Skip to main content


Eclipse Community Forums

      Home
Home » Eclipse Projects » EGit / JGit » Unable to create SshSessionFactory on versions > 5 JGit(I tried to make a git clone with JGit through ssh but I am not able to creat a SshSessionFactory )
Unable to create SshSessionFactory on versions > 5 JGit [message #1838151] Wed, 17 February 2021 09:30 Go to next message
Eclipse UserFriend
Hello everybody,

I want to make a git clone through ssh with JGit but I am not able to create a SshSession because I don't know how to initialize.

I tried to get SshSessionFactory.getInstance() but this return null and the SshTransport.setSshSessionFactory() failed with null.

Currently I am using JGit 5.10.0.202012080955-r and I know that for other version older than <= 4 there is a way to initialize SshSessionFactory with JschConfigSessionFactory but in latest versions this class is removed.

I still struggle to find a way / detailed documentation on their website but I didn't.

Could you please someone help me with an example?

Best regards,
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838154 is a reply to message #1838151] Wed, 17 February 2021 11:26 Go to previous messageGo to next message
Eclipse UserFriend
Install org.eclipse.jgit.ssh.jsch or org.eclipse.jgit.ssh.apache (plus dependencies).
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838158 is a reply to message #1838151] Wed, 17 February 2021 14:20 Go to previous messageGo to next message
Eclipse UserFriend
JschConfigSessionFactory moved to org.eclipse.jgit.ssh.jsch and is deprecated and will be removed in a future version. Instead use org.eclipse.jgit.ssh.apache.

Here is an example how this is used in org.eclipse.jgit.pgm:

https://git.eclipse.org/r/plugins/gitiles/jgit/jgit/+/refs/heads/master/org.eclipse.jgit.pgm/src/org/eclipse/jgit/pgm/TextBuiltin.java#206
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838245 is a reply to message #1838158] Fri, 19 February 2021 07:33 Go to previous messageGo to next message
Eclipse UserFriend
Thank you very much for your answer and now with this implementation for TransportConfigCallback:
private static class SshTransportConfigCallback implements TransportConfigCallback {

private final SshSessionFactory sshSessionFactory = new JschConfigSessionFactory() {
@Override
protected void configure(OpenSshConfig.Host hc, Session session) {
session.setConfig("StrictHostKeyChecking", "no");
session.setConfig(
"PreferredAuthentications",
"publickey,keyboard-interactive,password");
}

@Override
protected JSch createDefaultJSch(FS fs) throws JSchException {
JSch jSch = super.createDefaultJSch(fs);
jSch.addIdentity("id_rsa");
return jSch;
}
};

@Override
public void configure(Transport transport) {
SshTransport sshTransport = (SshTransport) transport;
sshTransport.setSshSessionFactory(sshSessionFactory);
}
}

I received this error:


Caused by: java.lang.NullPointerException
at java.base/java.util.Hashtable.put(Hashtable.java:475)
at com.jcraft.jsch.JSch.setConfig(JSch.java:601)
at org.eclipse.jgit.transport.JschConfigSessionFactory.createDefaultJSch(JschConfigSessionFactory.java:401)
at com.tora.portal.client.git.GitControl$SshTransportConfigCallback$1.createDefaultJSch(GitControl.java:112)
at org.eclipse.jgit.transport.JschConfigSessionFactory.getJSch(JschConfigSessionFactory.java:361)
at org.eclipse.jgit.transport.JschConfigSessionFactory.createSession(JschConfigSessionFactory.java:317)
at org.eclipse.jgit.transport.JschConfigSessionFactory.createSession(JschConfigSessionFactory.java:184)
at org.eclipse.jgit.transport.JschConfigSessionFactory.getSession(JschConfigSessionFactory.java:108)
at org.eclipse.jgit.transport.SshTransport.getSession(SshTransport.java:107)
at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:254)
... 9 more

