本文主要是介绍JSCH kerberos 连接配置,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
近日产品要支持kerberos,
测试过程中经常会出现,需要输入kerberos用户名的情况,debug跟踪,发现为jsch在远程连接的时候会进行认证
2017-09-13 10:04:22.391 DEBUG 13148 --- [nio-8080-exec-4] c.b.m.rest.base.util.JSchConnection : connect,172.16.31.165,hadoop,hadoop,22
2017-09-13 10:04:22.493 DEBUG 13148 --- [nio-8080-exec-1] c.b.m.rest.base.util.JSchConnection : connect,172.16.31.165,hadoop,hadoop,22
Kerberos 用户名 [hadoop]: Kerberos 用户名 [hadoop]: Kerberos 用户名 [hadoop]: Kerberos 用户名 [hadoop]: Kerberos 用户名 [hadoop]: Kerberos 用户名 [hadoop]: hadoop的 Kerberos 口令: com.jcraft.jsch.JSchException: Auth failat com.jcraft.jsch.Session.connect(Session.java:512)at com.jcraft.jsch.Session.connect(Session.java:183)at com.bonc.manager.rest.base.util.JSchConnection.connect(JSchConnection.java:67)at com.bonc.manager.rest.base.util.JSchConnectionFactory.getJschConnection(JSchConnectionFactory.java:50)at com.bonc.manager.rest.base.util.JSchConnectionFactory.getJschConnection(JSchConnectionFactory.java:65)at com.bonc.manager.rest.base.util.ConfigUtil.readXmlFromHost(ConfigUtil.java:104)at com.bonc.manager.rest.modules.config.dao.impl.ConfigDaoImpl.getHostConfig(ConfigDaoImpl.java:68)at com.bonc.manager.rest.modules.config.service.ConfigServer.readconfig(ConfigServer.java:865)at com.bonc.manager.rest.modules.config.service.ConfigServer.saveConfigToLocal(ConfigServer.java:704)at com.bonc.manager.rest.util.ConfigurationUtil.getHdfsConf(ConfigurationUtil.java:56)at com.bonc.manager.rest.util.ConfigurationUtil.update(ConfigurationUtil.java:180)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)at java.lang.reflect.Method.invoke(Method.java:498)at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:65)at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308)at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180)at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294)at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)at java.lang.Thread.run(Thread.java:745)
问题解决方式就是将kerberos认证方式去掉,具体为去掉Kerberos/GSSAPI (gssapi-with-mic)
session.setConfig("PreferredAuthentications", "publickey,keyboard-interactive,password");
参考
https://stackoverflow.com/questions/29669459/skipping-kerberos-authentication-prompts-with-jsch
这篇关于JSCH kerberos 连接配置的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!