[英]How to read the SSH key-sig pair banner (for generating SSH password) after connecting to host in Java?
I want to read the the SSH key-sig pair banner (for generating SSH password) after connecting to a remote host in java.我想在连接到 java 中的远程主机后读取 SSH 密钥-签名对横幅(用于生成 SSH 密码)。 I'm using JSch client library for SSH connections.我正在使用 JSch 客户端库进行 SSH 连接。
The SSH password changes after certain operations on the host, hence each time I need to generate a new SSH password from the key-sig pair to login. SSH 密码在主机上进行某些操作后会发生变化,因此每次我都需要从 key-sig 对生成一个新的 SSH 密码才能登录。
Is there a way that I can read the banner programmatically?有没有办法以编程方式阅读横幅?
Below is a snippet of the key-sig pair banner coming up with the password prompt when trying to SSH through client console (PuTTY).以下是尝试通过客户端控制台 (PuTTY) 进行 SSH 时出现密码提示的密钥-签名对横幅的片段。
NbwDZIAGjGS90zisB+jY9Kqrmu67PyMwas6S6jY68f+QL4l+TJDyHWUTGtzluflwY+z/bHn0mXtdIkgxsoiVm5nCnNi0viMUKq/dPygXEZ0uDma9Co0WHI25UNLn525pNSuT1At5wTEEinH7xKiypIKDNVxxeprshtsd4rcirTUQveTBEbAgABJtzHrSNHmqs2Rui4NbWRqFDabft4uID6qwtl5wxAoNhh0Z9FT1r3kCK0FoLxcp9nlyQ6kD2rmp1sQG1SvQky2ATa9sD+ZBBAhlvwbOns5fWRE8A+ElQtkvyB8IxCS59cWa8T5rXm7G57x9uExEn57Vn3ZBuKP9Tg== bS6VdF5I167P03QMkM88k2cwS9KtyEfgT6Ff2e0iIvxdBMSKq453953J//vuriZk+mKjiEX0/RzrQSVIAzOYXFTtsZrIh7ER2IS0LoaXQ5izk4aobVq3BtiU+EknM3Qcy7IpVbwmQ7ZmCmjtOL+Ux/n8vEDLYdk8dVeFJpzp4s53MrRkm4RC9yHgROW6HJxYscmQa+xah5ymRJyC2mt4aFfeQjAUZIEBhncLQge6nGEMybXmail1bgqhinE5xem+K6M2Ad3+0ahhW7NflWC4LjweTSHfsItfDwsb8i280LuYuw6w07LTadkn40AfpnVXOiFM+eUpUeIkw16RzduCew== NbwDZIAGjGS90zisB + jY9Kqrmu67PyMwas6S6jY68f + QL4l + TJDyHWUTGtzluflwY + Z / bHn0mXtdIkgxsoiVm5nCnNi0viMUKq / dPygXEZ0uDma9Co0WHI25UNLn525pNSuT1At5wTEEinH7xKiypIKDNVxxeprshtsd4rcirTUQveTBEbAgABJtzHrSNHmqs2Rui4NbWRqFDabft4uID6qwtl5wxAoNhh0Z9FT1r3kCK0FoLxcp9nlyQ6kD2rmp1sQG1SvQky2ATa9sD + ZBBAhlvwbOns5fWRE8A + ElQtkvyB8IxCS59cWa8T5rXm7G57x9uExEn57Vn3ZBuKP9Tg == bS6VdF5I167P03QMkM88k2cwS9KtyEfgT6Ff2e0iIvxdBMSKq453953J // vuriZk + mKjiEX0 / RzrQSVIAzOYXFTtsZrIh7ER2IS0LoaXQ5izk4aobVq3BtiU + EknM3Qcy7IpVbwmQ7ZmCmjtOL +的Ux / n8vEDLYdk8dVeFJpzp4s53MrRkm4RC9yHgROW6HJxYscmQa + xah5ymRJyC2mt4aFfeQjAUZIEBhncLQge6nGEMybXmail1bgqhinE5xem + K6M2Ad3 + 0ahhW7NflWC4LjweTSHfsItfDwsb8i280LuYuw6w07LTadkn40AfpnVXOiFM + eUpUeIkw16RzduCew ==
The message (which you call "SSH key-sig pair banner") can come either as an SSH authentication banner or as an SSH keyboard interactive authentication prompt.该消息(您称之为“SSH 密钥-签名对横幅”)可以作为 SSH 身份验证横幅或 SSH 键盘交互式身份验证提示出现。 It cannot be a password authentication prompt, as that is not customizable by an SSH server.它不能是密码身份验证提示,因为 SSH 服务器无法自定义。
In both cases, to capture the message, implement the UserInfo
interface .在这两种情况下,要捕获消息,请实现UserInfo
接口。 And associate it with the Session
instance using the Session.setUserInfo
method .并使用Session.setUserInfo
方法将其与Session
实例相关联。
To capture the authentication banner, implement the UserInfo.showMessage
method .要捕获身份验证横幅,请实现UserInfo.showMessage
方法。 Note that the JSch calls that method for other (internal) messages too, not just for the banner.请注意,JSch 也为其他(内部)消息调用该方法,而不仅仅是横幅。 So you have to check, if you got the message you are looking for.所以你必须检查,如果你得到了你正在寻找的消息。
To capture the keyboard interactive prompt, your UserInfo
implementation has to implement also the UIKeyboardInteractive
interface and its UIKeyboardInteractive.promptKeyboardInteractive
method .要捕获键盘交互提示,您的UserInfo
实现还必须实现UIKeyboardInteractive
接口及其UIKeyboardInteractive.promptKeyboardInteractive
方法。 The message can come in name
, instruction
or prompt
arguments.消息可以是name
、 instruction
或prompt
参数。 You have to find out yourself.你必须自己找出来。
To quickly test how the server is sending the message, try to connect with WinSCP SFTP client and check how it displays the message.要快速测试服务器如何发送消息,请尝试连接WinSCP SFTP 客户端并检查它如何显示消息。
or as a keyboard interactive prompt ?还是作为键盘交互提示?
The "Server Prompt" in the title is what you get in the name
.标题中的“服务器提示”就是name
。 The instruction
would be rendered below the "Using keyboard-interactive authentication" (there are no "instructions" on this prompt).该instruction
将呈现在“使用键盘交互式身份验证”下方(此提示中没有“说明”)。 And the "The challenge is ..." is the prompt[0]
(there's just one "prompt" in this case, but there can be more).而“挑战是……”是prompt[0]
(在这种情况下只有一个“提示”,但可以有更多)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.