Password authentication working with 0.1.55 but failing with JSCH 0.2.16

[Sai-Srikar]

With JSCH version 0.1.55, we were able to successfully authenticate using a password. However, after upgrading to version 0.2.16, password authentication is no longer successful.
Here is the relevant portion of the debug logs from the JSCH 0.2.16 attempt:

jschLog=Connecting to xxx.yyy.zz.aa port 22
jschLog=Connection established
jschLog=Remote version string: SSH-2.0-OpenSSH_7.4
jschLog=Local version string: SSH-2.0-JSCH_0.2.16
jschLog=CheckCiphers: [email protected]
jschLog=CheckKexes: [email protected],curve25519-sha256,[email protected],curve448-sha512
jschLog=CheckSignatures: ssh-ed25519,ssh-ed448
jschLog=server_host_key proposal before known_host reordering is: ssh-rsa,ssh-dss,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
jschLog=server_host_key proposal after known_host reordering is: ssh-rsa,ssh-dss,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
jschLog=SSH_MSG_KEXINIT sent
jschLog=SSH_MSG_KEXINIT received
jschLog=server proposal: KEX algorithms: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
jschLog=server proposal: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256
jschLog=server proposal: ciphers c2s: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
jschLog=server proposal: ciphers s2c: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
jschLog=server proposal: MACs c2s: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
jschLog=server proposal: MACs s2c: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
jschLog=server proposal: compression c2s: none,[email protected]
jschLog=server proposal: compression s2c: none,[email protected]
jschLog=server proposal: languages c2s:
jschLog=server proposal: languages s2c:
jschLog=client proposal: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ext-info-c,[email protected]
jschLog=client proposal: host key algorithms: ssh-rsa,ssh-dss,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
jschLog=client proposal: ciphers c2s: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
jschLog=client proposal: ciphers s2c: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
jschLog=client proposal: MACs c2s: [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
jschLog=client proposal: MACs s2c: [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
jschLog=client proposal: compression c2s: none
jschLog=client proposal: compression s2c: none
jschLog=client proposal: languages c2s:
jschLog=client proposal: languages s2c:
jschLog=kex: algorithm: [email protected]
jschLog=kex: host key algorithm: ssh-rsa
jschLog=kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
jschLog=kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
jschLog=SSH_MSG_KEX_ECDH_INIT sent
jschLog=expecting SSH_MSG_KEX_ECDH_REPLY
jschLog=ssh_rsa_verify: ssh-rsa signature true
jschLog=Permanently added 'xxx.yyy.zz.aa' (RSA) to the list of known hosts.
jschLog=SSH_MSG_NEWKEYS sent
jschLog=SSH_MSG_NEWKEYS received
jschLog=SSH_MSG_SERVICE_REQUEST sent
jschLog=SSH_MSG_EXT_INFO received
jschLog=server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
jschLog=OpenSSH 7.4 detected: adding rsa-sha2-256 & rsa-sha2-512 to server-sig-algs
jschLog=SSH_MSG_SERVICE_ACCEPT received
jschLog=Authentications that can continue: publickey
jschLog=Next authentication method: publickey
jschLog=Disconnecting from xxx.yyy.zz.aa port 22

According to the logs, there is no attempt to use password authentication in the logs, despite it being available and working with the previous JSCH version (0.1.55).

[norrisjeremy]

Hi @Sai-Srikar,

I believe you already reported this problem in #596, which you appear to have closed a few minutes ago for some reason.
Please check this comment in particular for what the issue may be.

I would suggest trying any of the following:

1. Remove the rsa-sha2-256 & rsa-sha2-512 algorithms from the PubkeyAcceptedAlgorithms JSch config setting when connecting to this server.
2. Or remove the publickey algorithm from the PreferredAuthentications JSch config setting when connecting to this server.
3. Or don't load RSA type public key Identities into the JSch session when connecting to this server.

Thanks,
Jeremy