/** * Authenticate {@code username} using the supplied {@code methods}. * * @param username user to authenticate * @param methods one or more authentication method * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void auth(String username, AuthMethod... methods) throws UserAuthException, TransportException { checkConnected(); auth(username, Arrays.<AuthMethod>asList(methods)); }
@Override public SSHClient create() throws Exception { ssh = new net.schmizz.sshj.SSHClient(); ssh.addHostKeyVerifier(new PromiscuousVerifier()); if (connectTimeout != 0) { ssh.setConnectTimeout(connectTimeout); } if (sessionTimeout != 0) { ssh.setTimeout(sessionTimeout); } ssh.connect(hostAndPort.getHostText(), hostAndPort.getPortOrDefault(22)); if (loginCredentials.hasUnencryptedPrivateKey()) { OpenSSHKeyFile key = new OpenSSHKeyFile(); key.init(loginCredentials.getOptionalPrivateKey().get(), null); ssh.authPublickey(loginCredentials.getUser(), key); } else if (loginCredentials.getOptionalPassword().isPresent()) { ssh.authPassword(loginCredentials.getUser(), loginCredentials.getOptionalPassword().get()); } else if (agentConnector.isPresent()) { AgentProxy proxy = new AgentProxy(agentConnector.get()); ssh.auth(loginCredentials.getUser(), getAuthMethods(proxy)); } return ssh; }
@Override public SSHClient create() throws Exception { ssh = new net.schmizz.sshj.SSHClient(); ssh.addHostKeyVerifier(new PromiscuousVerifier()); if (connectTimeout != 0) { ssh.setConnectTimeout(connectTimeout); } if (sessionTimeout != 0) { ssh.setTimeout(sessionTimeout); } ssh.connect(hostAndPort.getHostText(), hostAndPort.getPortOrDefault(22)); if (loginCredentials.hasUnencryptedPrivateKey()) { OpenSSHKeyFile key = new OpenSSHKeyFile(); key.init(loginCredentials.getOptionalPrivateKey().get(), null); ssh.authPublickey(loginCredentials.getUser(), key); } else if (loginCredentials.getOptionalPassword().isPresent()) { ssh.authPassword(loginCredentials.getUser(), loginCredentials.getOptionalPassword().get()); } else if (agentConnector.isPresent()) { AgentProxy proxy = new AgentProxy(agentConnector.get()); ssh.auth(loginCredentials.getUser(), getAuthMethods(proxy)); } return ssh; }
/** * Authenticate {@code username} using the {@code "publickey"} authentication method. * <p/> * {@link KeyProvider} instances can be created using any of the of the {@code loadKeys()} method provided in this * class. In case multiple {@code keyProviders} are specified; authentication is attempted in order as long as the * {@code "publickey"} authentication method is available. * * @param username user to authenticate * @param keyProviders one or more {@link KeyProvider} instances * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPublickey(String username, Iterable<KeyProvider> keyProviders) throws UserAuthException, TransportException { final List<AuthMethod> am = new LinkedList<AuthMethod>(); for (KeyProvider kp : keyProviders) am.add(new AuthPublickey(kp)); auth(username, am); }
/** * Authenticate {@code username} using the {@code "gssapi-with-mic"} authentication method, given a login context * for the peer GSS machine and a list of supported OIDs. * <p/> * Supported OIDs should be ordered by preference as the SSH server will choose the first OID that it also * supports. At least one OID is required * * @param username user to authenticate * @param context {@code LoginContext} for the peer GSS machine * @param supportedOid first supported OID * @param supportedOids other supported OIDs * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authGssApiWithMic(String username, LoginContext context, Oid supportedOid, Oid... supportedOids) throws UserAuthException, TransportException { // insert supportedOid to the front of the list since ordering matters List<Oid> oids = new ArrayList<Oid>(Arrays.asList(supportedOids)); oids.add(0, supportedOid); auth(username, new AuthGssApiWithMic(context, oids)); }
/** * Authenticate {@code username} using the {@code "password"} authentication method and as a fallback basic * challenge-response authentication. * * @param username user to authenticate * @param pfinder the {@link PasswordFinder} to use for authentication * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPassword(String username, PasswordFinder pfinder) throws UserAuthException, TransportException { auth(username, new AuthPassword(pfinder), new AuthKeyboardInteractive(new PasswordResponseProvider(pfinder))); }
/** * Authenticate {@code username} using the {@code "password"} authentication method and as a fallback basic * challenge-response authentication. * * @param username user to authenticate * @param pfinder the {@link PasswordFinder} to use for authentication * @param newPasswordProvider the {@link PasswordUpdateProvider} to use when a new password is being requested from the user. * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPassword(String username, PasswordFinder pfinder, PasswordUpdateProvider newPasswordProvider) throws UserAuthException, TransportException { auth(username, new AuthPassword(pfinder, newPasswordProvider), new AuthKeyboardInteractive(new PasswordResponseProvider(pfinder))); }
@Test public void authenticated() throws Exception { AuthGssApiWithMic authMethod = new AuthGssApiWithMic( new LoginContext(LOGIN_CONTEXT_NAME, null, null, new TestAuthConfiguration()), Collections.singletonList(BogusGSSManager.KRB5_MECH), new BogusGSSManager()); SSHClient defaultClient = fixture.setupConnectedDefaultClient(); defaultClient.auth("user", authMethod); assertTrue(defaultClient.isAuthenticated()); }
/** * Authenticate {@code username} using the supplied {@code methods}. * * @param username user to authenticate * @param methods one or more authentication method * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void auth(String username, AuthMethod... methods) throws UserAuthException, TransportException { checkConnected(); auth(username, Arrays.<AuthMethod>asList(methods)); }
/** * Authenticate {@code username} using the supplied {@code methods}. * * @param username user to authenticate * @param methods one or more authentication method * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void auth(String username, AuthMethod... methods) throws UserAuthException, TransportException { checkConnected(); auth(username, Arrays.<AuthMethod>asList(methods)); }
