Karaf
  1. Karaf
  2. KARAF-1354

SSH Log-In failes with "Authentication failed" with valid credentials

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.3.0, 3.0.0
    • Component/s: karaf-shell
    • Labels:
      None
    • Environment:

      Windows 7

      Description

      The login via SSH fails using valid credentials due to a bug in the role checking procedure.
      Error message "Authentication failed"

      Log entries in karaf:

      [INFO ] ServerSession - Session created...
      [INFO ] ServerSession - Client version string: SSH-2.0-PuTTY_KiTTY
      [DEBUG] ServerSession - Received packet SSH_MSG_KEXINIT
      [INFO ] ServerSession - Received SSH_MSG_KEXINIT
      [DEBUG] ServerSession - Received packet SSH_MSG_KEXDH_INIT
      [INFO ] AbstractDHGServer - Received SSH_MSG_KEXDH_INIT
      ...
      [INFO ] AbstractDHGServer - Send SSH_MSG_KEXDH_REPLY
      [INFO ] AbstractSession - Send SSH_MSG_NEWKEYS
      [DEBUG] ServerSession - Received packet SSH_MSG_NEWKEYS
      [INFO ] ServerSession - Received SSH_MSG_NEWKEYS
      [DEBUG] ServerSession - Received packet SSH_MSG_IGNORE
      [INFO ] ServerSession - Received SSH_MSG_IGNORE
      [DEBUG] ServerSession - Received packet SSH_MSG_SERVICE_REQUEST
      [INFO ] ServerSession - Received SSH_MSG_SERVICE_REQUEST 'ssh-userauth'
      [INFO ] ServerSession - Accepting user authentication request
      [INFO ] ServerSession - Authorized authentication methods: password,publickey
      [DEBUG] ServerSession - Received packet SSH_MSG_IGNORE
      [INFO ] ServerSession - Received SSH_MSG_IGNORE
      [DEBUG] ServerSession - Received packet SSH_MSG_USERAUTH_REQUEST
      [INFO ] ServerSession - Received SSH_MSG_USERAUTH_REQUEST
      [INFO ] ServerSession - Authenticating user 'karaf' with method 'none'
      [INFO ] ServerSession - Unsupported authentication method 'none'
      [DEBUG] ServerSession - Received packet SSH_MSG_IGNORE
      [INFO ] ServerSession - Received SSH_MSG_IGNORE
      [DEBUG] ServerSession - Received packet SSH_MSG_USERAUTH_REQUEST
      [INFO ] ServerSession - Received SSH_MSG_USERAUTH_REQUEST
      [INFO ] ServerSession - Authenticating user 'karaf' with method 'password'
      [DEBUG] KarafJaasPasswordAuthenticator - User authentication failed with User does not have the required role admin

      javax.security.auth.login.FailedLoginException: User does not have the required role admin
      at org.apache.karaf.shell.ssh.KarafJaasPasswordAuthenticator.authenticate(KarafJaasPasswordAuthenticator.ja
      va:104)[65:org.apache.karaf.shell.ssh:3.0.0.SNAPSHOT]
      at org.apache.sshd.server.auth.UserAuthPassword.checkPassword(UserAuthPassword.java:55)[64:sshd-core:0.6.0]

      at org.apache.sshd.server.auth.UserAuthPassword.auth(UserAuthPassword.java:49)[64:sshd-core:0.6.0]
      at org.apache.sshd.server.session.ServerSession.userAuth(ServerSession.java:388)[64:sshd-core:0.6.0]
      at org.apache.sshd.server.session.ServerSession.handleMessage(ServerSession.java:201)[64:sshd-core:0.6.0]
      at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:538)[64:sshd-core:0.6.0]
      at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:232)[64:sshd-core:0.
      6.0]
      at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:58)[64:ssh
      d-core:0.6.0]
      at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.ja
      va:716)[63:org.apache.mina.core:2.0.4]
      at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:
      434)[63:org.apache.mina.core:2.0.4]
      at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:46)[63:org.a
      pache.mina.core:2.0.4]
      at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.j
      ava:796)[63:org.apache.mina.core:2.0.4]
      at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)[63:org.apache
      .mina.core:2.0.4]
      at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:
      434)[63:org.apache.mina.core:2.0.4]
      at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:426)
      [63:org.apache.mina.core:2.0.4]
      at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:715)[63:org
      .apache.mina.core:2.0.4]
      at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:668)[63:
      org.apache.mina.core:2.0.4]
      at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:657)[63:
      org.apache.mina.core:2.0.4]
      at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:68)[6
      3:org.apache.mina.core:2.0.4]
      at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:11
      41)[63:org.apache.mina.core:2.0.4]
      at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)[63:org.apache.mina.core:
      2.0.4]
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)[:1.6.0_29]
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)[:1.6.0_29]
      at java.lang.Thread.run(Thread.java:662)[:1.6.0_29]
      [INFO ] ServerSession - Authentication failed
      [DEBUG] ServerSession - Received packet SSH_MSG_IGNORE
      [INFO ] ServerSession - Received SSH_MSG_IGNORE

        Activity

        Lukas Roedl created issue -
        Lukas Roedl made changes -
        Field Original Value New Value
        Attachment KarafJaasPasswordAuthenticator.java_20120412.patch [ 12522383 ]
        Achim Nierbeck made changes -
        Assignee Achim Nierbeck [ achim_nierbeck ]
        Christian Schneider made changes -
        Status Open [ 1 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Jean-Baptiste Onofré made changes -
        Resolution Fixed [ 1 ]
        Status Resolved [ 5 ] Reopened [ 4 ]
        Assignee Achim Nierbeck [ achim_nierbeck ] Jean-Baptiste Onofré [ jbonofre ]
        Jean-Baptiste Onofré made changes -
        Fix Version/s 2.3.0 [ 12320554 ]
        Affects Version/s 3.0.0 [ 12316040 ]
        Jean-Baptiste Onofré made changes -
        Status Reopened [ 4 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]

          People

          • Assignee:
            Jean-Baptiste Onofré
            Reporter:
            Lukas Roedl
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development