I am trying to use Jsch Sftp Channel to upload a file to an IBM Mainframe, and the directory has to be "//", where the mainframe will automatically route the file where it needs to go.
In an sftp command session on the IBM mainframe, I can do this:
sftp myuser#1.2.3.4
connecting to 1.2.3.4...
myuser#1.2.3.4's password:
sftp> pwd
Remote working directory: /users/home/myuser
sftp> cd //
sftp> pwd
Remote working directory: //
sftp> put "#12345.abcdef.xxx.xxx"
uploading #12345.abcdef.xxx.xxx to //#12345.abcdef.xxx.xxx
#12345.abcdef.xxx.xxx 100% 403 0.4KB/s 00:00
So I created a JSch sftp session (version 0.1.5.1) to attempt the same upload, but it does not work:
JSch jsch = new JSch();
Session session = jsch.getSession("myuser", "1.2.3.4");
session.setPassword("mypass");
session.connect();
Channel channel = session.openChannel("sftp");
channel.connect();
ChannelSftp sftp = (ChannelSftp)channel;
log.info(" user home pwd " + sftp.pwd()); //prints /users/home/myuser
sftp.cd("//")
log.info(" pwd after cd " + sftp.pwd()); //only prints /
sftp.put(filename); //get sftp error, no such file
So I cannot get to that // structure through the JSch library. Is there a certain mode or flag that needs to be set for the sftp session to know it's on a mainframe?
I have no issue at all doing a JSch sftp session to my /users/home/myuser directory, just can't get it to go to the //
I had a similar issue with pseudofolder "//".
Avoid this sftp.cd("//") and better try this sftp.put("/-/"+filename); instead, that solved my problem. Hopefully will help you as well.
Try it without calling ChannelSftp.cd():
ChannelSftp sftp = (ChannelSftp)channel;
sftp.put("//" + filename); // Put to //#12345.abcdef.xxx.xxx
The SFTP protocol doesn't actually have a chdir-type operation. At the protocol level, pathnames which don't start with "/" are always interpreted relative to the directory where the SFTP session started. There's no protocol command to change that starting directory.
SFTP clients, including Jsch, emulate chdir-like behavior client-side. When you call ChannelSftp.cd(), Jsch stores the new remote directory locally. When you later call put() or get(), and give a pathname that doesn't start with "/", Jsch prepends the remote directory onto the filename and passes the altered name to the remote server.
I think what's happening to you is that Jsch's chdir emulation is being a little too clever. When you call cd("//"), it's collapsing the "//" into a single "/" and storing that. Then you call put() for a relative pathname, it's prepending the single "/" instead of the double "//" that you want.
Based on inspecting the Jsch source code, it looks like Jsch never alters remote names that start with "/". If you call put("//somefile"), Jsch should use the name you specified as-is.
Related
Hi I am trying to figure out how to install .exe files to 5 server machine but I am having trouble trying to install silently on my own machine.
I have this command
Invoke-Command -ScriptBlock {Start-Process -FilePath \\xxx-STUDENT3-W7\Users\bkoo004\Documents\test\ccleaner402.exe \r}
but I can't find the setup.iss file in the Windows folder.
Also when I use this command
Invoke-Command -computername xxxxxxxxxxx.edu -ScriptBlock {start-process -filepath "\\xxx-S
TUDENT3-W7\Users\bkoo004\Documents\test\ccleaner402.exe" } -Credential $cred
It gives me an error saying that
This command cannot be executed due to the error: The network name cannot be found.
+ CategoryInfo : InvalidOperation: (:) [Start-Process], InvalidOperationException
+ FullyQualifiedErrorId : InvalidOperationException,Microsoft.PowerShell.Commands.StartProcessCommand
But I know that network name is right because when I run
Invoke-Command -computername xxxxxxxxxxx.edu -ScriptBlock {get-process } -Credential $cred
It returns the get-process of that server.
I figured that for not getting the setup.iss file it is because the program that i am trying to install doesn't use installshield but for the error trying to run start-process on my remote server I have no idea what it is.
Not sure if you are running into the double-hop problem on not, but it sounds like you are. So I though I'd give you a little more information about it. The Bob Loblaw version.
What is a server and what is a client? A server, it accepts things, is the computer you remote onto. A client, it gives things, is the computer you use to do the remoting. So in the command Invoke-Command -computername xxxxxxxxxxx.edu ..., "xxxxxxxxxxx.edu" is the server.
From your description, it looks like you already ran the command Enable-PSRemoting on your server. With remoting enabled on the server you should be able to do Enter-PSSession -ComputerName xxxxxxxxxxx.edu and have an interactive command prompt on the client.
If you enter a remote session and do Get-ChildItem "\\ComputerName\Share" the command is going to fail (it fails for safety reasons). That's the double-hop, because you're going from one computer to another. The network share is another computer. So you're going like this:
Client -> Server -> Network Share
Hippity-Hoppity
You need to setup more "things" to fix the double-hop. First on your server(s) you need to run the command Enable-WSManCredSSP Server so it will accept credentials from clients. Second on your client(s) you need to run the command Enable-WSManCred -Role Client -DelegateComputer * so it gives out your credential to servers.
