Documentation
Open Source Release Policy
Export Compliance
Using BouncyCastle
Installing the API
Enabling Logging
Per-Connection Logging
Third Party Dependencies
Generating SSH Keys
Using BouncyCastle
Using SSH Public Keys in Java
Supporting ED25519/Curve25519
Supporting Compression
Integrating Licensing into Maven Builds
Creating an SSH Client
Public Key Authentication
Keyboard Interactive Authentication
Public Key Authentication with sshagent
Executing Single Commands
Executing Commands within a Shell
Transferring Files
Connecting through Proxies
Display the Authentication Banner
Using the SFTP Client
Port Forwarding
Working Examples
Configuring Listening Interfaces
Configuring Host Keys
Password Authentication
Public Key Authentication
Challenge-Response Authentication
Configuring Port Forwarding
Configuring SFTP
Supporting SCP
Implementing your own File System
Creating an Interactive Terminal
Proxy Protocol Support
Authenticating the Client with Keyboard Interactive Authentication
keyboard-interactive is an SSH authentication mechanism that allows generic challenge-response type authentication. This can vary from a single prompt for the users’ password to multiple rounds of challenges.
To support this type of authentication in Maverick Synergy, you must provide a KeyboardInteractiveCallback implementation. Let’s look at how we would set this up:
ssh.authenticate(new KeyboardInteractiveAuthenticator(new KeyboardInteractiveCallback() {
public void init(SshConnection connection) {
}
public void showPrompts(String name, String instruction, KeyboardInteractivePrompt[] prompts,
KeyboardInteractivePromptCompletor completor) {
}
}), 30000);Code language: JavaScript (javascript)As usual, we are passing an Authenticator object to the SshClient to perform authentication. We have created an empty implementation of KeyboardInteractiveCallback. The init method is called before authentication starts; it’s there for you to use for any initialization that you need to perform; in most cases, you can leave this empty. If you want, you can store the SshConnection to maintain any state with its property methods. Alternatively, you could extend AbstractKeyboardInteractiveCallback, which implements init with a method that stores the SshConnection to a protected “connection” variable.
When authentication starts, you should expect to receive one or more calls to the showPrompts method. You are required here to show the prompts provided to the user and receive a response. Below, we show you how to do this using the console by simply prompting the user through System.out and receiving input through System.in.
try {
System.out.println(instruction);
for(KeyboardInteractivePrompt prompt : prompts) {
System.out.print(prompt.getPrompt());
if(prompt.echo()) {
prompt.setResponse(System.console().readLine());
} else {
prompt.setResponse(new String(System.console().readPassword()));
}
}
completor.complete();
} catch (Exception e) {
completor.cancel();
}Code language: PHP (php)In this code, we printed out the instruction field provided by the server, then iterated over the prompts, showing a prompt and receiving the response; the response from the user must be set on the KeyboardInteractivePrompt object using the setResponse method.
When you have completed all these, it is important to call the complete method on the KeyboardInteractivePromptCompletor object. This will submit the responses to the server; without this, your authentication will hang. If, for any reason, the user wants to cancel the authentication, call the cancel method on the KeyboardInteractivePromptCompletor object.