Can we use JSch for SSH key-based communication?
It is possible. Have a look at JSch.addIdentity(...)
This allows you to use key either as byte array or to read it from file.
import com.jcraft.jsch.Channel;
import com.jcraft.jsch.ChannelSftp;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.Session;
public class UserAuthPubKey {
public static void main(String[] arg) {
try {
JSch jsch = new JSch();
String user = "tjill";
String host = "192.18.0.246";
int port = 10022;
String privateKey = ".ssh/id_rsa";
jsch.addIdentity(privateKey);
System.out.println("identity added ");
Session session = jsch.getSession(user, host, port);
System.out.println("session created.");
// disabling StrictHostKeyChecking may help to make connection but makes it insecure
// see http://stackoverflow.com/questions/30178936/jsch-sftp-security-with-session-setconfigstricthostkeychecking-no
//
// java.util.Properties config = new java.util.Properties();
// config.put("StrictHostKeyChecking", "no");
// session.setConfig(config);
session.connect();
System.out.println("session connected.....");
Channel channel = session.openChannel("sftp");
channel.setInputStream(System.in);
channel.setOutputStream(System.out);
channel.connect();
System.out.println("shell channel connected....");
ChannelSftp c = (ChannelSftp) channel;
String fileName = "test.txt";
c.put(fileName, "./in/");
c.exit();
System.out.println("done");
} catch (Exception e) {
System.err.println(e);
}
}
}
JSch how to use with PuTTY private key
First, you need to register your PuTTYgen-generated public key on the server. See Getting ready for public key authentication or (my) Set up SSH public key authentication.
And finally see Can we use JSch for SSH key-based communication? for details on using the private key in JSch.
Make sure you use the latest version of JSch, as older versions do not support the .ppk format natively.
SFTP with java client when keys are shared
Use addIdentity()
api in jsync
and point to your private key file location.
Ref:
Can we use JSch for SSH key-based communication?
String privateKey = "~/.ssh/id_rsa";
jsch.addIdentity(privateKey);
System.out.println("identity added ");
Session session = jsch.getSession(user, host, port);
System.out.println("session created.");
Ingesting data from remote SFTP server using JSch with public/private key authentication. Any examples?
The StrictHostKeyChecking
has nothing to do with private/public key authentication. It's about host key verification. Though you are right that you should not set the option to no
.
See JSch SFTP security with session.setConfig("StrictHostKeyChecking", "no");
For the actual public/private key authentication, see Can we use JSch for SSH key-based communication?
Though note that the accepted answer wrongly sets the StrictHostKeyChecking
to no
. So do not copy that part.
Is this safe to share private key in JCraft JSch
No, it's not risky to give JSch your private key.
In order to make asymmetric cryptography work, you have to use a private key.
In this case, JSch is doing the job for you, but it won't send it to anyone, it's just using it to decrypt data you receive, and encrypt data you send.
Not trusting every library you can find is a good thing. In fact, it would be possible for JSch to just send your private key with all your other credentials to some server. The good thing about open source: you can take a look if JSch does these kind of things! (but be aware that the source code is poorly documented and not well written, so it could take some time to see for yourself)
As far as I know, it doesn't, and I guess it wouldn't be the de-facto standard for SSH in Java if it would.
Related Topics
Running Multiple Launch Configurations at Once
12:Xx Shown as 00:Xx in Simpledateformat.Format("Hh:Mm:Ss")
How to Create a Sub Array from Another Array in Java
How to Make a Java Class That Implements One Interface with Two Generic Types
How to Format a String in an Email So Outlook Will Print the Line Breaks
Jpa/Hibernate Native Queries Do Not Recognize Parameters
How to Flatten 2D Array to 1D Array
Cannot Resolve Constructor Firefoxdriver(Org.Openqa.Selenium.Firefox.Firefoxprofile)
How to Create an Object of an Interface
Create a New Line in Java's Filewriter
Eclipse Windowbuilder, Overlapping JPAnels
What Does It Mean: the Serializable Class Does Not Declare a Static Final Serialversionuid Field
Java Linkedhashmap Get First or Last Entry
Spring-Batch Without Persisting Metadata to Database
How to Read the Manifest File for a Webapp Running in Apache Tomcat