Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NullPointerException at connect #34

Closed
uffeweil opened this issue Feb 25, 2021 · 13 comments · Fixed by #35
Closed

NullPointerException at connect #34

uffeweil opened this issue Feb 25, 2021 · 13 comments · Fixed by #35

Comments

@uffeweil
Copy link

Hi!

First I'd like to thank you for proving this new distribution of Jsch. Very appreciated!!

Using a key (New openssh-v1-private-key format) that has not been added at the server leads to NullPointerException.
Converting the key to PEM format and the error is instead the expected "Auth fail".

Caused by: java.lang.NullPointerException at com.jcraft.jsch.KeyPairDeferred.getKeyTypeName(KeyPairDeferred.java:120) at com.jcraft.jsch.IdentityFile.getAlgName(IdentityFile.java:106)

Full log and key in attached files below.
By the way in the release notes you state that ssh-ed25519 is supported. Is this implementation ripped out of Java 15 or does it require a Java 15 VM to be used?

Kind regards Ulf

FailDbvisNewSSHKey.txt
id_rsa_notTrustedNewSSHFormat.txt
@mwiede
Copy link
Owner

mwiede commented Feb 25, 2021

Hi Ulf, thanks for reporting this issue, need to look into that.

Regarding the ssh.ed25519 question, yes you need to use Java 15, compare to subhra74/snowflake#16 (comment)

@uffeweil
Copy link
Author

Great, thanks for the quick answer!

@mwiede
Copy link
Owner

mwiede commented Mar 2, 2021

note to myself: the NPE occurs, when an encrypted openssh v1 key as added as identity without setting its password.
in this situation we should throw an error in all methods, telling that the key has not been decrypted yet.

@uffeweil
Copy link
Author

uffeweil commented Mar 4, 2021

Hi Matthias,

Just uploaded a trace which indicates the same error for a key that has been added. The user runs Java 15.
I don't know if this helps

traceKnownKeyJava15.txt

Regards
Ulf

mwiede added a commit that referenced this issue Mar 4, 2021
@mwiede @wiedemam-VU
#34 throwing IllegalstateException when encrypted openssh v1 key is u…
6b2cb4a 
…sed without password
@mwiede mwiede mentioned this issue Mar 4, 2021
Merged
@mwiede
Copy link
Owner

mwiede commented Mar 4, 2021
edited
Loading

Hi Ulf,
what do you mean by "key has been added"?
I looked at the code, and the only situation, in which the NPE can occur, is when an encrypted key is added as identity without a password. You example key from id_rsa_notTrustedNewSSHFormat.txt contains an enycrypted key with cipher aes256-ctr.
So I guess you added the key as jSch.addIdentity(prvkey) instead of jSch.addIdentity(prvkey, password);
Best regards
Matthias

@uffeweil
Copy link
Author

uffeweil commented Mar 4, 2021
edited
Loading

Hi Matthias,

Sorry for being unclear by added I mean it has been added as a trusted key at the server.

Implementation wise we are doing something like:

jsch.addIdentity(sshPrivateKeyFile); 
final Session sshSession = jsch.getSession(sshUserid, sshHost, sshPort);
UserInfo ui = new MyUserInfo(sshPassword, sshPassphrase, dialogOwner);
sshSession.setUserInfo(ui);

This is the same implementation not matter of key formats. No problem of connecting using other keys in our product (DbVisualizer)
Our customer uses the same key successfully using SSH in a terminal which is of course not utilizing Jsch.

@uffeweil uffeweil closed this as completed Mar 4, 2021
@uffeweil uffeweil reopened this Mar 4, 2021
@mwiede
Copy link
Owner

mwiede commented Mar 4, 2021

ok, thanks for your clarification. I think I came closer to the problem. The issue comes, when the key is encrypted and the identity is added without the passphrase. Instead the passphrase is coming from Userinfo#getPassphrase() and the decryption happens in com.jcraft.jsch.UserAuthPublicKey line 204. For KeypairDeferred this is too late, as the getAlgName() is needed in line 92.
I suggest that we are moving the while loop with the decryption up to line 91

@mwiede mwiede linked a pull request Mar 4, 2021 that will close this issue
fixing NPE #34 #35
Merged
@uffeweil
Copy link
Author

uffeweil commented Mar 4, 2021

Hi Matthias
Thanks for all your help. From the Pull request I guess you you are already on this!
Regards Ulf

@mwiede mwiede closed this as completed in #35 Mar 4, 2021
mwiede added a commit that referenced this issue Mar 4, 2021
@mwiede
Merge pull request #35 from mwiede/issue_34
aa40022 
fixing NPE #34
@mwiede
Copy link
Owner

mwiede commented Mar 4, 2021

Hi Ulf, I released the library in version 0.1.62. Please check whether the issue is fixed.

@uffeweil
Copy link
Author

uffeweil commented Mar 4, 2021

Hi Matthias,
That was really quick!! I will ask our customer if he could test.
Many thanks for the quick turnaround!!
Regards
Ulf

@uffeweil
Copy link
Author

uffeweil commented Mar 4, 2021

Hi Mattias,

Is there a Jar somewhere? Or am I being to impatient? :-)

Regards
Ulf

@mwiede
Copy link
Owner

mwiede commented Mar 4, 2021 via email

@uffeweil
Copy link
Author

uffeweil commented Mar 9, 2021

Hi Mattias

Just thought I would inform you that our user has reported that he can now connect using the 0.1.62 version.
Many thanks for a great fix and quick turnaround. Awsome!

Regards
Ulf

@miguelaferreira miguelaferreira mentioned this issue Jun 8, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fixing NPE #34 mwiede/jsch
2 participants
@mwiede @uffeweil