Re: Java & OpenSSH

From: Ben Ricker (bricker_at_wellinx.com)
Date: 12/04/03

  • Next message: Joo Chung: "sftp-server replacement"
    To: SSH List <secureshell@securityfocus.com>
    Date: Thu, 04 Dec 2003 12:03:29 -0600
    
    

    Use key authentication: see
    http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen or look at the
    ssh manpage on the same site.

    Ben Ricker
    Wellinx, inc.

    On Thu, 2003-12-04 at 00:13, Popeanga Marian wrote:
    > Brendan Benke wrote:
    >
    > >Hello,
    > >
    > >I am trying to create an ssh tunnel via a java app. It's possible to get
    > >the ssh process started using Runtime.exec("ssh -2 -f -N -L
    > >port:host:port -l user remotehost") but being constrained to password
    > >authentication I'm stuck on how to get the password to the client. I've
    > >read about possibly changing readpass.h to allow stdin, but to what value?
    > >Is this even the right approach? What are valid values for RP_ALLOW_STDIN?
    > >
    > >Any help would be greatly appreciated.
    > >
    > >Thanks,
    > >Brendan
    > >
    > >
    > >
    > Hi,
    >
    > We also will need this approach from a C++ application.
    > Without modifing the ssh to read the password from stdin we could pass
    > it from a text file.
    > But this way the password could be stollen. I really don't know why ssh
    > does'nt support this ?
    > Anyone achived to modifiy it ?
    >
    > /Marian
    >
    >
    >


  • Next message: Joo Chung: "sftp-server replacement"

    Relevant Pages

    • Re: key based authentication except from certain hosts
      ... only key authentication. ... we have a monitoring software that use SSH to collect metrics from ... Then modify the new config files as necessary, ... cp -p sshd privatesshd ...
      (comp.security.ssh)
    • RE: Disable SSH authentication
      ... You can still use SSH with PAM and skip both password and key authentication by changing the following entry in /etc/pam.d/sshd file and commenting other auth entries. ... My question is that can we disable the SSH authentication so that we don't need to either provide user account or the public key? ...
      (SSH)
    • Re: SSH hacked?
      ... Why use passwords at all with SSH? ... public key authentication is several orders of magnitude harder to crack ... key authentication will protect you from brute force attacks on SSH. ...
      (Ubuntu)
    • Re: [opensuse] Clueless about SSH
      ... setting up key authentication. ... I do all my passwordless ssh configs the same way. ... desktop machine, added the public key to authorized_keys, copied that file to ... my laptop ~/.ssh and made an ssh connection from desktop to laptop, ...
      (SuSE)
    • Re: [opensuse] Clueless about SSH
      ... setting up key authentication. ... ssh is usually 'fire-and-forget' simple. ... allow access between your machines. ... exit $E_NOTROOT ...
      (SuSE)