sshj
sshj copied to clipboard
hierynomus
Whether mixed password authentication and public key authentication are supported
I have a project that requires both password and public key authentication, please tell me how to achieve it. Is there an example
The SSHClient.auth() method supports the ability to provide multiple types of authentication methods, including password and public key authentication.
Apache NiFi has components that implement this approach. The StandardSSHClientProvider class builds a list of AuthMethod objects based on external configuration.
@Bamboo-devops This should indeed work by configuring multiple auth methods in the right order. SSHJ can then first do password authentication and if that partially succeeds additionally do the Pubkey authentication to fully authenticate the user. If this answers your question, please close the issue.
@hierynomus @exceptionfactory Sorry to revive a dead thread, but it actually talks about something I was looking for almost exactly. We're actually using an FTP processor from Apache Nifi and ran into an issue with auth methods. Our issue is that the AuthMethods ordering seems to matter. That's not the case for most ssh clients and it's causing us trouble connecting to some FTP servers as some have different AuthenticationMethods configured in their sshd_config. They're similar, but the order can vary and we can't change them on the server side. Is it possible to make these checks order agnostic? For instance, if you use the openssh client's PreferredAuthentications options, it doesn't matter if you do "password,publickey" or "publickey,password".
Can you check whether https://github.com/hierynomus/sshj/pull/820 works for you?