Now with CredSSP configured to give and accept credentials, you should have resolved the doulbe-hop.
Enter-PSSession -ComputerName Computer1 -Authentication Credssp -Credential (Get-Credential)
Now you should be able to get to your network shares from the remote session Get-ChildItem "\\ComputerName\Share".
Hope this helps you out a bit.
P.S. There is always money in the banana stand.
I am trying to connect to a SFTP remote server using JSCH library version 0.1.49. Every time I run the program I receive the following error :
Initializing...
Connection to SFTP server is successfully
com.jcraft.jsch.JSchException: Unable to connect to SFTP server.com.jcraft.jsch.JSchException: failed to send channel request
at shell.MainClass.JschConnect(MainClass.java:95)
at shell.MainClass.main(MainClass.java:30)
line 30 is : sftpChannel.connect() from the code below :
System.out.println("Initializing...");
JSch jsch = new JSch();
Session session = null;
try {
session = jsch.getSession(ProjectConstants.rmUsername,ProjectConstants.rmHost, 22);
session.setPassword(ProjectConstants.rmPassword);
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
session.setConfig(config);
session.connect();
if (session.isConnected() == true) {
System.out.println("Connection to SFTP server is successfully");
}
ChannelSftp sftpChannel = (ChannelSftp) session.openChannel("sftp");
try {
sftpChannel.connect();
} catch (Exception e) {
throw new JSchException("Unable to connect to SFTP server. "
+ e.toString());
}
the credentials I am using are correct ( it connects through FileZilla using the same data ), and I also disabled the proxy for that server ( either way I get the same error with or without proxy )
If anyone could help me I would greatly appreciate it as I am stuck with this error for about a week now ...
Thank you.
Check if SFTP server is started and running.
I had encountered the same issue - I was not able to open SFTP channel to my server, but I could connect with WinSCP. It took me some time to notice that WinSCP would fallback to SCP hence confusing me. Starting the server solved this issue.
Check Subsystem sftp /usr/lib/openssh/sftp-server in /etc/ssh/sshd_config
In /etc/ssh/sshd_config I changed:
Subsystem sftp /usr/lib/openssh/sftp-server
to:
Subsystem sftp internal-sftp
It helps.
I used this code from the command prompt on a windows box (linux machine is at work):
ftp -u ftp://cran.R-project.org/incoming/ qdap_0.1.0.tar.gz
I used the info from:
https://github.com/hadley/devtools/wiki/Release
http://cran.r-project.org/doc/manuals/R-exts.html#Submitting-a-package-to-CRAN
I expected to see it show up here: ftp://cran.r-project.org/incoming/ but I do not see it.
Am I just being impatient or did my package not upload? Here is the command line output:
C:\Users\trinker\GitHub>ftp -u ftp://cran.R-project.org/incoming/ qdap_0.1.0.tar
.gz
Transfers files to and from a computer running an FTP server service
(sometimes called a daemon). Ftp can be used interactively.
FTP [-v] [-d] [-i] [-n] [-g] [-s:filename] [-a] [-A] [-x:sendbuffer] [-r:recvbuf
fer] [-b:asyncbuffers] [-w:windowsize] [host]
-v Suppresses display of remote server responses.
-n Suppresses auto-login upon initial connection.
-i Turns off interactive prompting during multiple file
transfers.
-d Enables debugging.
-g Disables filename globbing (see GLOB command).
-s:filename Specifies a text file containing FTP commands; the
commands will automatically run after FTP starts.
-a Use any local interface when binding data connection.
-A login as anonymous.
-x:send sockbuf Overrides the default SO_SNDBUF size of 8192.
-r:recv sockbuf Overrides the default SO_RCVBUF size of 8192.
-b:async count Overrides the default async count of 3
-w:windowsize Overrides the default transfer buffer size of 65535.
host Specifies the host name or IP address of the remote
host to connect to.
Notes:
- mget and mput commands take y/n/q for yes/no/quit.
- Use Control-C to abort commands.
(This was previously a comment and is being transferred to an answer here.)
Make sure you are not looking at a page cached earlier by your browser.
To perform the actual upload you might want to try the free cross platform FileZilla FTP software. You can upload and concurrently view the contents of the source directory on your machine (in the left pane) and the target directory on CRAN (in the right pane) and view a log of what is happening in the top pane and a progress indicator in the bottom pane. It also has a site manager to store the sites you upload to so you don't need to keep typing in their URL each time you do an upload.
How can we verify that SFTP access has been granted on a server, without installing any software/tools?
Most servers have curl and scp installed, which you can use to log into an SFTP server. To test if your credentials work using curl, you could do this:
$ curl -u username sftp://example.org/
Enter host password for user 'username':
Enter your password and if it works you'll get a listing of files (like ls -al), if it doesn't work you'll get an error like this:
curl: (67) Authentication failure
You could also try using scp:
$ scp username#example.org:testing .
