使用 ppk 使用 sshj 执行 ssh 时出现 InvalidKeySpecException
InvalidKeySpecException while doing ssh with sshj using ppk
我正在尝试使用 sshj java 库通过 ssh 连接到带有 ppk 文件的 ec2 redhat 实例,我收到 InvalidKeySpecException 。因为我能够成功地通过 ssh 连接到具有相同 ppk 的其他机器。
我想我在 ec2 实例中缺少一些配置,我们将不胜感激。
注意:我可以通过 putty 对有问题的机器执行 ssh。
下面是我在应用程序中获得的堆栈跟踪:
net.schmizz.sshj.transport.TransportException: java.security.spec.InvalidKeySpecException: key spec not recognised
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:33)
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:27)
at net.schmizz.concurrent.Promise.deliverError(Promise.java:95)
at net.schmizz.concurrent.Event.deliverError(Event.java:74)
at net.schmizz.concurrent.ErrorDeliveryUtil.alertEvents(ErrorDeliveryUtil.java:34)
at net.schmizz.sshj.transport.KeyExchanger.notifyError(KeyExchanger.java:386)
at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:600)
at net.schmizz.sshj.transport.Reader.run(Reader.java:67)
Caused by: net.schmizz.sshj.common.SSHException: java.security.spec.InvalidKeySpecException: key spec not recognised
at net.schmizz.sshj.common.SSHException.chain(SSHException.java:36)
at net.schmizz.sshj.common.SSHException.chain(SSHException.java:29)
at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:595)
... 1 common frames omitted
Caused by: net.schmizz.sshj.common.SSHRuntimeException: java.security.spec.InvalidKeySpecException: key spec not recognised
at net.schmizz.sshj.common.Buffer.readPublicKey(Buffer.java:466)
at net.schmizz.sshj.transport.kex.AbstractDHG.next(AbstractDHG.java:66)
at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:358)
at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:503)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:102)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:170)
at net.schmizz.sshj.transport.Reader.run(Reader.java:59)
Caused by: java.security.GeneralSecurityException: java.security.spec.InvalidKeySpecException: key spec not recognised
at net.schmizz.sshj.common.ECDSAVariationsAdapter.readPubKeyFromBuffer(ECDSAVariationsAdapter.java:92)
at net.schmizz.sshj.common.KeyType.readPubKeyFromBuffer(KeyType.java:113)
at net.schmizz.sshj.common.Buffer.readPublicKey(Buffer.java:464)
... 6 common frames omitted
Caused by: java.security.spec.InvalidKeySpecException: key spec not recognised
at org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi.engineGeneratePublic(Unknown Source)
at org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi.engineGeneratePublic(Unknown Source)
at java.security.KeyFactory.generatePublic(KeyFactory.java:334)
at net.schmizz.sshj.common.ECDSAVariationsAdapter.readPubKeyFromBuffer(ECDSAVariationsAdapter.java:90)
... 8 common frames omitted
ppk文件是Putty私钥文件,与SSHJ支持的OpenSSH格式不兼容。您可以使用以下命令转换 ppk 文件以供 SSHJ 使用:puttygen <keyfile>.ppk -O private-openssh -o <outfile>
这个非常棘手,sshj 库使用 ssh-rsa 算法。
所以我们需要在ec2实例中添加ssh-rsa算法。
步骤:
- 编辑文件/etc/ssh/sshd_config。
- 添加条目 HostKeyAlgorithms ssh-rsa
之后就开始工作了。
我正在尝试使用 sshj java 库通过 ssh 连接到带有 ppk 文件的 ec2 redhat 实例,我收到 InvalidKeySpecException 。因为我能够成功地通过 ssh 连接到具有相同 ppk 的其他机器。 我想我在 ec2 实例中缺少一些配置,我们将不胜感激。
注意:我可以通过 putty 对有问题的机器执行 ssh。
下面是我在应用程序中获得的堆栈跟踪:
net.schmizz.sshj.transport.TransportException: java.security.spec.InvalidKeySpecException: key spec not recognised
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:33)
at net.schmizz.sshj.transport.TransportException.chain(TransportException.java:27)
at net.schmizz.concurrent.Promise.deliverError(Promise.java:95)
at net.schmizz.concurrent.Event.deliverError(Event.java:74)
at net.schmizz.concurrent.ErrorDeliveryUtil.alertEvents(ErrorDeliveryUtil.java:34)
at net.schmizz.sshj.transport.KeyExchanger.notifyError(KeyExchanger.java:386)
at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:600)
at net.schmizz.sshj.transport.Reader.run(Reader.java:67)
Caused by: net.schmizz.sshj.common.SSHException: java.security.spec.InvalidKeySpecException: key spec not recognised
at net.schmizz.sshj.common.SSHException.chain(SSHException.java:36)
at net.schmizz.sshj.common.SSHException.chain(SSHException.java:29)
at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:595)
... 1 common frames omitted
Caused by: net.schmizz.sshj.common.SSHRuntimeException: java.security.spec.InvalidKeySpecException: key spec not recognised
at net.schmizz.sshj.common.Buffer.readPublicKey(Buffer.java:466)
at net.schmizz.sshj.transport.kex.AbstractDHG.next(AbstractDHG.java:66)
at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:358)
at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:503)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:102)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:170)
at net.schmizz.sshj.transport.Reader.run(Reader.java:59)
Caused by: java.security.GeneralSecurityException: java.security.spec.InvalidKeySpecException: key spec not recognised
at net.schmizz.sshj.common.ECDSAVariationsAdapter.readPubKeyFromBuffer(ECDSAVariationsAdapter.java:92)
at net.schmizz.sshj.common.KeyType.readPubKeyFromBuffer(KeyType.java:113)
at net.schmizz.sshj.common.Buffer.readPublicKey(Buffer.java:464)
... 6 common frames omitted
Caused by: java.security.spec.InvalidKeySpecException: key spec not recognised
at org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi.engineGeneratePublic(Unknown Source)
at org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi.engineGeneratePublic(Unknown Source)
at java.security.KeyFactory.generatePublic(KeyFactory.java:334)
at net.schmizz.sshj.common.ECDSAVariationsAdapter.readPubKeyFromBuffer(ECDSAVariationsAdapter.java:90)
... 8 common frames omitted
ppk文件是Putty私钥文件,与SSHJ支持的OpenSSH格式不兼容。您可以使用以下命令转换 ppk 文件以供 SSHJ 使用:puttygen <keyfile>.ppk -O private-openssh -o <outfile>
这个非常棘手,sshj 库使用 ssh-rsa 算法。 所以我们需要在ec2实例中添加ssh-rsa算法。 步骤:
- 编辑文件/etc/ssh/sshd_config。
- 添加条目 HostKeyAlgorithms ssh-rsa
之后就开始工作了。