问题
I want to read the the SSH key-sig pair banner (for generating SSH password) after connecting to a remote host in java. I'm using JSch client library for SSH connections.
The SSH password changes after certain operations on the host, hence each time I need to generate a new SSH password from the key-sig pair to login.
Is there a way that I can read the banner programmatically?
Below is a snippet of the key-sig pair banner coming up with the password prompt when trying to SSH through client console (PuTTY).
NbwDZIAGjGS90zisB+jY9Kqrmu67PyMwas6S6jY68f+QL4l+TJDyHWUTGtzluflwY+z/bHn0mXtdIkgxsoiVm5nCnNi0viMUKq/dPygXEZ0uDma9Co0WHI25UNLn525pNSuT1At5wTEEinH7xKiypIKDNVxxeprshtsd4rcirTUQveTBEbAgABJtzHrSNHmqs2Rui4NbWRqFDabft4uID6qwtl5wxAoNhh0Z9FT1r3kCK0FoLxcp9nlyQ6kD2rmp1sQG1SvQky2ATa9sD+ZBBAhlvwbOns5fWRE8A+ElQtkvyB8IxCS59cWa8T5rXm7G57x9uExEn57Vn3ZBuKP9Tg== bS6VdF5I167P03QMkM88k2cwS9KtyEfgT6Ff2e0iIvxdBMSKq453953J//vuriZk+mKjiEX0/RzrQSVIAzOYXFTtsZrIh7ER2IS0LoaXQ5izk4aobVq3BtiU+EknM3Qcy7IpVbwmQ7ZmCmjtOL+Ux/n8vEDLYdk8dVeFJpzp4s53MrRkm4RC9yHgROW6HJxYscmQa+xah5ymRJyC2mt4aFfeQjAUZIEBhncLQge6nGEMybXmail1bgqhinE5xem+K6M2Ad3+0ahhW7NflWC4LjweTSHfsItfDwsb8i280LuYuw6w07LTadkn40AfpnVXOiFM+eUpUeIkw16RzduCew==
回答1:
The message (which you call "SSH key-sig pair banner") can come either as an SSH authentication banner or as an SSH keyboard interactive authentication prompt. It cannot be a password authentication prompt, as that is not customizable by an SSH server.
In both cases, to capture the message, implement the UserInfo interface. And associate it with the Session instance using the Session.setUserInfo method.
To capture the authentication banner, implement the UserInfo.showMessage method. Note that the JSch calls that method for other (internal) messages too, not just for the banner. So you have to check, if you got the message you are looking for.
To capture the keyboard interactive prompt, your
UserInfoimplementation has to implement also the UIKeyboardInteractive interface and its UIKeyboardInteractive.promptKeyboardInteractive method. The message can come inname,instructionorpromptarguments. You have to find out yourself.
To quickly test how the server is sending the message, try to connect with WinSCP SFTP client and check how it displays the message.
as a banner:
or as a keyboard interactive prompt?
The "Server Prompt" in the title is what you get in the
name. Theinstructionwould be rendered below the "Using keyboard-interactive authentication" (there are no "instructions" on this prompt). And the "The challenge is ..." is theprompt[0](there's just one "prompt" in this case, but there can be more).
来源:https://stackoverflow.com/questions/40058471/how-to-read-the-ssh-key-sig-pair-banner-for-generating-ssh-password-after-conn