[Updated on: Fri, 19 February 2021 07:33] by Moderator

Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838256 is a reply to message #1838245] Fri, 19 February 2021 10:40 Go to previous messageGo to next message
Eclipse UserFriend
You'll have to debug this yourself. The line number is already strange; in jsch 0.1.55 or 0.1.54 there is no line number 601 in JSch.java; the file has only 591 lines in 0.1.55.
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838260 is a reply to message #1838256] Fri, 19 February 2021 12:23 Go to previous messageGo to next message
Eclipse UserFriend
That is true :)
I overwrite the library jsch 0.1.55 with the new one com.github.mwiede:jsch:0.1.61.
With the library jsch v0.1.55 i received this error:
invalid privatekey: [B@231f98ef

For the version com.github.mwiede:jsch:0.1.61 the problem is there is not a key configured for these: signature.rsa, signature.dss (In the v0.1.55 there is set a value for that keys)

Best regards,
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838263 is a reply to message #1838260] Fri, 19 February 2021 14:30 Go to previous messageGo to next message
Eclipse UserFriend
In that case, report an issue at GitHub. Note that JGit will drop support for JSch eventually, and it is very unlikely that anyone contributing to JGit has any inclination to change code to cater to unofficial forks of JSch. Even if the people working on that particular fork seem to know what they're doing :-)
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838294 is a reply to message #1838263] Sat, 20 February 2021 12:20 Go to previous messageGo to next message
Eclipse UserFriend
Ok, I see.
What can I do to work on the official version of Jsch, because as I said with Jsch version 0.1.55 I received this error: [b]invalid privatekey: [B@231f98ef[/b]
That is why I searched for a solution on the internet and that is what I found :)

Best regards,

[Updated on: Sat, 20 February 2021 12:21] by Moderator

Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838302 is a reply to message #1838294] Sun, 21 February 2021 16:10 Go to previous messageGo to next message
Eclipse UserFriend
JGit 0.1.55 cannot read key files created by modern openSSH, and it cannot read ed25519 keys. If it's the first, convert keys to the older openSSH format. If it's the latter, you're out of luck.

Or switch to using org.eclipse.jgit.ssh.apache and Apache MINA sshd. It can do both; and it's the library that JGit will continue to support using.
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838336 is a reply to message #1838302] Mon, 22 February 2021 09:53 Go to previous messageGo to next message
Eclipse UserFriend
Thank you very much Thomas, I really appreciate :). It's working with the library org.eclipse.jgit.ssh.apache (only this gradle dependencies implementation group: 'org.eclipse.jgit', name: 'org.eclipse.jgit.ssh.apache', version: '5.10.0.202012080955-r')

Now I have another question (compare with the JschConfigSessionFactory). With the JschConfigSessionFactory we can overwrite some ssh configuration like: ssh key path, StrictHostKeyChecking, skip kerberose auth and others...
Is it possible to overwrite the same configs?

Best regards,
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838353 is a reply to message #1838336] Mon, 22 February 2021 16:14 Go to previous messageGo to next message
Eclipse UserFriend
Yes, it is. Take a look at the SshdSessionFactoryBuilder. It has a number of hooks you can use. Skipping GSSAPI (Kerberos) would be setPreferredAuthentications("publickey,keyboard-interactive,password"). StrictHostKeyChecking can be changed for instance by adding a ServerKeyDatabase via setServerKeyDatabase(). For instance one that always returns true in its accept() method to switch off host key checking altogether. Setting a particular ssh key could be done for instance by switching off handling of ~/.ssh/config (setConfigStoreFactory((h, f, u) -> null)) and defining the key to use via setDefaultIdentities().

Or you could work with a custom ConfigStoreFactory installed via setConfigStoreFactory(), which could return a SshConfigStore that returned a HostEntry with StrictHostKeyChecking=no and IdentityFile=<whatever> and PreferredAuthentications=...

There are really multiple ways to customize this. You may find some of the tests in bundle org.eclipse.jgit.ssh.apache.test interesting, in particular, there are two tests that show how to configure this so that it doesn't use any on-disk files and a pre-defined key.

