sshj
sshj copied to clipboard
hierynomus
How to SFTP when SSH is disabled
My company has disabled SSH, but allows SFTP.
For example, "sftp" commands will work but "ssh" will not.
They may have configured something like this in "/etc/ssh/sshd_config":
Match Group sftp-only
ForceCommand internal-sftp
ChrootDirectory /pub/sftp
PermitTunnel no
AllowAgentForwarding no
AllowTcpForwarding no
X11Forwarding no
The typical pattern does not work:
import net.schmizz.sshj.*;
...
void connect() {
SSHClient sshClient;
SFTPClient sftpClient;
sshClient = new SSHClient();
sshClient.connect(hostname, port); // Port = 2233
sshClient.authPublickey(username, privatekey);
sftpClient = sshClient.newSFTPClient();
}
The above code throws an exception at "sshClient.connect()":
Exception in thread "main" java.net.ConnectException: Connection refused (Connection refused)
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at net.schmizz.sshj.SocketClient.connect(SocketClient.java:126)
Is there a way to get a SFTP implementation without instantiating SSHClient ?
Or does anybody know of a solution (or have I misunderstood something) ?
connection refused means that either the port is blocked or firewalled. You need the SSHCLient to use SFTP.
connection refusedmeans that either the port is blocked or firewalled. You need the SSHCLient to use SFTP.
Just curious - why would the Unix sftp -oPort=2233 command work ? -- is it because the SSH implementation on the server is somehow compatible with (or can specifically handle) the sftp command but not sshj's SSHCLient ?
Have other people experienced this kind of problem with other SFTP / SSH libraries (eg. JSch, Apache Commons VFS et al.) ?