SFTP: public key AND password auth?

[ragebiswas]

trafficstars

Hi @hierynomus! It looks like there are some SFTP servers that require publickey and password based authentication. Glancing at the auth* methods in SSHClient, it's not immediately obvious to me if this is supported at all.

The corresponding manual/command-line way to do this is:

$> sftp -vvv -oPort=123 -oIdentityFile=/path/to/key -oUser=username

The above cmd says that key authentication succesful, trying password next (or something of the sort). Is there something obvious I'm missing - or is this not supported in the library as of now?

[pseudometric]

More precisely: the SSH userauth protocol allows a server to require multiple authentication methods to succeed before granting access. The “partial success” flag in the userauth response indicates whether an attempt failed, or succeeded but further methods are also required to succeed (so the client can know whether to keep trying multiple keys for publickey authentication, for example, or move on to the next offered method). The sshj code does refer to the partial success flag. Is there any impediment to working with servers that require multiple authentication methods?

[hierynomus]

You should be able to implement this using the following:

SSHClient client = new SSHClient();
client.connect(...);
client.auth("username", new AuthPublicKey(keyPair), new AuthPassword("password"));

Let me know if that works.

[hierynomus]

@pseudometric Does it work?

[dmk1000]

It works for me where the server was configured with AuthenticationMethods publickey,password

Thanks. Really helpful.