BTW: depending on what your application does or how it is structured, it may not be necessary to create a new SshSessionFactory in a TransportConfigCallback on each git command. Maybe it is sufficient to just define the SshSessionFactory once and then set it globally via SshSessionFactory.setInstance(). That is what EGit does. Might be possible in your case, too. With a custom ConfigStoreFactory you should be able to configure individual connections as if the config was done in a ~/.ssh/config file, but without actually using such a file, and without having to create new session factories all the time.
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838371 is a reply to message #1838353] Tue, 23 February 2021 08:49 Go to previous messageGo to next message
Eclipse UserFriend
Thank you very very much Thomas.
Your information are very useful and valuable, that is what I want.
Also regarding the last part, I think it will be a good idea to use that, to create a single instance of SshSessionFactory and to set it globally.

Best regards,
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1838865 is a reply to message #1838371] Sun, 07 March 2021 06:48 Go to previous messageGo to next message
Eclipse UserFriend
I just stumbled upon this: updated to 5.10.0.202012080955-r (from the much older 5.1.2.201810061102-r), and suddenly my cloning code from github ceased to work, with the following stack trace (omitting the junit related part).

org.eclipse.jgit.api.errors.TransportException: ssh://git@github.com/oliviercailloux/testrel.git: remote hung up unexpectedly
	at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:222)
	at org.eclipse.jgit.api.CloneCommand.fetch(CloneCommand.java:302)
	at org.eclipse.jgit.api.CloneCommand.call(CloneCommand.java:178)
	at io.github.oliviercailloux.git.GitClonerTests.testSimpleClone(GitClonerTests.java:207)
Caused by: org.eclipse.jgit.errors.TransportException: ssh://git@github.com/oliviercailloux/testrel.git: remote hung up unexpectedly
	at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:270)
	at org.eclipse.jgit.transport.TransportGitSsh.openFetch(TransportGitSsh.java:144)
	at org.eclipse.jgit.transport.FetchProcess.executeImp(FetchProcess.java:105)
	at org.eclipse.jgit.transport.FetchProcess.execute(FetchProcess.java:91)
	at org.eclipse.jgit.transport.Transport.fetch(Transport.java:1260)
	at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:211)
	... 70 more
Caused by: java.lang.NullPointerException
	at org.eclipse.jgit.transport.SshTransport.getSession(SshTransport.java:107)
	at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:254)
	... 75 more


Indeed, adding this dependency solved the problem.

<dependency>
	<groupId>org.eclipse.jgit</groupId>
	<artifactId>org.eclipse.jgit.ssh.apache</artifactId>
	<version>5.10.0.202012080955-r</version>
</dependency>


It took me a while to find this solution, though. Would you perhaps consider clarifying the error message, so that people know that they miss a dependency?
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1839073 is a reply to message #1838865] Fri, 12 March 2021 08:15 Go to previous messageGo to next message
Eclipse UserFriend
Olivier: please don't hijack a thread with a different topic but create a new one instead
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1839082 is a reply to message #1839073] Fri, 12 March 2021 11:00 Go to previous messageGo to next message
Eclipse UserFriend
Well, it very much seems to me to be exactly the same topic.
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1839283 is a reply to message #1839082] Thu, 18 March 2021 13:17 Go to previous messageGo to next message
Eclipse UserFriend
my bad I only looked at the NPE stack trace
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1839791 is a reply to message #1838353] Mon, 29 March 2021 04:26 Go to previous messageGo to next message
Eclipse UserFriend
Thomas Wolf wrote on Mon, 22 February 2021 21:14
Yes, it is. Take a look at the SshdSessionFactoryBuilder. It has a number of hooks you can use. Skipping GSSAPI (Kerberos) would be setPreferredAuthentications("publickey,keyboard-interactive,password"). StrictHostKeyChecking can be changed for instance by adding a ServerKeyDatabase via setServerKeyDatabase(). For instance one that always returns true in its accept() method to switch off host key checking altogether. Setting a particular ssh key could be done for instance by switching off handling of ~/.ssh/config (setConfigStoreFactory((h, f, u) -> null)) and defining the key to use via setDefaultIdentities().

