java 通过ssh 执行命令

java 里面的开源 ssh lib

1、Jsch

2、SSHJ

JSCH 里面的概念

1、Linux OpenSSH 验证方式对应的 jsch auth method

在/etc/sshd_config 文件中

# Authentication:
PubkeyAuthentication         //对应的是 publickey 公钥认证
PasswordAuthentication yes   //对应的是 password 密码验证
ChallengeResponseAuthentication yes  //对应的是 keyboard-interactive 键盘交互

# Kerberos options             
KerberosAuthentication yes  //对应的是kerberos 验证
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
GSSAPIAuthentication yes   //对应的 gssapi-with-mic 验证
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no

OpenSHH 文档中写到

The methods available for authentication are: GSSAPI-based authentication, host-based authentication, public key authentication, challenge-response authentication, and password authentication. Authentication methods are tried in the order specified above, thoughPreferredAuthentications can be used to change the default order.

我们在使用jsch 的时候就要注意几点

//StrictHostKeyChecking 选项可用于控制对主机密钥未知或已更改的计算机的登录。
session.setConfig("StrictHostKeyChecking", "no");
//设置首选的Auth Method
session.setConfig("PreferredAuthentications","publickey,keyboard-interactive,password");

我们如果使用sshj 就可以这样

//调用 sshClient 的这个方法，里面可以实现多个验证方式
public void auth(String username, AuthMethod... methods)
            throws UserAuthException, TransportException {
        checkConnected();
        auth(username, Arrays.<AuthMethod>asList(methods));
    }
//例子
 		DefaultConfig defaultConfig = new DefaultConfig();
        final SSHClient client = new SSHClient(defaultConfig);
        String host = "127.0.0.1";
        String user = "king";
        String password = "123456";
        client.setTimeout(60000);
        client.loadKnownHosts();
        client.addHostKeyVerifier(new PromiscuousVerifier());
        client.connect(host);
        PasswordFinder pwdf = PasswordUtils.createOneOff(password.toCharArray());
        PasswordResponseProvider provider = new PasswordResponseProvider(pwdf);
		//键盘交互
        AuthKeyboardInteractive authKeyboardInteractive = new AuthKeyboardInteractive(provider);
		//密码验证
        AuthPassword authPassword = new AuthPassword(pwdf);
        client.auth(user, authKeyboardInteractive, authPassword);

jsch 例子

 		JSch jSch = new JSch();
		//设置JSch 的日志，可以看到具体日志信息
        JSch.setLogger(new Logger() {
            @Override
            public boolean isEnabled(int level) {
                return true;
            }
            @Override
            public void log(int level, String message) {
                System.out.println("logger:" + message);
            }
        });
        com.jcraft.jsch.Session session = jSch.getSession("king", "127.0.0.1");
        session.setPassword("123456");
		//忽略第一次连接时候 hostkey 检查
        session.setConfig("StrictHostKeyChecking", "no");
        //设置首选的身份验证方式
        session.setConfig("PreferredAuthentications", "publickey,keyboard-interactive,password");
        session.connect(60000);
		//开启shell，shell 具有上下文交互，执行命令不会马上退出
        ChannelShell shell = (ChannelShell) session.openChannel("shell");
		//开始 exec 类似linux bash -c exec 执行完命令马上退出
        //ChannelExec exec = (ChannelExec)session.openChannel("exec");
        //exec.setCommand("");
        shell.setPtyType("dumb");
        shell.setPty(true);
        shell.connect(60000);
        boolean connected = shell.isConnected();
        OutputStream outputStream = shell.getOutputStream();
        InputStream inputStream = shell.getInputStream();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, "utf-8"));
		//通过流写入命令
        outputStream.write("pwd\n cd /home\nls\npwd\n".getBytes());
        outputStream.flush();
        String line;
        while ((line = bufferedReader.readLine()) != null) {
            System.out.println(line);
        }

sshj 例子

 DefaultConfig defaultConfig = new DefaultConfig();
        final SSHClient client = new SSHClient(defaultConfig);
        String host = "127.0.0.1";
        String user = "king";
        String password = "123456";
        client.setTimeout(60000);
        client.loadKnownHosts();
        client.addHostKeyVerifier(new PromiscuousVerifier());
        client.connect(host);
        try {
            client.authPassword(user, password);
            final SessionChannel session = (SessionChannel) client.startSession();
            session.allocateDefaultPTY();
			//这里的session 类似 jsch 里面的exec ，可以直接执行命令。
			//session.exec("pwd");
            SessionChannel shell = (SessionChannel) session.startShell();
            try {
                OutputStream outputStream = shell.getOutputStream();
                outputStream.write("pwd\n".getBytes());
                outputStream.flush();
                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(shell.getInputStream(), "utf-8"));
                String line;
                while ((line = bufferedReader.readLine()) != null) {
                    System.out.println(line);
                }
            } catch (InterruptedException e) {
                e.printStackTrace();
            }
        } finally {
            client.disconnect();
        }

来源：oschina

链接：https://my.oschina.net/u/1266813/blog/2991615