Wait between SSH/Telnet authentication attempts

netfishers-onl · Sep 16, 2024 · 8731b74 · 8731b74
1 parent c120e2a
commit 8731b74
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 9 deletions.
diff --git a/src/main/java/onl/netfishers/netshot/device/Device.java b/src/main/java/onl/netfishers/netshot/device/Device.java
@@ -69,6 +69,8 @@
 import onl.netfishers.netshot.compliance.Rule;
 import onl.netfishers.netshot.compliance.SoftwareRule;
 import onl.netfishers.netshot.compliance.SoftwareRule.ConformanceLevel;
+import onl.netfishers.netshot.device.access.Ssh;
+import onl.netfishers.netshot.device.access.Telnet;
 import onl.netfishers.netshot.device.attribute.DeviceAttribute;
 import onl.netfishers.netshot.device.credentials.DeviceCredentialSet;
 import onl.netfishers.netshot.diagnostic.DiagnosticResult;
@@ -432,14 +434,14 @@ public static enum Status {
 		@XmlElement, @JsonView(DefaultView.class)
 	}))
 	@Setter
-	protected int sshPort = 0;
+	protected int sshPort = Ssh.DEFAULT_PORT;
 
 	/** Telnet TCP port, 23 by default */
 	@Getter(onMethod=@__({
 		@XmlElement, @JsonView(DefaultView.class)
 	}))
 	@Setter
-	protected int telnetPort = 0;
+	protected int telnetPort = Telnet.DEFAULT_PORT;
 
 	/** An optional connection address, in case the management address can't be used to connect to the device. */
 	@Getter(onMethod=@__({

diff --git a/src/main/java/onl/netfishers/netshot/device/access/Ssh.java b/src/main/java/onl/netfishers/netshot/device/access/Ssh.java
@@ -48,6 +48,9 @@
 @Slf4j
 public class Ssh extends Cli {
 
+	/** Default Telnet TCP port */
+	static public int DEFAULT_PORT = 22;
+
 	/**
 	 * Logger bridge for Jsch to SLF4j
 	 */
@@ -292,7 +295,7 @@ public void setTerminalWidth(int terminalWidth) {
 	}
 
 	/** The port. */
-	private int port = 22;
+	private int port = DEFAULT_PORT;
 
 	/** The jsch. */
 	private JSch jsch;
@@ -329,7 +332,7 @@ public void setTerminalWidth(int terminalWidth) {
 	 */
 	public Ssh(NetworkAddress host, int port, String username, String password, TaskLogger taskLogger) {
 		super(host, taskLogger);
-		if (port != 0) this.port = port;
+		this.port = port;
 		this.username = username;
 		this.password = password;
 		this.privateKey = null;
@@ -351,7 +354,7 @@ public Ssh(NetworkAddress host, int port, String username, String password, Task
 	public Ssh(NetworkAddress host, int port, String username, String publicKey, String privateKey,
 			String passphrase, TaskLogger taskLogger) {
 		super(host, taskLogger);
-		if (port != 0) this.port = port;
+		this.port = port;
 		this.username = username;
 		this.publicKey = publicKey;
 		this.privateKey = privateKey;

diff --git a/src/main/java/onl/netfishers/netshot/device/access/Telnet.java b/src/main/java/onl/netfishers/netshot/device/access/Telnet.java
@@ -45,6 +45,9 @@
 @Slf4j
 public class Telnet extends Cli {
 
+	/** Default Telnet TCP port */
+	static public int DEFAULT_PORT = 23;
+
 	/** Default value for the Telnet connection timeout */
 	static private int DEFAULT_CONNECTION_TIMEOUT = 5000;
 
@@ -105,7 +108,7 @@ public TelnetConfig() {
 	}
 
 	/** The port. */
-	private int port = 23;
+	private int port = DEFAULT_PORT;
 
