SSH Authentication functions

functions to authenticate to servers More...

Functions

void privatekey_free (ssh_private_key prv)
 deallocate a private key
ssh_private_key privatekey_from_file (ssh_session session, const char *filename, int type, const char *passphrase)
 Reads a SSH private key from a file.
ssh_string publickey_from_file (ssh_session session, const char *filename, int *type)
 Retrieve a public key from a file.
ssh_public_key publickey_from_privatekey (ssh_private_key prv)
 Makes a PUBLIC_KEY object out of a PRIVATE_KEY object.
ssh_string publickey_to_string (ssh_public_key key)
 makes a SSH String out of a PUBLIC_KEY object
int ssh_publickey_to_file (ssh_session session, const char *file, ssh_string pubkey, int type)
 Write a public key to a file.
int ssh_try_publickey_from_file (ssh_session session, const char *keyfile, ssh_string *publickey, int *type)
 Try to read the public key from a given file.
int ssh_userauth_agent_pubkey (ssh_session session, const char *username, ssh_public_key publickey)
 Try to authenticate through public key with an ssh agent.
int ssh_userauth_autopubkey (ssh_session session, const char *passphrase)
 Tries to automaticaly authenticate with public key and "none".
int ssh_userauth_kbdint (ssh_session session, const char *user, const char *submethods)
 Try to authenticate through the "keyboard-interactive" method.
const char * ssh_userauth_kbdint_getinstruction (ssh_session session)
 Get the "instruction" of the message block.
const char * ssh_userauth_kbdint_getname (ssh_session session)
 Get the "name" of the message block.
int ssh_userauth_kbdint_getnprompts (ssh_session session)
 Get the number of prompts (questions) the server has given.
const char * ssh_userauth_kbdint_getprompt (ssh_session session, unsigned int i, char *echo)
 Get a prompt from a message block.
int ssh_userauth_kbdint_setanswer (ssh_session session, unsigned int i, const char *answer)
 You have called ssh_userauth_kbdint() and got SSH_AUTH_INFO.
int ssh_userauth_none (ssh_session session, const char *username)
 Try to authenticate through the "none" method.
int ssh_userauth_offer_pubkey (ssh_session session, const char *username, int type, ssh_string publickey)
 Try to authenticate through public key.
int ssh_userauth_password (ssh_session session, const char *username, const char *password)
 Try to authenticate by password.
int ssh_userauth_pubkey (ssh_session session, const char *username, ssh_string publickey, ssh_private_key privatekey)
 Try to authenticate through public key.

Detailed Description

functions to authenticate to servers


Function Documentation

void privatekey_free ( ssh_private_key  prv  ) 

deallocate a private key

Parameters:
prv a PRIVATE_KEY object

Referenced by ssh_bind_accept(), ssh_free(), and ssh_userauth_autopubkey().

ssh_private_key privatekey_from_file ( ssh_session  session,
const char *  filename,
int  type,
const char *  passphrase 
)

Reads a SSH private key from a file.

Parameters:
session SSH Session
filename Filename containing the private key
type Type of the private key. One of TYPE_DSS or TYPE_RSA. Pass 0 to automatically detect the type.
passphrase Passphrase to decrypt the private key. Set to null if none is needed or it is unknown.
Returns:
a PRIVATE_KEY object containing the private key, or NULL if it failed.
See also:
privatekey_free()
publickey_from_privatekey()

References ssh_log(), and SSH_LOG_RARE.

Referenced by ssh_userauth_autopubkey().

ssh_string publickey_from_file ( ssh_session  session,
const char *  filename,
int *  type 
)

Retrieve a public key from a file.

Parameters:
session the SSH session
filename Filename of the key
type Pointer to a integer. If it is not null, it contains the type of the key after execution.
Returns:
a SSH String containing the public key, or NULL if it failed.
See also:
string_free()
publickey_from_privatekey()

References buffer_free(), buffer_get(), buffer_get_len(), string_fill(), and string_new().

Referenced by ssh_try_publickey_from_file().

ssh_public_key publickey_from_privatekey ( ssh_private_key  prv  ) 

Makes a PUBLIC_KEY object out of a PRIVATE_KEY object.

Parameters:
prv the Private key
Returns:
the public key
See also:
publickey_to_string()

References string_burn(), string_data(), string_fill(), string_free(), string_len(), and string_new().

Referenced by ssh_userauth_autopubkey().

ssh_string publickey_to_string ( ssh_public_key  key  ) 

makes a SSH String out of a PUBLIC_KEY object

Parameters:
key the public key
Returns:
a SSH String containing the public key
See also:
string_free()

References buffer_free(), buffer_get(), buffer_get_len(), buffer_new(), string_fill(), string_free(), string_from_char(), and string_new().

Referenced by ssh_userauth_agent_pubkey(), and ssh_userauth_autopubkey().

int ssh_publickey_to_file ( ssh_session  session,
const char *  file,
ssh_string  pubkey,
int  type 
)

Write a public key to a file.

Parameters:
[in] session The ssh session to use.
[in] file The filename to write the key into.
[in] pubkey The public key to write.
[in] type The type of the public key.
Returns:
0 on success, -1 on error.

References ssh_log(), SSH_LOG_PACKET, SSH_LOG_RARE, and string_len().

Referenced by ssh_userauth_autopubkey().

int ssh_try_publickey_from_file ( ssh_session  session,
const char *  keyfile,
ssh_string *  publickey,
int *  type 
)

Try to read the public key from a given file.

Parameters:
[in] session The ssh session to use.
[in] keyfile The name of the private keyfile.
[out] publickey A ssh_string to store the public key.
[out] type A pointer to an integer to store the type.
Returns:
0 on success, -1 on error or the private key doesn't exist, 1 if the public key doesn't exist.

References publickey_from_file(), ssh_get_error(), ssh_log(), SSH_LOG_PACKET, and ssh_options_set().

Referenced by ssh_userauth_autopubkey().

int ssh_userauth_agent_pubkey ( ssh_session  session,
const char *  username,
ssh_public_key  publickey 
)

Try to authenticate through public key with an ssh agent.

Parameters:
session The ssh session to use.
username The username to authenticate. You can specify NULL if ssh_option_set_username() has been used. You cannot try two different logins in a row.
publickey The public key provided by the agent.
Returns:
SSH_AUTH_ERROR: A serious error happened.
SSH_AUTH_DENIED: Authentication failed: use another method.
SSH_AUTH_PARTIAL: You've been partially authenticated, you still have to use another method.
SSH_AUTH_SUCCESS: Authentication successful.
See also:
publickey_from_file()
privatekey_from_file()
privatekey_free()
ssh_userauth_offer_pubkey()

References publickey_to_string(), ssh_options_set(), string_free(), and string_from_char().

Referenced by ssh_userauth_autopubkey().

int ssh_userauth_autopubkey ( ssh_session  session,
const char *  passphrase 
)

Tries to automaticaly authenticate with public key and "none".

It may fail, for instance it doesn't ask for a password and uses a default asker for passphrases (in case the private key is encrypted).

Parameters:
session The ssh session to authenticate with.
passphrase Use this passphrase to unlock the privatekey. Use NULL if you don't want to use a passphrase or the user should be asked.
Returns:
SSH_AUTH_ERROR: A serious error happened
SSH_AUTH_DENIED: Authentication failed: use another method
SSH_AUTH_PARTIAL: You've been partially authenticated, you still have to use another method
SSH_AUTH_SUCCESS: Authentication success
See also:
ssh_userauth_kbdint()
ssh_userauth_password()
ssh_options_set()

References privatekey_free(), privatekey_from_file(), publickey_from_privatekey(), publickey_to_string(), ssh_log(), SSH_LOG_FUNCTIONS, SSH_LOG_PACKET, SSH_LOG_PROTOCOL, SSH_LOG_RARE, ssh_publickey_to_file(), ssh_try_publickey_from_file(), ssh_userauth_agent_pubkey(), ssh_userauth_none(), ssh_userauth_offer_pubkey(), ssh_userauth_pubkey(), and string_free().

int ssh_userauth_kbdint ( ssh_session  session,
const char *  user,
const char *  submethods 
)

Try to authenticate through the "keyboard-interactive" method.

Parameters:
session The ssh session to use.
user The username to authenticate. You can specify NULL if ssh_option_set_username() has been used. You cannot try two different logins in a row.
submethods Undocumented. Set it to NULL.
Returns:
SSH_AUTH_ERROR: A serious error happened
SSH_AUTH_DENIED: Authentication failed : use another method
SSH_AUTH_PARTIAL: You've been partially authenticated, you still have to use another method
SSH_AUTH_SUCCESS: Authentication success
SSH_AUTH_INFO: The server asked some questions. Use ssh_userauth_kbdint_getnprompts() and such.
See also:
ssh_userauth_kbdint_getnprompts()
ssh_userauth_kbdint_getname()
ssh_userauth_kbdint_getinstruction()
ssh_userauth_kbdint_getprompt()
ssh_userauth_kbdint_setanswer()

References ssh_options_set().

const char* ssh_userauth_kbdint_getinstruction ( ssh_session  session  ) 

Get the "instruction" of the message block.

You have called ssh_userauth_kbdint() and got SSH_AUTH_INFO. This function returns the questions from the server.

Parameters:
session The ssh session to use.
Returns:
The instruction of the message block.
const char* ssh_userauth_kbdint_getname ( ssh_session  session  ) 

Get the "name" of the message block.

You have called ssh_userauth_kbdint() and got SSH_AUTH_INFO. This function returns the questions from the server.

Parameters:
session The ssh session to use.
Returns:
The name of the message block. Do not free it.
int ssh_userauth_kbdint_getnprompts ( ssh_session  session  ) 

Get the number of prompts (questions) the server has given.

You have called ssh_userauth_kbdint() and got SSH_AUTH_INFO. This function returns the questions from the server.

Parameters:
session The ssh session to use.
Returns:
The number of prompts.
const char* ssh_userauth_kbdint_getprompt ( ssh_session  session,
unsigned int  i,
char *  echo 
)

Get a prompt from a message block.

You have called ssh_userauth_kbdint() and got SSH_AUTH_INFO. This function returns the questions from the server.

Parameters:
session The ssh session to use.
i The inndex number of the i'th prompt.
echo When different of NULL, it will obtain a boolean meaning that the resulting user input should be echoed or not (like passwords).
Returns:
A pointer to the prompt. Do not free it.
int ssh_userauth_kbdint_setanswer ( ssh_session  session,
unsigned int  i,
const char *  answer 
)

You have called ssh_userauth_kbdint() and got SSH_AUTH_INFO.

this function returns the questions from the server set the answer for a question from a message block.

Parameters:
session ssh session
i index number of the ith prompt
answer answer to give to server
Returns:
0 on success, < 0 on error.
int ssh_userauth_none ( ssh_session  session,
const char *  username 
)

Try to authenticate through the "none" method.

Parameters:
session The ssh session to use.
username The username to authenticate. You can specify NULL if ssh_option_set_username() has been used. You cannot try two different logins in a row.
Returns:
SSH_AUTH_ERROR: A serious error happened.
SSH_AUTH_DENIED: Authentication failed: use another method
SSH_AUTH_PARTIAL: You've been partially authenticated, you still have to use another method
SSH_AUTH_SUCCESS: Authentication success

References ssh_options_set(), string_free(), and string_from_char().

Referenced by ssh_userauth_autopubkey().

int ssh_userauth_offer_pubkey ( ssh_session  session,
const char *  username,
int  type,
ssh_string  publickey 
)

Try to authenticate through public key.

Parameters:
session The ssh session to use.
username The username to authenticate. You can specify NULL if ssh_option_set_username() has been used. You cannot try two different logins in a row.
type The type of the public key. This value is given by publickey_from_file().
publickey A public key returned by publickey_from_file().
Returns:
SSH_AUTH_ERROR: A serious error happened.
SSH_AUTH_DENIED: The server doesn't accept that public key as an authentication token. Try another key or another method.
SSH_AUTH_PARTIAL: You've been partially authenticated, you still have to use another method.
SSH_AUTH_SUCCESS: The public key is accepted, you want now to use ssh_userauth_pubkey().
See also:
publickey_from_file()
privatekey_from_file()
ssh_userauth_pubkey()

References ssh_options_set(), string_free(), and string_from_char().

Referenced by ssh_userauth_autopubkey().

int ssh_userauth_password ( ssh_session  session,
const char *  username,
const char *  password 
)

Try to authenticate by password.

Parameters:
session The ssh session to use.
username The username to authenticate. You can specify NULL if ssh_option_set_username() has been used. You cannot try two different logins in a row.
password The password to use. Take care to clean it after the authentication.
Returns:
SSH_AUTH_ERROR: A serious error happened.
SSH_AUTH_DENIED: Authentication failed: use another method.
SSH_AUTH_PARTIAL: You've been partially authenticated, you still have to use another method.
SSH_AUTH_SUCCESS: Authentication successful.
See also:
ssh_userauth_kbdint()
BURN_STRING

References ssh_options_set(), string_burn(), string_free(), and string_from_char().

int ssh_userauth_pubkey ( ssh_session  session,
const char *  username,
ssh_string  publickey,
ssh_private_key  privatekey 
)

Try to authenticate through public key.

Parameters:
session The ssh session to use.
username The username to authenticate. You can specify NULL if ssh_option_set_username() has been used. You cannot try two different logins in a row.
publickey A public key returned by publickey_from_file().
privatekey A private key returned by privatekey_from_file().
Returns:
SSH_AUTH_ERROR: A serious error happened.
SSH_AUTH_DENIED: Authentication failed: use another method.
SSH_AUTH_PARTIAL: You've been partially authenticated, you still have to use another method.
SSH_AUTH_SUCCESS: Authentication successful.
See also:
publickey_from_file()
privatekey_from_file()
privatekey_free()
ssh_userauth_offer_pubkey()

References ssh_options_set(), string_free(), and string_from_char().

Referenced by ssh_userauth_autopubkey().

Generated on Mon Jul 5 22:12:40 2010 for libssh by  doxygen 1.6.3