How to Use Jsch for Ssh Key-Based Communication

Can we use JSch for SSH key-based communication?

It is possible. Have a look at JSch.addIdentity(...)

This allows you to use key either as byte array or to read it from file.

import com.jcraft.jsch.Channel;
import com.jcraft.jsch.ChannelSftp;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.Session;

public class UserAuthPubKey {
    public static void main(String[] arg) {
        try {
            JSch jsch = new JSch();

            String user = "tjill";
            String host = "192.18.0.246";
            int port = 10022;
            String privateKey = ".ssh/id_rsa";

            jsch.addIdentity(privateKey);
            System.out.println("identity added ");

            Session session = jsch.getSession(user, host, port);
            System.out.println("session created.");

            // disabling StrictHostKeyChecking may help to make connection but makes it insecure
            // see http://stackoverflow.com/questions/30178936/jsch-sftp-security-with-session-setconfigstricthostkeychecking-no
            // 
            // java.util.Properties config = new java.util.Properties();
            // config.put("StrictHostKeyChecking", "no");
            // session.setConfig(config);

            session.connect();
            System.out.println("session connected.....");

            Channel channel = session.openChannel("sftp");
            channel.setInputStream(System.in);
            channel.setOutputStream(System.out);
            channel.connect();
            System.out.println("shell channel connected....");

            ChannelSftp c = (ChannelSftp) channel;

            String fileName = "test.txt";
            c.put(fileName, "./in/");
            c.exit();
            System.out.println("done");

        } catch (Exception e) {
            System.err.println(e);
        }
    }
}

JSch how to use with PuTTY private key

  • First, you need to register your PuTTYgen-generated public key on the server. See Getting ready for public key authentication or (my) Set up SSH public key authentication.

  • And finally see Can we use JSch for SSH key-based communication? for details on using the private key in JSch.

Make sure you use the latest version of JSch, as older versions do not support the .ppk format natively.

SFTP with java client when keys are shared

Use addIdentity() api in jsync and point to your private key file location.

Ref:
Can we use JSch for SSH key-based communication?

   String privateKey = "~/.ssh/id_rsa";    
   jsch.addIdentity(privateKey);
   System.out.println("identity added ");    
   Session session = jsch.getSession(user, host, port);
   System.out.println("session created.");

Ingesting data from remote SFTP server using JSch with public/private key authentication. Any examples?

The StrictHostKeyChecking has nothing to do with private/public key authentication. It's about host key verification. Though you are right that you should not set the option to no.

See JSch SFTP security with session.setConfig("StrictHostKeyChecking", "no");

For the actual public/private key authentication, see Can we use JSch for SSH key-based communication?

Though note that the accepted answer wrongly sets the StrictHostKeyChecking to no. So do not copy that part.

Is this safe to share private key in JCraft JSch

No, it's not risky to give JSch your private key.

In order to make asymmetric cryptography work, you have to use a private key.
In this case, JSch is doing the job for you, but it won't send it to anyone, it's just using it to decrypt data you receive, and encrypt data you send.

Not trusting every library you can find is a good thing. In fact, it would be possible for JSch to just send your private key with all your other credentials to some server. The good thing about open source: you can take a look if JSch does these kind of things! (but be aware that the source code is poorly documented and not well written, so it could take some time to see for yourself)

As far as I know, it doesn't, and I guess it wouldn't be the de-facto standard for SSH in Java if it would.


Related Topics

Running Multiple Launch Configurations at Once

12:Xx Shown as 00:Xx in Simpledateformat.Format("Hh:Mm:Ss")

How to Create a Sub Array from Another Array in Java

How to Make a Java Class That Implements One Interface with Two Generic Types

How to Format a String in an Email So Outlook Will Print the Line Breaks

Jpa/Hibernate Native Queries Do Not Recognize Parameters

How to Flatten 2D Array to 1D Array

Cannot Resolve Constructor Firefoxdriver(Org.Openqa.Selenium.Firefox.Firefoxprofile)

JPA Eager Fetch Does Not Join

How to Create an Object of an Interface

Create a New Line in Java's Filewriter

Eclipse Windowbuilder, Overlapping JPAnels

What Does It Mean: the Serializable Class Does Not Declare a Static Final Serialversionuid Field

Java Linkedhashmap Get First or Last Entry

Spring-Batch Without Persisting Metadata to Database

How to Read the Manifest File for a Webapp Running in Apache Tomcat

Use Custom Fonts When Creating PDF Using Ireport

How to Have a Textfield Inside a Label


Leave a reply



Submit