This week's book giveaway is in the Big Data forum.
We're giving away four copies of Elasticsearch in Action and have Radu Gheorghe & Matthew Lee Hinman on-line!
See this thread for details.
The moose likes Other JSE/JEE APIs and the fly likes JSch issue : com.jcraft.jsch.JSchException: Auth fail Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Elasticsearch in Action this week in the Big Data forum!
JavaRanch » Java Forums » Java » Other JSE/JEE APIs
Bookmark "JSch issue : com.jcraft.jsch.JSchException: Auth fail" Watch "JSch issue : com.jcraft.jsch.JSchException: Auth fail" New topic

JSch issue : com.jcraft.jsch.JSchException: Auth fail

Lalit Pawar

Joined: Jul 08, 2013
Posts: 2

We are using JSch apis for SFTP access.
In our current project we want to differentiate between normal login failure due to invalid credentials and login failure due to account has been locked.
Can someone suggest how to do ? Below is our code snippet

public Session getSFTPSession(String userID, String password, int port,
String hostIP) throws IBPPException {"In getFtpSession");
JSch jsch = new JSch();
Session sftpSession = null;

try {
sftpSession = jsch.getSession(userID, hostIP, port);"sftpSession" + sftpSession);
Properties config = new Properties();
config.put("StrictHostKeyChecking", "no");
sftpSession.setTimeout(10 * 60 * 1000);
sftpSession.connect();"SFT connection open");

} catch (JSchException jsche) {"Error creating SFTP session. Exception is "
+ jsche.getMessage());

throw new BusinessException(ExceptionConstants.INVALID_LOGON,
CLASS_NAME, "getSFTPSession");
return sftpSession;

K. Tsang

Joined: Sep 13, 2007
Posts: 2730

Welcome to the Ranch

Well when you try to connect with a locked user id, will the JSchException message different from a wrong password login? If so catch that message and throw your specific exception.

Or a better approach, do the user authentication with a separate POJO against the database or something.

Lalit Pawar

Joined: Jul 08, 2013
Posts: 2
We are getting same message i.e. com.jcraft.jsch.JSchException: Auth fail

So we are not sure how to differentiate that message. We are using version jsch-0.1.42.jar
Richard Tookey

Joined: Aug 27, 2012
Posts: 1129

Lalit Pawar wrote:
So we are not sure how to differentiate that message.

It's over a year since I last looked at this but I don't think you can with any SSH client! Authentication is governed by and a failure to authenticate produces a return of SSH_MSG_USERAUTH_FAILURE regardless of the failure mode. I don't remember there being any field in the failure message to detail the reason.

In any authentication system it is advisable not to give a reason for a failure to authenticate since it could provide information to an attacker.

P.S. I'm not keen on your use of " config.put("StrictHostKeyChecking", "no")" since it weakens the mutual authentication.
It is sorta covered in the JavaRanch Style Guide.
subject: JSch issue : com.jcraft.jsch.JSchException: Auth fail