BARTOL, LAURENT (LAURENT | 18 Nov 10:48 2013

help : Question about jsch blocked. (example on com.jcraft.jsch.ChannelSftp.cd)

Dear readers,

 

We used jsch to collect and distribute files 24/24 7/7

And we have notice sometime that the file collect or distribution is blocked.

It has already happened on some commands : “connect”, “cd”, “ls” and “pwd”  where our threads can be blocked.

 

MY QUESTIONS

============

Does the use of  a timeout at connection time can solve all these problems of “blocked thread” ?

  public void connect(int connectTimeout) throws JSchException{

 

Or do we have to set other parameters like …. setServerAliveCountMax to 0

session.setServerAliveCountMax(0);

C.f. Colin’s mail 2013-05-03 21:15

 

 

Thanks.
Laurent.

 

 

===========================================================================

Here is some jstack examples of block

 

"Thread-258" prio=10 tid=0x000000000b01e800 nid=0x211e runnable [0x0000000067638000]

   java.lang.Thread.State: RUNNABLE

        at java.net.SocketInputStream.socketRead0(Native Method)

        at java.net.SocketInputStream.read(SocketInputStream.java:150)

        at java.net.SocketInputStream.read(SocketInputStream.java:121)

        at java.net.SocketInputStream.read(SocketInputStream.java:203)

        at com.jcraft.jsch.IO.getByte(IO.java:73)

        at com.jcraft.jsch.Session.connect(Session.java:263)

        at com.jcraft.jsch.Session.connect(Session.java:183)

        at fr.alcatel.cit.products.c3s.dataFlow.dpm.distributorFTP.SFTPClientWrapper.connect(SFTPClientWrapper.java:117)

        - locked <0x000000064f417bd0> (a fr.alcatel.cit.products.c3s.dataFlow.dpm.distributorFTP.SFTPClientWrapper)

        at fr.alcatel.cit.products.c3s.dataFlow.dpm.distributorFTP.SFTPClientWrapper.connect(SFTPClientWrapper.java:77)

        - locked <0x000000064f417bd0> (a fr.alcatel.cit.products.c3s.dataFlow.dpm.distributorFTP.SFTPClientWrapper)

        at fr.alcatel.cit.products.c3s.dataFlow.dpm.collectorFTP.CollectorFTPClient.connect(CollectorFTPClient.java:399)

        at fr.alcatel.cit.products.c3s.dataFlow.dpm.collectorFTP.CollectorFTPClient.reconnect(CollectorFTPClient.java:2284)

        at fr.alcatel.cit.products.c3s.dataFlow.dpm.collectorFTP.CollectorFTPClient.isFtpCollectorInstanceAuthorizedToCollect(CollectorFTPClient.java:660)

        at fr.alcatel.cit.products.c3s.dataFlow.dpm.collectorFTP.CollectorFTPClient.collectorProcedure(CollectorFTPClient.java:620)

        at fr.alcatel.cit.products.c3s.dataFlow.dpm.collectorFTP.CollectorFTPClient.access$1000(CollectorFTPClient.java:90)

        at fr.alcatel.cit.products.c3s.dataFlow.dpm.collectorFTP.CollectorFTPClient$ThreadForScan.run(CollectorFTPClient.java:228)

        at java.lang.Thread.run(Thread.java:722)

 

Other Example

 

Thread 30610: (state = BLOCKED)

- java.lang.Object.wait(long) <at> bci=0 (Compiled frame; information may be imprecise)
- java.io.PipedInputStream.read() <at> bci=142, line=310 (Compiled frame)

- java.io.PipedInputStream.read(byte[], int, int) <at> bci=43, line=361 (Compiled frame)
- com.jcraft.jsch.ChannelSftp.fill(byte[], int, int) <at> bci=17, line=2325 (Compiled frame)

- com.jcraft.jsch.ChannelSftp.header(com.jcraft.jsch.Buffer, com.jcraft.jsch.ChannelSftp$Header) <at> bci=12, line=2351 (Compiled frame)

- com.jcraft.jsch.ChannelSftp._realpath(java.lang.String) <at> bci=27, line=1810 (Compiled frame)

- com.jcraft.jsch.ChannelSftp.cd(java.lang.String) <at> bci=14, line=268 (Interpreted frame)

