Authenticating with ssh-agent

It's now possible to authenticate to SSH servers using keys stored in the ssh-agent with the Maverick Legacy Client API. Currently you can only use the ssh-agent features in read only mode so it's not possible to add keys to the agent through the API, these must be added through normal mechanisms.

To use these features you should ensure you have the optional maverick-agent.jar in your class path.

Setup

ssh-agent will typically already be configured in your bash startup scripts on most *nix type operation systems. The examples here have been tested on OSX but this should also be true for most modern Linux distributions. If this is not the case please consult your operating system documentation.

You should first load any keys you require into ssh-agent using ssh-add command. Calling ssh-add without any arguments will load some standard keys into the agent.

Lees-Mac-Pro:~ lee$ ssh-add
Identity added: /Users/lee/.ssh/id_rsa (/Users/lee/.ssh/id_rsa)
Identity added: /Users/lee/.ssh/id_dsa (/Users/lee/.ssh/id_dsa)

 

One you have some keys loaded, assuming you have a SSH server you can connect to that is configured for these keys then your ready to go.

The Code

First thing you need to do is to work out the Unix Domain socket address for your ssh-agent. You should be able to find this in your environment variables under the variable SSH_AUTH_SOCK. If so you can create the SshAgentClient like so

String SSH_AUTH_SOCK = System.getenv("SSH_AUTH_SOCK");		
SshAgentClient agentClient = SshAgentClient.connectLocalAgent("Test", 
	SSH_AUTH_SOCK, AgentSocketType.UNIX_DOMAIN);

 

Then simply setup your Maverick Legacy Client to authenticate with the Ssh2AgentAuthentication implementation

Ssh2AgentAuthentication pk = new Ssh2AgentAuthentication(agentClient); 
if(ssh.authenticate(pk)!=SshAuthentication.COMPLETE) {
throw new Exception("Agent authentication failed");
}

 

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.