Geek asks and answers

How can I get the JSch API to log in to a Unix server without a password?

I am trying to create a Java application that runs shell scripts on a remote Unix server using the JSch API.

I was wondering if it is possible to log into the server without a password. If so - how? Should I generate an authentication key pair on the servers, then make an application to read information from the key file?

The Java application is located on a Windows station.

+3
source share
4 answers

This is certainly doable. Check out the sample directory containing jsch.

UserAuthPubKey.java shows how to authenticate using the public key, and KeyGen.java is the choice for creating public and private keys.

+3
source

, , , :

JSch jsch = new JSch();
jsch.addIdentity(".ssh/privateKey.pem");

addIdentity , .

+3

, , :

JSch jsch=new JSch();
Session session=jsch.getSession("my_username", "my_host", my_port);
session.setConfig("PreferredAuthentications", "publickey");
jsch.setKnownHosts("~/.ssh/known_hosts");
jsch.addIdentity("~/.ssh/id_rsa");
session.setConfig("StrictHostKeyChecking", "no");
session.connect(30000);
Channel channel=session.openChannel("shell");
channel.setInputStream(System.in);
channel.setOutputStream(System.out);
channel.connect(3*1000);

, rsa dsa- addIdentity - id_rsa id_dsa.

(cat.ssh/id_rsa.pub | ssh me @servername 'cat → .ssh/).

+3

jlliagre, .

, , ( ~/.ssh/authorized_keys ), give JSch, , []. PreferredAuthentications, , - .

.. , , , , .

Thus, you must make sure that the account cannot do anything malicious, or that the client machine (your account and any privileged one) is under your full control (or only with well-known comrades). (Encrypting the private key with a passphrase does not help if the passphrase is shared with your program, nor does it put it in the jar file of the program.)

0
source

More articles:


All Articles