0

PROBLEM: Connecting remote site by SFTP using JSCH library results in "Channel is not opened". Code works fine from one internet connection, but fails from another. Another is done via proxy. Nevertheless, I can connect by SFTP from another, using FileZilla client.

RESEARCH: Tried increasing connection timout and setting useDNS: false from similar questions. I've got session and channel opned from it. Still, after timout, channel connection fails.

QUESTION: How to get connection.

Below is the code and error stack trace extracts:

  JSch jsch = new JSch();
  UserInfo userInfo ;

  jsch.setKnownHosts(KNOWN_HOSTS);

  session = jsch.getSession(
    Menue.SITE_LOGIN,
    Menue.SITE_HOST,
    Menue.SITE_PORT);

  session.setPassword(
    Menue.SITE_PASSWORD);

  if (Menue.USE_PROXY) {
    session.setProxy(
      new ProxyHTTP(
        Menue.PROXY_HOST,
        Menue.PROXY_PORT));
  }

  session.setConfig(
    "StrictHostKeyChecking",
    "yes");

  session.connect();
  channel = session.openChannel("sftp");
  channel.setInputStream(System.in);
  channel.setOutputStream(System.out);
  channel.connect(60 * 1000); // Error: channel is not opened.

Stacktrace:

com.jcraft.jsch.JSchException: channel is not opened. at com.jcraft.jsch.Channel.sendChannelOpen(Channel.java:765) at com.jcraft.jsch.Channel.connect(Channel.java:151)

Zon
  • 18,610
  • 7
  • 91
  • 99
  • [Channel.java Line 765](http://grepcode.com/file/repo1.maven.org/maven2/com.jcraft/jsch/0.1.51/com/jcraft/jsch/Channel.java?av=f#765) implies that it's failing because your five second timeout is too short. The fix for that seems obvious. You say you've tried increasing the timeout and it fails in other ways. But we can only help you with the problem that you present in your question. – Kenster Sep 22 '16 at 16:18
  • Changed to 60 seconds. The same result. It works fine without a timeout at all from another office. – Zon Sep 22 '16 at 17:10
  • Could you investigate what is happening on the server during that 60 seconds? If the server is OpenSSH for example, it should start up an instance of the [sftp-server](http://man.openbsd.org/sftp-server) program to handle sftp channel requests. Also, the ssh server can be set to treat particular connections in different ways. Or the user's .bashrc or similar file on the server might be interfering with starting the sftp-server program. – Kenster Sep 22 '16 at 17:38

2 Answers2

0

The output on mistake was non-informative (as well as scarce documentation on the library). The reason was in managing server rsa-keys on connection. I wanted no ui dialogs and full automation (UserInfo disabled).

Also StrickedHostKeyChecking should be no, although it's unsafe. Setting it to "no" allows autoadding rsa-keys to local keys repository (e.g. ~/.ssh/known_hosts).

Finally resulted in a code:

try {
  JSch jsch = new JSch();

  jsch.setKnownHosts("~/.ssh/known_hosts");

  Session session = jsch.getSession(
    "my_login",
    "my.host",
    22);

  session.setPassword(
    "password");

  // Autoadd system rsa-keys to system file like known_hosts by
  // disabling strick keys checking:
  java.util.Properties config = new java.util.Properties();
  config.put(
    "StrictHostKeyChecking",
    "no");
  session.setConfig(config);

  session.connect();

  Channel channel = session.openChannel("sftp");
  channel.connect();
  ChannelSftp sftpChannel = (ChannelSftp) channel;

  System.out.println(
        sftpChannel.ls("/"));

  session.disconnect();
} catch (Exception e) {
  System.out.println(e);
}

These articles helped:

Original example on KnownHosts

Adding rsa to known_hosts

Unknown hostkey management

Zon
  • 18,610
  • 7
  • 91
  • 99
0

On windows I found the directory for known hosts at:

C:\users\myusername.ssh\

But there was no known_hosts file constructed my own by logging into the server I was trying to connect to via putty and using the command:

ssh-keyscan -t rsa localhost

Then got this back: localhost ssh-rsa REALLYLONGSTRINGHERE Right click on putty's top toolbar, and select copy all. Then paste that into a text editor and edit so it looks like this:

serverip ssh-rsa REALLYLONGSTRINGHERE

Save that as C:\users\myusername.ssh\known_hosts

Then add this line in your java code:

jsch.setKnownHosts("C:/users/myusername/.ssh/known_hosts");