Documentation
Open Source Release Policy
Export Compliance
Using BouncyCastle
Installing the API
Enabling Logging
Per-Connection Logging
Third Party Dependencies
Generating SSH Keys
Using BouncyCastle
Using SSH Public Keys in Java
Supporting ED25519/Curve25519
Supporting Compression
Integrating Licensing into Maven Builds
Creating an SSH Client
Public Key Authentication
Keyboard Interactive Authentication
Public Key Authentication with sshagent
Executing Single Commands
Executing Commands within a Shell
Transferring Files
Connecting through Proxies
Display the Authentication Banner
Using the SFTP Client
Port Forwarding
Working Examples
Configuring Listening Interfaces
Configuring Host Keys
Password Authentication
Public Key Authentication
Challenge-Response Authentication
Configuring Port Forwarding
Configuring SFTP
Supporting SCP
Implementing your own File System
Creating an Interactive Terminal
Proxy Protocol Support
Authenticating Users with Passwords
With the Maverick Synergy SSH server API, we can configure the server to accept users via password authentication by adding an Authenticator instance to the server that extends PasswordAuthenticationProvider.
In our first example, we saw this with the built-in utility class InMemoryPasswordAuthenticator, where we simply pass an instance to the server and configure it with usernames and passwords allowed to connect.
server.addAuthenticator(new InMemoryPasswordAuthenticator()
.addUser("admin", "admin".toCharArray()));Code language: JavaScript (javascript)We can, of course, extend the use of this by adding more users:
server.addAuthenticator(new InMemoryPasswordAuthenticator()
.addUser("admin", "admin".toCharArray())
.addUser("bob", "zzzzzz".toCharArray())
.addUser("alice", "yyyyyy".toCharArray())
.addUser("lee", "xxxxxx".toCharArray()));Code language: JavaScript (javascript)This, however, may not be ideal for you, and you may want to support password authentication from external sources. In this case, you will need to implement your own PasswordAuthenticatorProvider.
To do this, extend PasswordAuthenticationProvider and implement the verifyPassword method. You do not have to implement changePassword; this is optional. If you want to support password change, then you simply throw PasswordChangeException from verifyPassword and implement the changePassword method too.
public class MyPasswordAuthenticator extends PasswordAuthenticationProvider {
@Override
public boolean verifyPassword(SshConnection con, String username, String password)
throws PasswordChangeException, IOException {
return false;
}
@Override
public boolean changePassword(SshConnection con, String username, String oldpassword, String newpassword)
throws PasswordChangeException, IOException {
return false;
}
}Code language: JavaScript (javascript)Then configure your server with your implementation:
server.addAuthenticator(new MyPasswordAuthenticator());Code language: JavaScript (javascript)