Geek Answers Handbook

Ssh Private / Public Key Authentication Example

Can someone give me an example of private / public key authentication in sshj ?

In sshj, which is equivalent to the command line,

ssh -i /path/to/mykey.private username@host

I tried (processing error omitted)

 final SSHClient ssh = new SSHClient(); ssh.loadKnownHosts(); ssh.connect("host"); ssh.authPublickey("username", "/path/to/mykey.private"); final Session session = ssh.startSession(); ...

but in the log statements that I see

 DEBUG net.schmizz.sshj.SSHClient - Attempting to load key from: /path/to/mykey.private WARN net.schmizz.sshj.SSHClient - Could not load keys due to: {} net.schmizz.sshj.common.SSHException: No provider available forUnknown key file at net.schmizz.sshj.SSHClient.loadKeys(SSHClient.java:482) ~[sshj-0.3.0.jar:na] ... Exception in thread "main" 10:49:55.943 [reader] DEBUG net.schmizz.sshj.transport.Reader - Stopping net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods

Thanks Everett

+7
java ssh sshj
source share
2 answers

Try using KeyPairWrapper as follows:

 KeyPair kp = ... // read keypair from file ssh.authPublickey(user, new KeyPairWrapper(keypair));

With the BouncyCastle provider, you can use something like this to extract KeyPair from PEM PKCS8 (apologies for the messy code)

 /** * Takes a PEM-encoded PKCS8 key-containing InputStream and returns the KeyPair within. Only the first keypair is considered * * @return * @throws IOException if the stream is not a valid PKCS8 wrapped keypair */ public static KeyPair readKeypair(final InputStream is, final char[] password) throws IOException { PasswordFinder passwordFinder = password != null ? new StaticPasswordFinder(password) : null; KeyPair kp = null; try { // read the stream as a PEM encoded try { final PEMReader pem = new PEMReader(new InputStreamReader(is), passwordFinder); try { // Skip over entries in the file which are not KeyPairs do { final Object o = pem.readObject(); if (o == null) break; // at end of file else if (o instanceof KeyPair) kp = (KeyPair) o; } while (kp == null); } finally { pem.close(); } } catch (EncryptionException e) { throw new IOException("Error reading PEM stream: " + e.getMessage(), e); } } finally { is.close(); } // Cast the return to a KeyPair (or, if there is no [valid] return, throw an exception) if (kp != null) return kp; else throw new IOException("Stream " + is + " did not contain a PKCS8 KeyPair"); }
0
source share

You need to enable the BouncyCastle lib for most key types. Here's the Maven dependency: org.bouncycastle bcprov-jdk16 1.46

0
source share

More articles:


All Articles