTTY works. So can you now put a breakpoint to the final `catch` clause of the `Session.connect` to see where does the `java.io.IOException` comes from (it's callstack)? — Martin Prikryl, Jul 28 '16 at 12:11
@MartinPrikryl it comes from a catch closure inside the connection method, but the trace provided guiding me only to the line where the Exception is thrown not the line where the error catched. — Muhammed Refaat, Jul 28 '16 at 12:24
Well, you would have to start debugging the JSch code. This looks like some incompatibility between JSch and your custom SSH server. Unfortunately the JSch has terrible (almost none) logging, so this is difficult to debug remotely. Does the server have some logging? — Martin Prikryl, Jul 28 '16 at 12:31
@MartinPrikryl you have any idea how to debug its code? I see that I have to copy all of it outside otherwise I won't be able to add my log messages or any breakpoints. — Muhammed Refaat, Jul 28 '16 at 12:42

Jsch : End of IO Stream Read

0 Answers0