Thread: [JSch-users] Public key authentication without file
Status: Alpha
Brought to you by:
ymnk
From: Niklas S. <nik...@gm...> - 2007-03-15 11:17:25
|
Dear all, I've been using JSch with ant for long, but now I just started using JSch with TestNG to make system tests. I run different systems that each have their username, keyfile and keypassword laying in a MySQL database. I made a little prototype (listed beneath) but it uses the path to the keyfile to connect rather than the contents of the keyfile: Server server = iter.next(); Server.Credentials credentials = server.getCredentials(); InetSocketAddress i = server.InetSocketAddress(server.publicSSH()); jsch.addIdentity(credentials.keyfile, credentials.keypass); Session session=jsch.getSession(credentials.username, i.getHostName (), i.getPort()); Hashtable config = new Hashtable(); config.put("StrictHostKeyChecking", "no"); session.setConfig(config); session.connect(30000); Channel channel=session.openChannel("shell"); StringBufferInputStream in = new StringBufferInputStream(command); channel.setInputStream(in); channel.setOutputStream(out); channel.connect(); How can I modify my prototype to allow Server.Credentials.keyfile to actually contain the contents of the file and not just the pathname? Sincerely yours Niklas Saers |
From: <ym...@jc...> - 2007-03-15 15:02:26
|
Hi, addIdentity(String name, byte[]prvkey, byte[]pubkey, byte[] passphrase) +-From: Niklas Saers <nik...@gm...> -- |_Date: Thu, 15 Mar 2007 12:17:19 +0100 _______ | |How can I modify my prototype to allow Server.Credentials.keyfile to |actually contain the contents of the file and not just the pathname? Since 0.1.30, jsch has included following method, JSch#addIdentity(String name, byte[]prvkey, byte[]pubkey, byte[] passphrase) The parameter "name" is just a unique name and it will be used to delete an identity by JSch#removeIdentity(String name) if you want. Sincerely, -- Atsuhiko Yamanaka JCraft,Inc. 1-14-20 HONCHO AOBA-KU, SENDAI, MIYAGI 980-0014 Japan. Tel +81-22-723-2150 +1-415-578-3454 Fax +81-22-224-8773 Skype callto://jcraft/ |
From: Niklas S. <nik...@gm...> - 2007-03-15 21:36:41
|
Thank you very much. :-) Cheers Nik On Mar 15, 2007, at 4:02 PM, Atsuhiko Yamanaka wrote: > Hi, > > addIdentity(String name, byte[]prvkey, byte[]pubkey, byte[] > passphrase) > > +-From: Niklas Saers <nik...@gm...> -- > |_Date: Thu, 15 Mar 2007 12:17:19 +0100 _______ > | > |How can I modify my prototype to allow > Server.Credentials.keyfile to > |actually contain the contents of the file and not just the > pathname? > > Since 0.1.30, jsch has included following method, > > JSch#addIdentity(String name, byte[]prvkey, byte[]pubkey, byte[] > passphrase) > > The parameter "name" is just a unique name and it will be used to > delete an identity by > JSch#removeIdentity(String name) > if you want. > > > Sincerely, > -- > Atsuhiko Yamanaka > JCraft,Inc. > 1-14-20 HONCHO AOBA-KU, > SENDAI, MIYAGI 980-0014 Japan. > Tel +81-22-723-2150 > +1-415-578-3454 > Fax +81-22-224-8773 > Skype callto://jcraft/ |
From: n s. <nsc...@ya...> - 2007-07-20 16:14:34
|