/** * Authenticate {@code username} using the {@code "publickey"} authentication method. * <p/> * {@link KeyProvider} instances can be created using any of the of the {@code loadKeys()} method provided in this * class. In case multiple {@code keyProviders} are specified; authentication is attempted in order as long as the * {@code "publickey"} authentication method is available. * * @param username user to authenticate * @param keyProviders one or more {@link KeyProvider} instances * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPublickey(String username, Iterable<KeyProvider> keyProviders) throws UserAuthException, TransportException { final List<AuthMethod> am = new LinkedList<AuthMethod>(); for (KeyProvider kp : keyProviders) am.add(new AuthPublickey(kp)); auth(username, am); }
/** * Authenticate {@code username} using the {@code "publickey"} authentication method. * <p/> * {@link KeyProvider} instances can be created using any of the of the {@code loadKeys()} method provided in this * class. In case multiple {@code keyProviders} are specified; authentication is attempted in order as long as the * {@code "publickey"} authentication method is available. * * @param username user to authenticate * @param keyProviders one or more {@link KeyProvider} instances * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPublickey(String username, Iterable<KeyProvider> keyProviders) throws UserAuthException, TransportException { final List<AuthMethod> am = new LinkedList<AuthMethod>(); for (KeyProvider kp : keyProviders) am.add(new AuthPublickey(kp)); auth(username, am); }
/** * Authenticate {@code username} using the {@code "gssapi-with-mic"} authentication method, given a login context * for the peer GSS machine and a list of supported OIDs. * <p/> * Supported OIDs should be ordered by preference as the SSH server will choose the first OID that it also * supports. At least one OID is required * * @param username user to authenticate * @param context {@code LoginContext} for the peer GSS machine * @param supportedOid first supported OID * @param supportedOids other supported OIDs * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authGssApiWithMic(String username, LoginContext context, Oid supportedOid, Oid... supportedOids) throws UserAuthException, TransportException { // insert supportedOid to the front of the list since ordering matters List<Oid> oids = new ArrayList<Oid>(Arrays.asList(supportedOids)); oids.add(0, supportedOid); auth(username, new AuthGssApiWithMic(context, oids)); }
/** * Authenticate {@code username} using the {@code "password"} authentication method and as a fallback basic * challenge-response authentication. * * @param username user to authenticate * @param pfinder the {@link PasswordFinder} to use for authentication * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPassword(String username, PasswordFinder pfinder) throws UserAuthException, TransportException { auth(username, new AuthPassword(pfinder), new AuthKeyboardInteractive(new PasswordResponseProvider(pfinder))); }
@Override public Boolean authenticate(final Host bookmark, final LoginCallback prompt, final CancelCallback cancel) throws BackgroundException { if(log.isDebugEnabled()) { log.debug(String.format("Login using none authentication with credentials %s", bookmark.getCredentials())); } try { session.getClient().auth(bookmark.getCredentials().getUsername(), new AuthNone()); return session.getClient().isAuthenticated(); } catch(IOException e) { throw new SFTPExceptionMappingService().map(e); } }
/** * Authenticate {@code username} using the {@code "password"} authentication method and as a fallback basic * challenge-response authentication. * * @param username user to authenticate * @param pfinder the {@link PasswordFinder} to use for authentication * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPassword(String username, PasswordFinder pfinder) throws UserAuthException, TransportException { auth(username, new AuthPassword(pfinder), new AuthKeyboardInteractive(new PasswordResponseProvider(pfinder))); }
/** * Authenticate {@code username} using the {@code "password"} authentication method and as a fallback basic * challenge-response authentication. * * @param username user to authenticate * @param pfinder the {@link PasswordFinder} to use for authentication * @param newPasswordProvider the {@link PasswordUpdateProvider} to use when a new password is being requested from the user. * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPassword(String username, PasswordFinder pfinder, PasswordUpdateProvider newPasswordProvider) throws UserAuthException, TransportException { auth(username, new AuthPassword(pfinder, newPasswordProvider), new AuthKeyboardInteractive(new PasswordResponseProvider(pfinder))); }
final SSHClient ssh = new SSHClient(); ssh.addHostKeyVerifier("XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX"); ssh.connect("host"); PKCS8KeyFile keyFile = new PKCS8KeyFile(); keyFile.init(new File("server_pem.pem")); ssh.auth("ec2-user", new AuthPublickey(keyFile)); try { final Session session = ssh.startSession(); try { final Command command = session.exec("whoami"); String response = IOUtils.readFully(command.getInputStream()).toString(); command.join(10, TimeUnit.SECONDS); return response; } finally { session.close(); } } finally { ssh.disconnect(); }
@Override public Boolean authenticate(final Host bookmark, final LoginCallback prompt, final CancelCallback cancel) throws BackgroundException { if(log.isDebugEnabled()) { log.debug(String.format("Login using agent %s for %s", agent, bookmark)); } for(Identity identity : agent.getIdentities()) { try { session.getClient().auth(bookmark.getCredentials().getUsername(), new AuthAgent(agent.getProxy(), identity)); // Successfully authenticated break; } catch(UserAuthException e) { cancel.verify(); // Continue; } catch(Buffer.BufferException e) { throw new DefaultIOExceptionMappingService().map(e); } catch(TransportException e) { throw new SFTPExceptionMappingService().map(e); } } return session.getClient().isAuthenticated(); }
session.getClient().auth(credentials.getUsername(), new AuthPassword(new PasswordFinder() { @Override public char[] reqPassword(final Resource<?> resource) {