- dpm.distributorFTP.SFTPClientWrapper.cd(java.lang.String) <at> bci=22, line=142 (Compiled frame)

- dpm.collectorFTP.CollectorFTPClient.scanServer() <at> bci=225, line=776 (Compiled frame)

- dpm.collectorFTP.CollectorFTPClient.collectorProcedure() <at> bci=144, line=612 (Interpreted frame)

- dpm.collectorFTP.CollectorFTPClient.access$1000(dpm.collectorFTP.CollectorFTPClient) <at> bci=1, line=90 (Compiled frame)

- dpm.collectorFTP.CollectorFTPClient$ThreadForScan.run() <at> bci=28, line=226 (Compiled frame)

- java.lang.Thread.run() <at> bci=11, line=619 (Interpreted frame)

 

------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
JSch-users mailing list
JSch-users@...
https://lists.sourceforge.net/lists/listinfo/jsch-users
Gerry Reno | 16 Nov 07:54 2013
Picon
Picon

session.connect() NullPointerException

Using JSch 1.5.0

I'm seeing a NullPointerExcepton every so often from Session.java on valid params.

eg:

    session = jsch.getSession(TEST-2003\Administrator, 192.168.2.108, 22222)

    E/AndroidRuntime(17889): FATAL EXCEPTION: Thread-1684
    E/AndroidRuntime(17889): java.lang.NullPointerException
    E/AndroidRuntime(17889):     at com.jcraft.jsch.Session.checkHost(Session.java:802)
    E/AndroidRuntime(17889):     at com.jcraft.jsch.Session.connect(Session.java:342)
    E/AndroidRuntime(17889):     at com.jcraft.jsch.Session.connect(Session.java:183)

I can log in with command line ssh using these same params both from Linux and from same Android.

    $ ssh -p 22222 'TEST-2003\Administrator' <at> 192.168.2.108
    The authenticity of host '192.168.2.108 (192.168.2.108)' can't be established.
    DSA key fingerprint is d4:e9:39:58:95:03:23:24:5a:e9:f7:df:29:b6:d5:d5.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '192.168.2.108' (DSA) to the list of known hosts.
    TEST-2003\Administrator@...'s password:

    Microsoft Windows [Version
    5.2.3790]                                                                                           
    (C) Copyright 1985-2003 Microsoft
    Corp.                                                                                        

    C:\Documents and
    Settings\Administrator>exit                                                                                   
    Connection to 192.168.2.108
    closed.                                                                                            
    $ 

------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
rakstar | 13 Nov 12:28 2013

Algorithm negotiation fail Exception while doing SFTP

Hi Team,

I trying below code to start a SFTP session for file transfer(from linux to windows server).

        String dstDirectory = "****";

        JSch jsch = new JSch();

session = jsch.getSession("*****", "******", 22);

        session.setConfig("StrictHostKeyChecking", "yes");

        session.setPassword("******");

        session.connect();


        channel = session.openChannel("sftp");

        channel.connect();

        sftpChannel = (ChannelSftp) channel;

        sftpChannel.put(file, dstDirectory);

        sftpChannel.exit();

        session.disconnect();


Getting the below exceptions while connecting,

Exception in thread "main" com.jcraft.jsch.JSchException: Algorithm negotiation fail
at com.jcraft.jsch.Session.receive_kexinit(Session.java:559)
at com.jcraft.jsch.Session.connect(Session.java:299)
at com.jcraft.jsch.Session.connect(Session.java:162)
at sample.SFTP.main(SFTP.java:35)

I even tried with StrictHostKeyChecking=no, but does not help.
Please let me know if there are any more configurations to be set in the code for this.

Thanks,
Rakesh
------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
JSch-users mailing list
JSch-users@...
https://lists.sourceforge.net/lists/listinfo/jsch-users
Gerry Reno | 10 Nov 21:30 2013
Picon
Picon

addIdentity: on android getting invalid privatekey: [B <at> 428ff138 with known good RSA key

Using JSch 1.50

I'm trying to get publickey auth working on  arm android.

I have password auth working fine already.

So I added addIdentity( keypath ) but it always errors even with known good RSA key.

I tested the key both on the phone using ConnectBot and on two linux machines using openssh.

The key works fine from all three.