[JSch-users] Public key authentication without file From: Niklas Saers <niklassaers@gm...> - 2007-03-15 11:17 Attachments: Message as HTML Dear all, I've been using JSch with ant for long, but now I just started using JSch with TestNG to make system tests. I run different systems that each have their username, keyfile and keypassword laying in a MySQL database. I made a little prototype (listed beneath) but it uses the path to the keyfile to connect rather than the contents of the keyfile: Server server = iter.next(); Server.Credentials credentials = server.getCredentials(); InetSocketAddress i = server.InetSocketAddress(server.publicSSH()); jsch.addIdentity(credentials.keyfile, credentials.keypass); Session session=jsch.getSession(credentials.username, i.getHostName (), i.getPort()); Hashtable config = new Hashtable(); config.put("StrictHostKeyChecking", "no"); session.setConfig(config); session.connect(30000); Channel channel=session.openChannel("shell"); StringBufferInputStream in = new StringBufferInputStream(command); channel.setInputStream(in); channel.setOutputStream(out); channel.connect(); How can I modify my prototype to allow Server.Credentials.keyfile to actually contain the contents of the file and not just the pathname? Sincerely yours Niklas Saers Re: [JSch-users] Public key authentication without file From: <ymnk@jc...> - 2007-03-15 15:02 Hi, addIdentity(String name, byte[]prvkey, byte[]pubkey, byte[] passphrase) +-From: Niklas Saers <niklassaers@gm...> -- |_Date: Thu, 15 Mar 2007 12:17:19 +0100 _______ | |How can I modify my prototype to allow Server.Credentials.keyfile to |actually contain the contents of the file and not just the pathname? Since 0.1.30, jsch has included following method, JSch#addIdentity(String name, byte[]prvkey, byte[]pubkey, byte[] passphrase) The parameter "name" is just a unique name and it will be used to delete an identity by JSch#removeIdentity(String name) if you want. Sincerely, -- Atsuhiko Yamanaka JCraft,Inc. 1-14-20 HONCHO AOBA-KU, SENDAI, MIYAGI 980-0014 Japan. Tel +81-22-723-2150 +1-415-578-3454 Fax +81-22-224-8773 Skype callto://jcraft/ Re: [JSch-users] Public key authentication without file From: Niklas Saers <niklassaers@gm...> - 2007-03-15 21:36 Thank you very much. :-) Cheers Nik On Mar 15, 2007, at 4:02 PM, Atsuhiko Yamanaka wrote: > Hi, > > addIdentity(String name, byte[]prvkey, byte[]pubkey, byte[] > passphrase) > > +-From: Niklas Saers <niklassaers@gm...> -- > |_Date: Thu, 15 Mar 2007 12:17:19 +0100 _______ > | > |How can I modify my prototype to allow > Server.Credentials.keyfile to > |actually contain the contents of the file and not just the > pathname? > > Since 0.1.30, jsch has included following method, > > JSch#addIdentity(String name, byte[]prvkey, byte[]pubkey, byte[] > passphrase) > > The parameter "name" is just a unique name and it will be used to > delete an identity by > JSch#removeIdentity(String name) > if you want. > > > Sincerely, > -- > Atsuhiko Yamanaka > JCraft,Inc. > 1-14-20 HONCHO AOBA-KU, > SENDAI, MIYAGI 980-0014 Japan. > Tel +81-22-723-2150 > +1-415-578-3454 > Fax +81-22-224-8773 > Skype callto://jcraft/ Hello All, First, I would like to thank all of the developers and the companies that support them for this project. Good job. I've been trying to test some examples for one of my projects and I've found a small bug. session.setUserInfo(ui); must be set in order to connect to the server. com.jcraft.jsch.JSchException: Auth fail at com.jcraft.jsch.Session.connect(Unknown Source) at com.jcraft.jsch.Session.connect(Unknown Source) at jschtest.Main.main(Main.java:65) I have set the password session.setPassword("mypassword"). The username and host are set in jsch.getSession(user, host, 22). Why do I need to create a UserInfo class? If this is part of the Config hash inside session, shouldn't this have defaults? The following code work great when I define MyUserInfo per the examples. try { JSch jsch=new JSch(); String knownHosts = "oak,10.200.55.123 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAozQicuuBybpy2pS/kDXiTl3Lb+QSqtNc5dFXHnPVflTcevX9yjB1UupnCgEF+BB/DH2TyVzW38a7LMq7wc1pCiMKjn1SxRB1PwGebUpU0cUKsKbZ3caDIAuEmx0Vl/cUx1MVc+lBtQzkZly5KKeQHXKMo6evhyPf+xpLankxzCU="; InputStream i = new ByteArrayInputStream(knownHosts.getBytes()); jsch.setKnownHosts(i); String user="bob"; String host="oak"; Session session=jsch.getSession(user, host, 22); session.setPassword("mypassword"); // username and password will be given via UserInfo interface. // UserInfo ui=new MyUserInfo(); //session.setUserInfo(ui); session.connect(); Channel channel=session.openChannel("sftp"); channel.connect(); ChannelSftp c=(ChannelSftp)channel; int mode=ChannelSftp.OVERWRITE; try { // mode=ChannelSftp.RESUME; } //mode=ChannelSftp.APPEND; } // c.put(p1, p2, monitor, mode); c.put("/etc/passwd",".",mode); } catch (SftpException ex) { ex.printStackTrace(); } } catch (JSchException ex) { ex.printStackTrace(); } } I can see how userInfo would be of value in building a large application, but I'm just coping log files. I'm thinking that the simple connection code could be changed to session.setUserId("Bob"); session.setPassword("Bobspassword"); session.setExpectedHostKeyHash("1d:da:80:c3:db:42:04:96:e6:e2:4a:1f:fb:f8:69:c2"); // or jsch.setKnownHosts(oak,10.200.55.123 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAozQicuuBybpy2pS/kDXiTl3Lb+QSqtNc5dFXHnPVflTcevX9yjB1UupnCgEF+BB/DH2TyVzW38a7LMq7wc1pCiMKjn1SxRB1PwGebUpU0cUKsKbZ3caDIAuEmx0Vl/cUx1MVc+lBtQzkZly5KKeQHXKMo6evhyPf+xpLankxzCU="); session.connect(); or String user="bob"; String host="oak"; String passwd ="mypasswd"; String expectedHostKeyHash ="1d:da:80:c3:db:42:04:96:e6:e2:4a:1f:fb:f8:69:c2"; Session session=jsch.getSession(user,passwd, host, 22, expectedHostKeyHash ); session.connect(); Thank you for your time, Nicholas A. Schembri State College PA, USA |
From: <ym...@jc...> - 2007-07-22 01:34:29
|
Hi, I'm sorry, but it is very difficult to understand your message... I need to read it a few times to understand it. +-From: n schembr <nsc...@ya...> -- |_Date: Fri, 20 Jul 2007 09:14:21 -0700 (PDT) __ | |[JSch-users] Public key authentication without file | From: Niklas Saers <niklassaers@gm...> - 2007-03-15 11:17 ... |Hello All, |First, I would like to thank all of the developers and the companies that |support them for this project. Good job. |I've been trying to test some examples for one of my projects and I've |found a small bug. |session.setUserInfo(ui); must be set in order to connect to the server. No, it is not a bug. You shuld set it. For examples, as RFC for ssh2 states, ssh2 client must show BANNER messages if they are sent from the remote sshd. |com.jcraft.jsch.JSchException: Auth fail | at com.jcraft.jsch.Session.connect(Unknown Source) | at com.jcraft.jsch.Session.connect(Unknown Source) | at jschtest.Main.main(Main.java:65) By the way, which jsch version are you using? jsch 0.1.31(or previous) had a bug to cancel 'keyboard-interactive' authentication method. Sincerely, -- Atsuhiko Yamanaka JCraft,Inc. 1-14-20 HONCHO AOBA-KU, SENDAI, MIYAGI 980-0014 Japan. Tel +81-22-723-2150 +1-415-578-3454 Fax +81-22-224-8773 Skype callto://jcraft/ |