无法使用带有 JDK 8 的 JSch 打开 ssh 会话

Question

我有以下示例代码尝试打开 ssh 连接

package jsch;

import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Session;

public class Main {

  public static void main(String... args) {
    JSch jsch=new JSch();
    try {
      Session session=jsch.getSession("some_user", "some_host", 22);
      session.setPassword("some_password");
      session.setConfig("StrictHostKeyChecking", "no");
      session.connect();
      Thread.sleep(1000);
      session.disconnect();
    } catch (JSchException e) {
      e.printStackTrace();
    } catch (InterruptedException e) {
      e.printStackTrace();
    }
  }
}

如果我使用 JDK 7，一切正常，但如果我使用 JDK 8，我会得到这个堆栈跟踪：

Exception in thread "main" java.lang.IllegalArgumentException: Empty nameStrings not allowed
    at sun.security.krb5.PrincipalName.validateNameStrings(PrincipalName.java:167)
    at sun.security.krb5.PrincipalName.<init>(PrincipalName.java:277)
    at sun.security.krb5.PrincipalName.parse(PrincipalName.java:315)
    at sun.security.krb5.internal.KRBError.init(KRBError.java:355)
    at sun.security.krb5.internal.KRBError.<init>(KRBError.java:186)
    at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:58)
    at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:259)
    at sun.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:270)
    at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:302)
    at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(CredentialsUtil.java:120)
    at sun.security.krb5.Credentials.acquireServiceCreds(Credentials.java:458)
    at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:693)
    at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:248)
    at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179)
    at com.jcraft.jsch.jgss.GSSContextKrb5.init(GSSContextKrb5.java:129)
    at com.jcraft.jsch.UserAuthGSSAPIWithMIC.start(UserAuthGSSAPIWithMIC.java:135)
    at com.jcraft.jsch.Session.connect(Session.java:463)
    at com.jcraft.jsch.Session.connect(Session.java:183)
    at jsch.Main.main(Main.java:15)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at com.intellij.rt.execution.application.AppMain.main(AppMain.java:144) 

是否有机会在没有 hack 的情况下解决这个问题并将 JSch 与 JDK8 一起使用，或者我应该切换到另一个 ssh 库？

Answer 1

您的 JDK8 显然认为 Kerberos 已安装/可用，但要么是错误的，要么在某处无法正常工作。虽然我自己不使用 Kerberos，但如果您的意思是 Sun/Oracle JDK AFAIK 既不 7 也不 8 默认启用 Kerberos，这表明存在错误（可能配置错误）你的JDK 8在某个地方。

它应该告诉 JSCH不要使用 Kerberos，或者至少先尝试其他方法，而不是（或除此之外）找到并修复它：

# Q&D -- assumes default as of 0.1.53
session.setConfig ("PreferredAuthentications", 
    "publickey,keyboard-interactive,password"); 
# or 
session.setConfig ("PreferredAuthentications", 
    "publickey,keyboard-interactive,password,gssapi-with-mic");

# more robust for future
ArrayList<String> auths = new ArrayList<String>( 
  Arrays.asList( session.getConfig ("PreferredAuthentications") .split(",")) );
auths.remove ("gssapi-with-mic");
# optional add back to end
auths.add ("gssapi-with-mic");
session.setConfig ("PreferredAuthentications", String.join (",", auths));