我想使用JSch构建一个远程程序来远程控制CISCO设备。
但是我现在面临一个问题,无法使用session.connect()打开连接。
从日志中说我的RSA必须有512个长。但是我不知道该怎么做。我在网上找到了很多例子。但是我仍然找不到任何参考。有人可以帮我吗?
下面是我的代码
public static boolean registerKeyPair(JSch jSch) {
new File("c:\\hehe" + "/.ssh").mkdirs();
File privateKey = new File("c:\\hehe" + "/.ssh/id_rsa");
File publicKey = new File("c:\\hehe" + "/.ssh/id_rsa.pub");
if (!privateKey.exists() || !publicKey.exists()) {
try {
KeyPair keyPair = KeyPair.genKeyPair(jSch, KeyPair.RSA,512);
//KeyPair.
keyPair.writePrivateKey(privateKey.getAbsolutePath());
keyPair.writePublicKey(publicKey.getAbsolutePath(), "hehekey");
return true;
} catch (JSchException e) {
System.out.println("genKeyPair(RSA)");
e.printStackTrace();
} catch (FileNotFoundException e) {
System.out.println("genKeyPair(RSA)");
e.printStackTrace();
} catch (IOException e) {
System.out.println("genKeyPair(RSA)");
e.printStackTrace();
}
return false;
}
try {
jSch.addIdentity(privateKey.getAbsolutePath());
return true;
} catch (JSchException e) {
System.out.println("jSch.addIdentity");
e.printStackTrace();
return false;
}
}
public static void test() {
JSch jsch = new JSch();
JSch.setLogger(new Logger() {
public boolean isEnabled(int i) {
return true;
}
public void log(int i, String s) {
System.out.println("Log(jsch," + i + "): " + s);
}});
registerKeyPair(jsch);
String privateKey = "c:\\hehe" + "/.ssh/id_rsa";
@SuppressWarnings("unused")
String publicKey = "c:\\hehe" + "/.ssh/id_rsa.pub";
try {
Session session = jsch.getSession("cisco", "10.20.30.129", 22);
jsch.addIdentity(privateKey,"cisco");
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
session.setConfig(config);
session.connect(30000);
System.out.println("A4");
ChannelShell channel = (ChannelShell) session.openChannel("shell");
System.out.println("A5");
System.out.println("A6");
channel.connect();
} catch (JSchException ex) {
System.out.println(ex.getMessage() + "\n");
ex.printStackTrace();
} catch (Exception e) {
}
}
控制台输出如下
Log(jsch,1): Connecting to 172.22.96.129 port 22
Log(jsch,1): Connection established
Log(jsch,1): Remote version string: SSH-2.0-Cisco-1.25
Log(jsch,1): Local version string: SSH-2.0-JSCH-0.1.47
Log(jsch,1): CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
Log(jsch,1): aes256-ctr is not available.
Log(jsch,1): aes192-ctr is not available.
Log(jsch,1): aes256-cbc is not available.
Log(jsch,1): aes192-cbc is not available.
Log(jsch,1): arcfour256 is not available.
Log(jsch,1): CheckKexes: diffie-hellman-group14-sha1
Log(jsch,1): diffie-hellman-group14-sha1 is not available.
Log(jsch,1): SSH_MSG_KEXINIT sent
Log(jsch,1): SSH_MSG_KEXINIT received
Log(jsch,1): kex: server: diffie-hellman-group1-sha1
Log(jsch,1): kex: server: ssh-rsa
Log(jsch,1): kex: server: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
Log(jsch,1): kex: server: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
Log(jsch,1): kex: server: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
Log(jsch,1): kex: server: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
Log(jsch,1): kex: server: none
Log(jsch,1): kex: server: none
Log(jsch,1): kex: server:
Log(jsch,1): kex: server:
Log(jsch,1): kex: client: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
Log(jsch,1): kex: client: ssh-rsa,ssh-dss
Log(jsch,1): kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
Log(jsch,1): kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
Log(jsch,1): kex: client: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
Log(jsch,1): kex: client: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
Log(jsch,1): kex: client: none
Log(jsch,1): kex: client: none
Log(jsch,1): kex: client:
Log(jsch,1): kex: client:
Log(jsch,1): kex: server->client aes128-cbc hmac-md5 none
Log(jsch,1): kex: client->server aes128-cbc hmac-md5 none
Log(jsch,1): SSH_MSG_KEXDH_INIT sent
Log(jsch,1): expecting SSH_MSG_KEXDH_REPLY
Log(jsch,1): Disconnecting from 10.20.30.129 port 22
Session.connect: java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: RSA keys must be at least 512 bits long
com.jcraft.jsch.JSchException: Session.connect: java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: RSA keys must be at least 512 bits long
at com.jcraft.jsch.Session.connect(Session.java:525)
at jsch_test.test(jsch_test.java:82)
at jsch_test.main(jsch_test.java:11)
最佳答案
您必须在客户端和CISCO端创建大于512位的密钥
客户端:
ssh-keygen -b 1024
CISCO方面:
crypto key generate rsa general-keys label SSH-KEYS exportable modulus 1024
ip ssh rsa keypair-name SSH-KEYS