Or you could work with a custom ConfigStoreFactory installed via setConfigStoreFactory(), which could return a SshConfigStore that returned a HostEntry with StrictHostKeyChecking=no and IdentityFile=<whatever> and PreferredAuthentications=...

There are really multiple ways to customize this. You may find some of the tests in bundle org.eclipse.jgit.ssh.apache.test interesting, in particular, there are two tests that show how to configure this so that it doesn't use any on-disk files and a pre-defined key.

BTW: depending on what your application does or how it is structured, it may not be necessary to create a new SshSessionFactory in a TransportConfigCallback on each git command. Maybe it is sufficient to just define the SshSessionFactory once and then set it globally via SshSessionFactory.setInstance(). That is what EGit does. Might be possible in your case, too. With a custom ConfigStoreFactory you should be able to configure individual connections as if the config was done in a ~/.ssh/config file, but without actually using such a file, and without having to create new session factories all the time.


Something is un clear for me....
After I did these changes:

SshdSessionFactoryBuilder sshdSessionFactoryBuilder = new SshdSessionFactoryBuilder();
sshdSessionFactoryBuilder.setPreferredAuthentications("publickey,keyboard-interactive,password");
sshdSessionFactoryBuilder.setHomeDirectory(FS.detect().userHome());
sshdSessionFactoryBuilder.setSshDirectory(FS.detect().userHome());
SshSessionFactory.setInstance(sshdSessionFactoryBuilder.build(new JGitKeyCache()));


I receive this error:
Caused by: org.apache.sshd.common.SshException: Server key did not validate
at org.eclipse.jgit.internal.transport.sshd.JGitClientSession.checkKeys(JGitClientSession.java:344)
at org.apache.sshd.common.session.helpers.AbstractSession.handleKexMessage(AbstractSession.java:578)
at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:464)

Without the previous changes (I have only this line: SshSessionFactory.setInstance(new SshdSessionFactory()); ) I receive this warning:

2021-03-29 11:22:57.463 INFO --- [scheduling-1] o.a.s.c.u.s.e.EdDSASecurityProviderRegistrar - getOrCreateProvider(EdDSA) created instance of net.i2p.crypto.eddsa.EdDSASecurityProvider
2021-03-29 11:22:57.611 INFO --- [scheduling-1] o.a.s.c.i.DefaultIoServiceFactoryFactory - No detected/configured IoServiceFactoryFactory using Nio2ServiceFactoryFactory
2021-03-29 11:23:04.835 WARN --- [sshd-JGitSshClient[656b5146]-nio2-thread-1] o.e.j.i.t.s.GssApiWithMicAuthentication - GSS-API error for mechanism OID 1.2.840.113554.1.2.2
org.ietf.jgss.GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)
at java.security.jgss/sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential.java:162)
at java.security.jgss/sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:126)
at java.security.jgss/sun.security.jgss.krb5.Krb5MechFactory.getMechanismContext(Krb5MechFactory.java:193)
at java.security.jgss/sun.security.jgss.GSSManagerImpl.getMechanismContext(GSSManagerImpl.java:218)
at java.security.jgss/sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:230)
at java.security.jgss/sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:196)
at org.eclipse.jgit.internal.transport.sshd.GssApiWithMicAuthentication.sendToken(GssApiWithMicAuthentication.java:183)

To be frankly I don't know how exactly does it work for the second scenario (which ssh key use for pull and push).
Also for the first scenario the format of the key is invalid? What is the supported ssh key? How I can generat to be a valid one?
Re: Unable to create SshSessionFactory on versions > 5 JGit [message #1839835 is a reply to message #1839791] Mon, 29 March 2021 14:46 Go to previous message
Eclipse UserFriend
I managed to fix the error but, I want to see what is your approach.

Best regards,
Previous Topic:Algorithm negotiation fail with version 4.11
Next Topic:Warning message in JGit for pull and push
Goto Forum:
  


Current Time: Thu Jul 24 12:50:20 EDT 2025

Powered by FUDForum. Page generated in 0.07308 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly