/** * Returns a {@link KeyProvider} instance created from a location on the file system where an <em>unencrypted</em> * private key file (does not require a passphrase) can be found. Simply calls {@link #loadKeys(String, * PasswordFinder)} with the {@link PasswordFinder} argument as {@code null}. * * @param location the location for the key file * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, if the file could not be read, etc. */ public KeyProvider loadKeys(String location) throws IOException { return loadKeys(location, (PasswordFinder) null); }
/** * Convenience method for creating a {@link KeyProvider} instance from a {@code location} where an <i>encrypted</i> * key file is located. Calls {@link #loadKeys(String, char[])} with a character array created from the supplied * {@code passphrase} string. * * @param location location of the key file * @param passphrase passphrase as a string * * @return the key provider for use in authentication * * @throws IOException if the key file format is not known, if the file could not be read etc. */ public KeyProvider loadKeys(String location, String passphrase) throws IOException { return loadKeys(location, passphrase.toCharArray()); }
/** * Utility function for createing a {@link KeyProvider} instance from given location on the file system. Creates a * one-off {@link PasswordFinder} using {@link PasswordUtils#createOneOff(char[])}, and calls {@link * #loadKeys(String, PasswordFinder)}. * * @param location location of the key file * @param passphrase passphrase as a char-array * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, if the file could not be read, etc. */ public KeyProvider loadKeys(String location, char[] passphrase) throws IOException { return loadKeys(location, PasswordUtils.createOneOff(passphrase)); }
/** * Authenticate {@code username} using the {@code "publickey"} authentication method, with keys from one or more * {@code locations} in the file system. * <p/> * In case multiple {@code locations} are specified; authentication is attempted in order as long as the {@code * "publickey"} authentication method is available. If there is an error loading keys from any of them (e.g. file * could not be read, file format not recognized) that key file it is ignored. * <p/> * This method does not provide a way to specify a passphrase. * * @param username user to authenticate * @param locations one or more locations in the file system containing the private key * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPublickey(String username, String... locations) throws UserAuthException, TransportException { final List<KeyProvider> keyProviders = new LinkedList<KeyProvider>(); for (String loc : locations) { try { log.debug("Attempting to load key from: {}", loc); keyProviders.add(loadKeys(loc)); } catch (IOException logged) { log.info("Could not load keys from {} due to: {}", loc, logged.getMessage()); } } authPublickey(username, keyProviders); }
/** * Returns a {@link KeyProvider} instance created from a location on the file system where an <em>unencrypted</em> * private key file (does not require a passphrase) can be found. Simply calls {@link #loadKeys(String, * PasswordFinder)} with the {@link PasswordFinder} argument as {@code null}. * * @param location the location for the key file * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, if the file could not be read, etc. */ public KeyProvider loadKeys(String location) throws IOException { return loadKeys(location, (PasswordFinder) null); }
/** * Returns a {@link KeyProvider} instance created from a location on the file system where an <em>unencrypted</em> * private key file (does not require a passphrase) can be found. Simply calls {@link #loadKeys(String, * PasswordFinder)} with the {@link PasswordFinder} argument as {@code null}. * * @param location the location for the key file * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, if the file could not be read, etc. */ public KeyProvider loadKeys(String location) throws IOException { return loadKeys(location, (PasswordFinder) null); }
/** * Convenience method for creating a {@link KeyProvider} instance from a {@code location} where an <i>encrypted</i> * key file is located. Calls {@link #loadKeys(String, char[])} with a character array created from the supplied * {@code passphrase} string. * * @param location location of the key file * @param passphrase passphrase as a string * * @return the key provider for use in authentication * * @throws IOException if the key file format is not known, if the file could not be read etc. */ public KeyProvider loadKeys(String location, String passphrase) throws IOException { return loadKeys(location, passphrase.toCharArray()); }
/** * Convenience method for creating a {@link KeyProvider} instance from a {@code location} where an <i>encrypted</i> * key file is located. Calls {@link #loadKeys(String, char[])} with a character array created from the supplied * {@code passphrase} string. * * @param location location of the key file * @param passphrase passphrase as a string * * @return the key provider for use in authentication * * @throws IOException if the key file format is not known, if the file could not be read etc. */ public KeyProvider loadKeys(String location, String passphrase) throws IOException { return loadKeys(location, passphrase.toCharArray()); }
/** * Utility function for createing a {@link KeyProvider} instance from given location on the file system. Creates a * one-off {@link PasswordFinder} using {@link PasswordUtils#createOneOff(char[])}, and calls {@link * #loadKeys(String, PasswordFinder)}. * * @param location location of the key file * @param passphrase passphrase as a char-array * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, if the file could not be read, etc. */ public KeyProvider loadKeys(String location, char[] passphrase) throws IOException { return loadKeys(location, PasswordUtils.createOneOff(passphrase)); }