Password:
scp: testing: No such file or directory
This verifies that you that you were able to log in, but it couldn't find the testing file. If you weren't able to log in you'd get a message like this:
Permission denied, please try again.
Received disconnect from example.org: 2: ...error message...
One of the many ways to check for SFTP access using password based authentication:
sftp username#serverName
or
sftp username#serverIP
And then entering password.
You will get "Permission denied, please try again." message if it fails otherwise you will be allowed inside the server with screen-
sftp>
You can test it fully works with commands like ls, mkdir etc.
Try logging in.
Not being snarky -- that really is probably the simplest way. By 'verify[ing] that SFTP access has been granted," what you're really doing is checking is a particular l/p pair is recognized by the server.
Alternatively, other than doing the "sftp -v" command mentioned above, you can always cat the SSH/SFTP logs stored on any server running sshd and direct them to a file for viewing.
A command set like the following would work, where 1.1.1 would be the /24 of the block you are trying to search.
cd /var/log/
cat secure.4 secure.3 secure.2 secure.1 secure |grep sshd| grep -v 1.1.1> /tmp/secure.sshd.txt
gzip -9 /tmp/secure.sshd.txt
G'day,
What about telnet on to port 115 (if we're talking Simple FTP) and see what happens when you connect. If you don't get refused try sending a USER command, then a PASS command, and then a QUIT command.
HTH
cheers,
In SFTP , the authentication can be of following types :
1. Password based authetication
2. Key based authentication
But if u r going for key based authentication then u have to prepare setup according to that and
proceed the login procedure.If the key based authentication fails it automatically asks for password means it automatically switches to password based mode. By the way if u want to verify u can use this on linux :
"ssh -v user#IP "
It will show u all the debug messages , and if the authentication is passed u will be logged in otherwise u will get "Permission denied". Hope this will help u.
I have a server where I store data from Mac A and Mac B.
I use rsync to keep the files updated between my Macs.
I run the following code unsuccessfully
#!/bin/zsh
# to copy files from my server to my folder
rsync -Pav $Masi:~/private/ ~/Dropbox/Courses/math/
# to copy files from my folder to my server
rsync -Pav ~/Dropbox/Courses/math $Masi:~/private/
I get the following error message
ssh: connect to host port 22: Connection refused
rsync: connection unexpectedly closed (0 bytes received so far) [receiver]
rsync error: unexplained error (code 255) at io.c(600) [receiver=3.0.5]
ssh: connect to host port 22: Connection refused
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: unexplained error (code 255) at io.c(600) [sender=3.0.5]
I have ssh keys in place so the connection should work, since I can use scp without problems.
How can you use rsync between my server and one of my Macs?
I used to do a lot of this. Just ran a test, a few suggestions.
Spell out your entire user#host pattern
Run the ssh connection sans the rsync first, you may need to first approve your fingerprint
You do not seem to pass a flag to protect extended attributes, this can yield broken files on OS X. If you do not need resource forks, you are OK, but most of the time you do need them.
My test case:
$ rsync -Pav ~/Desktop/ me#remote.example.com:~/rsyc-test
In that case, all the files within ~/Desktop were copied to the remote host, in my home dir. Since the directory 'rsyc-test' did not exist, it was made for me. I had a .app on my Desktop, it made it over, surprisingly, it works. Even some .webloc files made it and appear to work, though I do not trust it.
I would strongly suggest adding in the -E flag
-E, --extended-attributes
Apple specific option to copy extended attributes, resource
forks, and ACLs. Requires at least Mac OS X 10.4 or suitably
patched rsync.
I ran a new test, moved a Interarchy bookmark to my desktop, I know for a fact these break if they are copied sans resource forks. Running without the -E versus with the -E, there is a difference of 152 bytes in xfered data. The first file on the remote machine did not work, the second transfered file did work.
I can not help but notice in your example one of your paths is ~/Dropbox so this may all not matter, since DropBox, the app, does not at all support resource forks currently, though I hear there are plans to in the future.
You also are not sending in the --delete flag, if your end goal is a mirror of your data, you are not getting that, if your end goal is backups that continually grows, keeping everything that was ever on the source, the lack of --delete is good.
Other notes:
You can exclude those silly .DS_Store files
--exclude '.DS_Store'
You can also set rsync up in a way to be a true mirror, so you would not need to run your other command, see the man page for details.
My final working command to shove the Desktop of my laptop to a remote machine:
$ rsync -PEav --delete --exclude '.DS_Store' ~/Desktop/ me#remote.example.com:~/rsycn-test
Check "$Masi". Is that the hostname you are trying to reach?
Try the following command to debug it:
rsync -e 'ssh -v' -Pav $Masi:~/private/ ~/Dropbox/Courses/math/
The Connection refused usually happens when there is a connection issue to the remote (e.g. firewall).
In your case the problem is that $Masi variable is empty. If it's not variable, use Masi.
As per this error:
ssh: connect to host port 22: Connection refused
Notice the double space above after the host word.
the connect to host message doesn't say to which host, so you're trying to connect to empty host. So it sound like a typo in the host name.