stackoom
  简体   繁体   中英

Authentication using a key encrypted with a passphrase in JSch

 原文  2022-12-08 10:45:50       java/ ssh/ sftp/ jsch

Question

I'd like to use JSch to open an SFTP connection to download some files.

String SFTPPRIVATEKEY = "/folder/privatekeyfile";
String SFTPUSER = "user";
String SFTPPASS = "";
String SFTPHOST = "server.tld";
String SFTPPORT = "22";
int usePrivateKey = 1;

public boolean connect() {
    boolean isConnected = false;
    try {
        JSch jsch = new JSch();
        
        if (usePrivateKey) {
            jsch.addIdentity(SFTPPRIVATEKEY);
        }
        
        session = jsch.getSession(SFTPUSER,SFTPHOST,SFTPPORT);
        if (!usePrivateKey) {
            session.setPassword(SFTPPASS);
        }
        
        java.util.Properties config = new java.util.Properties();
        config.put("StrictHostKeyChecking", "no"); 
        session.setConfig(config);
        session.connect();
        if (session.isConnected() == true) {
            log.println("Connection to Session server is successfully");
        }
        channel = session.openChannel("sftp");
        channel.connect();
        channelSftp = (ChannelSftp)channel;
        isConnected = true;
    } catch (JSchException e) {
        log.println("SFTPClient Connect ERROR: "+e.getMessage());
        e.printStackTrace();
        
    }
    return isConnected;
}

If i run my code i get:

com.jcraft.jsch.JSchException: USERAUTH fail

I tried to connect using sftp on the shell on the same client where my Java code runs. I run

sftp -i privatekeyfile user@server.tld

It prompts for a passphrase for the privatekeyfile. I entered the passphrase and the connection works great.

But JSch did not connect. I found no option to set the passphrase in JSch. Maybe this is the problem?

Can some of you help?
Thanks

1 answers

solution1
 1 ACCPTED  2022-12-08 10:53:57

There's JSch.addIdentity overload that takes the passphrase: 

public void addIdentity(String prvkey, String passphrase)

Obligatory warning: Do not use StrictHostKeyChecking=no to blindly accept all host keys. That is a security flaw. You lose a protection against MITM attacks . For the correct (and secure) approach, see: How to resolve Java UnknownHostKey, while using JSch SFTP library?

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Ingesting data from remote SFTP server using JSch with public/private key authentication. Any examples? Getting “com.jcraft.jsch.JSchException: Auth fail” – but “ssh” can login using public key authentication Bypass or force session authentication using Jsch Public key authentication fails with JSch but work with OpenSSH with the same key JSCH SFTP login using two factor authentication Java - Authentication with public key and passphrase - j2ssh Public key validation using jsch library or java Jsch auth fail using public key Connection with server using private key Jsch Connnect sftp using jsch and public key
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM