Filesystem Provider with SSH key-based authentication

[gian-didom]

Description

Implement key-based SFTP authentication via file system provider, without specifying user:password@host:port/path/to/file, but just user@host:port/path/to/file.

Motivation

I'm trying to extend Apple's pkl-lang project by allowing to load remote resources via SFTP. I'm doing this by adding mina-ssd to the project.

I was able to achieve this by manually isntantiating an SSH client and forwarding the remote requests; however, pal-lang has an already implemented feature that allows to use existing file system providers. As Mina has a filesystem provider, it would integrate really beautifully. However, I don't think it is reasonable to use passwords as variables or plain strings in the .pkl configuration files, so using key-based authentication is preferable.

Alternatives considered

I tried to look into Mina's codebase, but it seems that the user string is validated against the presence of the : character. If the number of parts are different Thant 2, the user is considered invalid and an error is thrown.

Additional context

No response

[dragonknight88]

Are you using mina server? If yes, you could implement authenticate() method of org.apache.sshd.server.auth.pubkey.PublickeyAuthenticator youself and enable public key auth by adding it to server init.

server.setPublickeyAuthenticator(publickeyAuthenticator);

[ago1024]

SftpFileSystemProvider.newFileSystem(uri, env) uses parseCredentials(uri) to extract the username and password (if present) and generates the file system id from the credentials. SftpFileSystemProvider.getFileSystem(uri) uses getFileSystemIdentifier(uri) to directly create the file system id. This method fails if the password is not present in the uri.

https://github.com/apache/mina-sshd/blob/f0608d7b3a0de703e409d0c90d9d3370b805e089/sshd-sftp/src/main/java/org/apache/sshd/sftp/client/fs/SftpFileSystemProvider.java#L1504

[tomaswolf]

Fixed by 3a04770.