When I use the addIdentity method and pass the key path I'm always getting an error, invalid privatekey: [B <at> 428ff138

Is there something else I need to add besides addIdentity to make this work?

------------------------------------------------------------------------------
November Webinars for C, C++, Fortran Developers
Accelerate application performance with scalable programming models. Explore
techniques for threading, error checking, porting, and tuning. Get the most 
from the latest Intel processors and coprocessors. See abstracts and register
http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
Kishor.Golapelliwar | 3 Nov 05:31 2013

AUTO: Kishor Golapelliwar is out of the office (returning 08-11-2013)


I am out of the office until 08-11-2013.

I am on Personal leave from 05-11-2013  to 07-11-2013.
Anjali Chaurasia will be handling all request for above mentioned duration.
I wont be able to access mails and will have limited connectivity over
phone.
Please drop a message in case of emergency.

Note: This is an automated response to your message  "JSch-users Digest,
Vol 87, Issue 1" sent on 11/3/2013 7:43:21 AM.

This is the only notification you will receive while this person is away.

------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
Gerry Reno | 3 Nov 03:13 2013
Picon
Picon

hostKeyRepository.check always returning NOT FOUND

Even if I hardcode and cut and paste the exact key from my known_hosts, the hostKeyRepository.check will
only return
NOT_FOUND

int repoHostKeyCheck = hostKeyRepository.check( sessionHost, hostKey.getKey().getBytes() );

log:
V/MyApp(16481): SESSION     : 192.168.2.109 ssh-rsa f0:70:f0:6e:f3:bc:74:bc:81:74:a3:42:11:07:87:49
AAAAB3NzaC1yc2EAAAABIwAAAQEAuwn4nvREfJ86S7suUVlrmyGBGkph1xfY1+UIh8lp4xP2WJPjXfVPdh/asFxYYkUNJWpJTtvZMfs4JGZZ1CP5UlWA6zB6lfjn0OvqCre8dZSV/6Nx2YwX1sGcV++IwEnMM3XnoWbqVAjSkI2e5EBWgD0CnOeFthvPdWQz4ywNqDLEbNDxHfmKR79cXJteCiC/+WRX5wNJQTlOMzOAuJEOXyroHoTaZ3nkgvaj45XIbKXdFL5oZGJshE7cJGbmQ7K7IDa+AA6UzlWnaUivu2svu0WwfJPOyVjtr69AS8ga0MTDH2Qn6Yqs0yxw7Z9JX2EQL4l0lF99T7u/3Bm5/3YxMw==

V/MyApp(16481): HOSTKEY REPO: 192.168.2.106 ssh-dss 8b:7b:84:97:c7:a1:e8:73:00:c3:9b:19:e1:11:7f:78
AAAAB3NzaC1kc3MAAACBAIVUq/q9Q7OiA1qVud6n3va/5Xrm2oSz6+lgfiKJY9bEoXC2K0gbx4Csyp2SE3GjPcVMW5O42Eh+fiOWR7EQrJEzR8iiH4129SjzePRXNV73VIrSdzzcTugfUzVm56BL3H+EzLYpRBioS44QVGePxCMED7EoC3V4CjHVaoFo5So3AAAAFQD/iA8C9mEEw0jWjhukSICuhRkuqwAAAIA+OO0Ia6MIwGh91i0JoKjgmPPxIPhFBx1MOpv2GmrEPmieubDQpmqiCG/jH6Kr39uewJiR06uBfXZdj9IFbWCW4dhL57jyEWqBY40m6HlzmKDSjZwMtGZLtvIJ+hFK0a4qBZaUNeeMNG1OtmxdHpnynE3YVBE2f6eyD7LyF18DUQAAAIBpnbWZy3ptzc3VCvrWcNBIa1oOKODvWlAdqXgpJ7mu01DTIVDUDLbe72XYBhr2v2rHRO91JmkA6qe+UFGiXtBCyFY3ehXzzSvmLrMOXZgR3aPh92conoE3VyUq7rf92IyJWp9N6zEio85L7zKZC6sXw6KUZtd3x5P1qiiUwc+kbg==
V/MyApp(16481): HOSTKEY REPO CHECK: NOT FOUND
V/MyApp(16481): HOSTKEY REPO CHECK: 1

