Community
Participate
Working Groups
Build Identifier: Eclipse 3.6.0 I installed RSE so that I can have a GUI interface to create a connection to the zOS host. 1. Open the preferences page General -> Network Connection -> SSH2 and switch to the Authentication Methods tab 2. check only the keyboard-interactive and uncheck the rest 3. Open RSE perspective and click the button new connection 4. Create an SSH Only connection to a zOS host 5. Right click the newly created connection and run the action Connect 6. Put in the right user id and password when being prompted The connection failed Use the same user ID and password and you can connect to the same host with PUTTY. Reproducible: Always
Same story as on bug 319415, comment 2: Could you try following the steps with JSch upgraded to 1.44. It's available on Orbit[1]. [1] http://wiki.eclipse.org/Orbit/FAQ#How_do_I_work_with_a_bundle_in_Orbit.3F
You can also install it into your running eclipse using Help>Install new software and a repo of http://download.eclipse.org/tools/orbit/downloads/drops/R20110523182458/repository/ PW
Could you try http://www.jcraft.com/jsch/examples/Logger.java It will print logging messages to stdout. $ javac -classpath jsch-0.1.44.jar Logger.java $ java -classpath jsch-0.1.44.jar Logger For example, jsch jar file is available at http://repo1.maven.org/maven2/com/jcraft/jsch/0.1.44-1/jsch-0.1.44-1.jar
Installed Jscraft 1.44. The original scenarion still failed. The following information were collected from running Logger. The successful authentication is password. WARN: Permanently added 'torolabb' (RSA) to the list of known hosts. INFO: SSH_MSG_NEWKEYS sent INFO: SSH_MSG_NEWKEYS received INFO: SSH_MSG_SERVICE_REQUEST sent INFO: SSH_MSG_SERVICE_ACCEPT received INFO: Authentications that can continue: publickey,keyboard-interactive,password INFO: Next authentication method: publickey INFO: Authentications that can continue: password INFO: Next authentication method: password INFO: Authentication succeeded (password).
Atsuhiko, any suggestions? Could it be fixed in the next release?
Sorry for my delay. # I'm still in the trouble caused by the giant earthquake at 11th March. > WARN: Permanently added 'torolabb' (RSA) to the list of known hosts. > INFO: SSH_MSG_NEWKEYS sent > INFO: SSH_MSG_NEWKEYS received > INFO: SSH_MSG_SERVICE_REQUEST sent > INFO: SSH_MSG_SERVICE_ACCEPT received > INFO: Authentications that can continue: > publickey,keyboard-interactive,password > INFO: Next authentication method: publickey > INFO: Authentications that can continue: password > INFO: Next authentication method: password > INFO: Authentication succeeded (password). It seems to me that the remote sshd has not been configured to use 'keyboard-interactive' method. If you have OpenSSH's ssh client, could you run it in the debug mode for that sshd, % ssh -v -v -v foo@example.com and post its output to this bugzilla entry?
The following messages were from a host which support interactive, It still faled. WARN: Permanently added 'host.pok.ibm.com' (RSA) to the list of known hosts. INFO: SSH_MSG_NEWKEYS sent INFO: SSH_MSG_NEWKEYS received INFO: SSH_MSG_SERVICE_REQUEST sent INFO: SSH_MSG_SERVICE_ACCEPT received INFO: Authentications that can continue: publickey,keyboard-interactive,password INFO: Next authentication method: publickey INFO: Authentications that can continue: keyboard-interactive,password INFO: Next authentication method: keyboard-interactive INFO: Disconnecting from host.pok.ibm.com port 22 com.jcraft.jsch.JSchException: Auth fail
(In reply to comment #7) > The following messages were from a host which support interactive, It still > faled. > ... > INFO: Next authentication method: keyboard-interactive > INFO: Disconnecting from host.pok.ibm.com port 22 > com.jcraft.jsch.JSchException: Auth fail Thank you for your trial. It seems the authentication process has been dropped by the remote. Will somebody allow me to get accesses to sshd on zOS? I guess the problem has occurred before the success of authentication, so I don't need the login access, and I just need the accesses to its TCP port 22.
The IP address of the host is 9.26.177.159. But I wonder whether it's behind a firewall.
(In reply to comment #9) > The IP address of the host is 9.26.177.159. But I wonder whether it's behind a > firewall. Atsuhiko, does it work for you?
(In reply to comment #9) > The IP address of the host is 9.26.177.159. But I wonder whether it's behind a > firewall. I tried Logger on your IP and it se(In reply to comment #9) > The IP address of the host is 9.26.177.159. But I wonder whether it's behind a > firewall. I tried to connect to the host and this is what I get from Logger: WARN: Permanently added '9.26.177.159' (RSA) to the list of known hosts. INFO: SSH_MSG_NEWKEYS sent INFO: SSH_MSG_NEWKEYS received INFO: SSH_MSG_SERVICE_REQUEST sent INFO: SSH_MSG_SERVICE_ACCEPT received INFO: Authentications that can continue: publickey,keyboard-interactive,password INFO: Next authentication method: publickey INFO: Authentications that can continue: password INFO: Next authentication method: password INFO: Disconnecting from 9.26.177.159 port 22 com.jcraft.jsch.JSchException: Auth cancel Could you enable keyboard-interactive there?
Can you please try another host 9.56.224.21?
Sorry, host 9.56.224.21 is not a zOS
(In reply to comment #10) > (In reply to comment #9) > > The IP address of the host is 9.26.177.159. But I wonder whether it's behind a > > firewall. > > Atsuhiko, does it work for you? Unfortunately, I can not get TCP connections to 9.26.177.159 and 9.56.224.21. Is it possible to allow me to get TCP accesses to sshd on zOS through ssh port-fowarding? I mean that I'll provide login-access to our host(for example, guest@our_ip_address), and if you will run on your LAN, % ssh -R 3333:9.56.224.21:22 guest@our_ip_address we can get TCP accesses to 9.56.224.21:22 with a followng command on 'our_ip_address' host, % ssh -p 3333 foo@127.0.0.1 If possible, I will write 'our_ip_address' to you privately.
According to the system administrator, interactive authentication is not supported on zOS. The following is from man sshd_config. | KbdInteractiveAuthentication Not supported on z/OS UNIX. Specifies whether | to use keyboard-interactive authentication. The argument to this | keyword must be "yes" or "no". I'm closing this bug as invalid.
(In reply to comment #15) > According to the system administrator, interactive authentication is not > supported on zOS. The following is from man sshd_config. > | KbdInteractiveAuthentication Not supported on z/OS UNIX. Specifies whether > | to use keyboard-interactive authentication. The argument to this > | keyword must be "yes" or "no". > > I'm closing this bug as invalid. Thanks Samuel for looking into it.