/** * Utility function for createing a {@link KeyProvider} instance from given location on the file system. Creates a * one-off {@link PasswordFinder} using {@link PasswordUtils#createOneOff(char[])}, and calls {@link * #loadKeys(String, PasswordFinder)}. * * @param location location of the key file * @param passphrase passphrase as a char-array * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, if the file could not be read, etc. */ public KeyProvider loadKeys(String location, char[] passphrase) throws IOException { return loadKeys(location, PasswordUtils.createOneOff(passphrase)); }
SSHClient client = new SSHClient(); String username = "johndoe"; File privateKey = new File("~/.ssh/id_rsa"); KeyProvider keys = client.loadKeys(privateKey.getPath()); client.authPublicKey(username, keys);
/** * Authenticate {@code username} using the {@code "publickey"} authentication method, with keys from one or more * {@code locations} in the file system. * <p/> * In case multiple {@code locations} are specified; authentication is attempted in order as long as the {@code * "publickey"} authentication method is available. If there is an error loading keys from any of them (e.g. file * could not be read, file format not recognized) that key file it is ignored. * <p/> * This method does not provide a way to specify a passphrase. * * @param username user to authenticate * @param locations one or more locations in the file system containing the private key * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPublickey(String username, String... locations) throws UserAuthException, TransportException { final List<KeyProvider> keyProviders = new LinkedList<KeyProvider>(); for (String loc : locations) { try { log.debug("Attempting to load key from: {}", loc); keyProviders.add(loadKeys(loc)); } catch (IOException logged) { log.info("Could not load keys from {} due to: {}", loc, logged.getMessage()); } } authPublickey(username, keyProviders); }
/** * Authenticate {@code username} using the {@code "publickey"} authentication method, with keys from one or more * {@code locations} in the file system. * <p/> * In case multiple {@code locations} are specified; authentication is attempted in order as long as the {@code * "publickey"} authentication method is available. If there is an error loading keys from any of them (e.g. file * could not be read, file format not recognized) that key file it is ignored. * <p/> * This method does not provide a way to specify a passphrase. * * @param username user to authenticate * @param locations one or more locations in the file system containing the private key * * @throws UserAuthException in case of authentication failure * @throws TransportException if there was a transport-layer error */ public void authPublickey(String username, String... locations) throws UserAuthException, TransportException { final List<KeyProvider> keyProviders = new LinkedList<KeyProvider>(); for (String loc : locations) { try { log.debug("Attempting to load key from: {}", loc); keyProviders.add(loadKeys(loc)); } catch (IOException logged) { log.info("Could not load keys from {} due to: {}", loc, logged.getMessage()); } } authPublickey(username, keyProviders); }
@Override public void connectWithPubKeyAuthAndPassphrase(String path, String privateKeyPass) throws RaspiQueryException { LOGGER.info("Connecting to host '{}' on port '{}'.", hostname, port); client = newAndroidSSHClient(); LOGGER.info("Using no host key verification."); client.addHostKeyVerifier(new PromiscuousVerifier()); try { client.connect(hostname, port); } catch (IOException e) { throw RaspiQueryException.createConnectionFailure(hostname, port, e); } try { LOGGER.info("Using private/public key authentification with encrypted privatekey, keyfile: '{}'", path); final KeyProvider keyProvider = client.loadKeys(path, privateKeyPass.toCharArray()); client.authPublickey(username, keyProvider); } catch (UserAuthException e) { LOGGER.info("Authentification failed.", e); throw RaspiQueryException.createAuthenticationFailure(hostname, username, e); } catch (TransportException e) { throw RaspiQueryException.createTransportFailure(hostname, e); } catch (IOException e) { throw RaspiQueryException.createIOException(e); } }
@Override public final void connectWithPubKeyAuth(final String keyfilePath) throws RaspiQueryException { LOGGER.info("Connecting to host '{}' on port '{}'.", hostname, port); client = newAndroidSSHClient(); LOGGER.info("Using no host key verification."); client.addHostKeyVerifier(new PromiscuousVerifier()); try { client.connect(hostname, port); LOGGER.info("Using private/public key authentication, keyfile: '{}'", keyfilePath); KeyProvider keyProvider = client.loadKeys(keyfilePath); client.authPublickey(username, keyProvider); } catch (UserAuthException e) { LOGGER.info("Authentication failed.", e); throw RaspiQueryException.createAuthenticationFailure(hostname, username, e); } catch (TransportException e) { throw RaspiQueryException.createTransportFailure(hostname, e); } catch (IOException e) { throw RaspiQueryException .createConnectionFailure(hostname, port, e); } }
private Session getSession(InvocationContext context) throws IOException { try { /* * if it is connected, create a session Note: one client can have multiple session (on one channel) */ if (ssh.isConnected()) return ssh.startSession(); if (sshContext == null) { sshContext = ((SSHSecurityContextImpl) context.getSecurityContext(SSH_SECURITY_CONTEXT)); } KeyProvider pkey = ssh.loadKeys(sshContext.getPrivateKeyLoc(), sshContext.getKeyPass()); ssh.loadKnownHosts(); ssh.authPublickey(sshContext.getUsername(), pkey); ssh.connect(context.getExecutionDescription().getHost().getType().getHostAddress()); return ssh.startSession(); } catch (NullPointerException ne) { throw new SecurityException("Cannot load security context for SSH", ne); } }
public Session getSession(String hostAddress) throws IOException { try { if (sshClient == null) { sshClient = new SSHClient(); } if (getSSHClient().isConnected()) return getSSHClient().startSession(); KeyProvider pkey = getSSHClient().loadKeys(getPrivateKeyLoc(), getKeyPass()); getSSHClient().loadKnownHosts(); getSSHClient().connect(hostAddress); getSSHClient().authPublickey(getUsername(), pkey); session = getSSHClient().startSession(); return session; } catch (NullPointerException ne) { throw new SecurityException("Cannot load security context for SSH", ne); } }