V/MyApp(16481): HOSTKEY REPO: 192.168.2.109 ssh-rsa f0:70:f0:6e:f3:bc:74:bc:81:74:a3:42:11:07:87:49
AAAAB3NzaC1yc2EAAAABIwAAAQEAuwn4nvREfJ86S7suUVlrmyGBGkph1xfY1+UIh8lp4xP2WJPjXfVPdh/asFxYYkUNJWpJTtvZMfs4JGZZ1CP5UlWA6zB6lfjn0OvqCre8dZSV/6Nx2YwX1sGcV++IwEnMM3XnoWbqVAjSkI2e5EBWgD0CnOeFthvPdWQz4ywNqDLEbNDxHfmKR79cXJteCiC/+WRX5wNJQTlOMzOAuJEOXyroHoTaZ3nkgvaj45XIbKXdFL5oZGJshE7cJGbmQ7K7IDa+AA6UzlWnaUivu2svu0WwfJPOyVjtr69AS8ga0MTDH2Qn6Yqs0yxw7Z9JX2EQL4l0lF99T7u/3Bm5/3YxMw==
V/MyApp(16481): HOSTKEY REPO CHECK: NOT FOUND
V/MyApp(16481): HOSTKEY REPO CHECK: 1

This is bytes, right?  No encoding.

What could be the problem?

------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
Shai Ayal | 31 Oct 19:44 2013
Picon

Keyboard-interactive authentication

Hi,

Thanks for jsch -- I use it in my open source android application SPT - persistent SSH tunnels for android.

Recently a user asked about supporting keyboard-interactive authentication (as opposed to the already supported password authentication mode).


Thanks again,
Shai
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
JSch-users mailing list
JSch-users@...
https://lists.sourceforge.net/lists/listinfo/jsch-users
Danisment Gazi Unal | 17 Oct 16:47 2013

SFTP put to multiple destinations ?


Hello,

is there a way to send a file to multiple destinations by cascading
transmission ?

For example, If I send a file to server A, file should be sent to Server A,
and sent to Server B from Server A.

Source --> Server A --> Server B

I can not send directly from Source to Server A and Server B. I have to
offload transmissions to destinations.

Thanks in advance....

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
Danisment Gazi Unal | 10 Oct 14:21 2013

How to use SFTP put/get from a remote server to another remote server ?


Hello,

is it possible to use SFTP put/get to transfer files between servers
without running any command line utilities on remote servers except remote
SSH servers.

For example, client connects to a remote ServerA and transfer files from
ServerA to ServerB without transferring files to client.

thanks in advance...

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk
Prakash Babu | 4 Oct 00:46 2013
Picon

setting session timeout

Hi,

If I run a remote command using jsch and for some reason it waits
infinitely. Is there a way to set a timeout to disconnect this session
after a certain period.
I see from the API docs that we can set a connect timeout, but is
there way to set a session timeout to disconnect the session after a
certain period ?

thanks,
Prakash

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk
Erick Lichtas | 3 Oct 23:20 2013

Issues uploading to ProFTPd with mod_sftp

The latest versions of JSCH 0.1.49 and 0.1.50 are having issues transferring larger files (I’m testing with ~400MB) to ProFTPD server, however, the older version 0.1.44 that I’ve tested works (and has been working) just fine for quite some time.  I’ve included the configuration information of ProFTPd below.  The transfer of the file usually hangs anywhere between 10% and 20% of the transfer and is reproducible 100% of the time (for me) using the Sftp.java example class to upload the file using jsch version 1.49 and 1.50.  Jsch version 1.44, it works every time. 

 

I have the following setting configured in my proftpd config as recommended by the link below.

 

SFTPClientMatch ".*JSCH.*" channelWindowSize 1GB

 

https://forums.proftpd.org/smf/index.php?topic=4616.0

 

Can you please explain what change would have affected this and what adjustments I can make in the short term to get this transfer working? 