 	/** The telnet. */
 	private TelnetClient telnet = null;
@@ -132,7 +135,7 @@ public Telnet(NetworkAddress host, TaskLogger taskLogger) {
 	 */
 	public Telnet(NetworkAddress host, int port, TaskLogger taskLogger) {
 		this(host, taskLogger);
-		if (port != 0) this.port = port;
+		this.port = port;
 		this.connectionTimeout = DEFAULT_CONNECTION_TIMEOUT;
 		this.commandTimeout = DEFAULT_COMMAND_TIMEOUT;
 		this.receiveTimeout = DEFAULT_RECEIVE_TIMEOUT;

diff --git a/src/main/java/onl/netfishers/netshot/device/script/CliScript.java b/src/main/java/onl/netfishers/netshot/device/script/CliScript.java
@@ -125,6 +125,18 @@ protected TaskLogger getCliLogger() {
 		}
 		return new StringListTaskLogger(cliLog);
 	}
+
+	/**
+	 * Wait a bit between authentication attempts
+	 */
+	private void waitBetweenAttempts() {
+		try {
+			Thread.sleep(1000);
+		}
+		catch (InterruptedException e) {
+			// Ignore
+		}
+	}
 
 	protected abstract void run(Session session, Device device, Cli cli, Snmp snmp, DriverProtocol protocol, DeviceCredentialSet account)
 			throws InvalidCredentialsException, IOException, ScriptException, MissingDeviceDriverException;
@@ -160,7 +172,13 @@ public void connectRun(Session session, Device device, Set<DeviceCredentialSet>
 		}
 
 		int sshPort = device.getSshPort();
+		if (sshPort == 0) {
+			sshPort = Ssh.DEFAULT_PORT;
+		}
 		int telnetPort = device.getTelnetPort();
+		if (telnetPort == 0) {
+			telnetPort = Telnet.DEFAULT_PORT;
+		}
 
 		if (sshOpened) {
 			for (DeviceCredentialSet credentialSet : credentialSets) {
@@ -190,15 +208,17 @@ public void connectRun(Session session, Device device, Set<DeviceCredentialSet>
 					}
 					catch (InvalidCredentialsException e) {
 						taskLogger.warn(String.format("Authentication failed using SSH credential set %s.", credentialSet.getName()));
+						this.waitBetweenAttempts();
 					}
 					catch (ScriptException e) {
 						throw e;
 					}
 					catch (IOException e) {
-						log.warn("Unable to open an SSH connection to {}:{}.", address.getIp(), sshPort, e);
+						log.warn("Error while opening SSH connection to {}:{}.", address.getIp(), sshPort, e);
 						if (e.getMessage().contains("Auth fail")) {
 							taskLogger.warn(String.format("Authentication failed %s:%d using SSH credential set %s.",
 									address, sshPort, credentialSet.getName()));
+							this.waitBetweenAttempts();
 						}
 						else {
 							taskLogger.warn(String.format("Unable to open an SSH socket to %s:%d: %s",
@@ -229,6 +249,7 @@ public void connectRun(Session session, Device device, Set<DeviceCredentialSet>
 					}
 					catch (InvalidCredentialsException e) {
 						taskLogger.warn(String.format("Authentication failed using Telnet credential set %s.", credentialSet.getName()));
+						this.waitBetweenAttempts();
 					}
 					catch (ScriptException e) {
 						throw e;
@@ -308,14 +329,16 @@ public void connectRun(Session session, Device device, Set<DeviceCredentialSet>
 						}
 						catch (InvalidCredentialsException e) {
 							taskLogger.warn(String.format("Authentication failed using SSH credential set %s.", credentialSet.getName()));
+							this.waitBetweenAttempts();
 						}
 						catch (ScriptException e) {
 							throw e;
 						}
 						catch (IOException e) {
-							log.warn("Unable to open an SSH connection to {}:{}.", address.getIp(), sshPort, e);
+							log.warn("Error while opening SSH connection to {}:{}.", address.getIp(), sshPort, e);
 							if (e.getMessage().contains("Auth fail") || e.getMessage().contains("authentication failure")) {
 								taskLogger.warn(String.format("Authentication failed using SSH credential set %s.", credentialSet.getName()));
+								this.waitBetweenAttempts();
 							}
 							else {
 								taskLogger.warn(String.format("Unable to open an SSH socket to %s:%d: %s",
@@ -352,6 +375,7 @@ public void connectRun(Session session, Device device, Set<DeviceCredentialSet>
 						}
 						catch (InvalidCredentialsException e) {
 							taskLogger.warn(String.format("Authentication failed using Telnet credential set %s.", credentialSet.getName()));
+							this.waitBetweenAttempts();
 						}
 						catch (ScriptException e) {
 							throw e;