 

Waiting Thread

"main" prio=6 tid=0x000000000062c000 nid=0x1ff8 runnable [0x000000000256f000]

   java.lang.Thread.State: RUNNABLE

     at java.net.SocketOutputStream.socketWrite0(Native Method)

     at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)

     at java.net.SocketOutputStream.write(SocketOutputStream.java:136)

     at com.jcraft.jsch.IO.put(IO.java:77)

     at com.jcraft.jsch.Session._write(Session.java:1461)

     - locked <0x00000000ecd951f0> (a java.lang.Object)

     at com.jcraft.jsch.Session.write(Session.java:1424)

     at com.jcraft.jsch.ChannelSftp.sendWRITE(ChannelSftp.java:3329)

     at com.jcraft.jsch.ChannelSftp._put(ChannelSftp.java:795)

     at com.jcraft.jsch.ChannelSftp.put(ChannelSftp.java:623)

     at JSchTest.main(JSchTest.java:281)

 

 

ProFTPd configuration

 

Compile-time Settings:

  Version: 1.3.4d (maint)

  Platform: LINUX [Linux 2.6.32-38-generic i686]

  Built: Thu Oct 3 2013 11:07:09 CDT

  Built With:

    configure  '--prefix=/usr' '--with-includes=/usr/include/postgresql:/usr/include/mysql:/usr/openssl/include/' '--mandir=/usr/share/man' '--sysconfdir=/etc/proftpd' '--localstatedir=/var/run' '--libexecdir=/usr/lib/proftpd' '--enable-sendfile' '--enable-facl' '--enable-dso' '--enable-autoshadow' '--enable-ctrls' '--with-modules=mod_readme:mod_sftp' '--enable-ipv6' '--enable-nls' '--build' 'i486-linux-gnu' 'build_alias=i486-linux-gnu' 'CFLAGS=-O2 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DHAVE_OPENSSL -DUSE_LDAP_TLS ' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-openssl' '--with-libraries=/usr/openssl/lib' '--with-shared=mod_ctrls_admin:mod_ban'

 

  CFLAGS: -O2 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DHAVE_OPENSSL -DUSE_LDAP_TLS  -Wall

  LDFLAGS: -L$(top_srcdir)/lib -Wl,-Bsymbolic-functions -L/usr/openssl/lib

  LIBS:  -lssl -lcrypto -lssl -lcrypto -L$(top_srcdir)/lib/libcap -lcap  -lcrypto -lsupp -lcrypt -ldl  -ldl -lz

 

  Files:

    Configuration File:

      /etc/proftpd/proftpd.conf

    Pid File:

      /var/run/proftpd.pid

    Scoreboard File:

      /var/run/proftpd.scoreboard

    Header Directory:

      /usr/include/proftpd

    Shared Module Directory:

      /usr/lib/proftpd

 

  Features:

    + Autoshadow support

    + Controls support

    - curses support

    - Developer support

    + DSO support

    + IPv6 support

    + Largefile support

    - Lastlog support

    - Memcache support

    - ncurses support

    + NLS support

    + OpenSSL support

    - PCRE support

    + POSIX ACL support

    + Shadow file support

    + Sendfile support

    + Trace support

 

  Tunable Options:

    PR_TUNABLE_BUFFER_SIZE = 1024

    PR_TUNABLE_DEFAULT_RCVBUFSZ = 8192

    PR_TUNABLE_DEFAULT_SNDBUFSZ = 8192

    PR_TUNABLE_GLOBBING_MAX_MATCHES = 100000

    PR_TUNABLE_GLOBBING_MAX_RECURSION = 8

    PR_TUNABLE_HASH_TABLE_SIZE = 40

    PR_TUNABLE_NEW_POOL_SIZE = 512

    PR_TUNABLE_SCOREBOARD_BUFFER_SIZE = 80

    PR_TUNABLE_SCOREBOARD_SCRUB_TIMER = 30

    PR_TUNABLE_SELECT_TIMEOUT = 30

    PR_TUNABLE_TIMEOUTIDENT = 10

    PR_TUNABLE_TIMEOUTIDLE = 600

    PR_TUNABLE_TIMEOUTLINGER = 30

    PR_TUNABLE_TIMEOUTLOGIN = 300

    PR_TUNABLE_TIMEOUTNOXFER = 300

    PR_TUNABLE_TIMEOUTSTALLED = 3600

    PR_TUNABLE_XFER_SCOREBOARD_UPDATES = 10

 

Thanks in advance!

 

Erick Lichtas

 

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk
_______________________________________________
JSch-users mailing list
JSch-users@...
https://lists.sourceforge.net/lists/listinfo/jsch-users

Gmane