mirror of
https://git.libssh.org/projects/libssh.git
synced 2025-08-05 20:55:46 +03:00
Improve example authentication.
This commit is contained in:
Andreas Schneider
@@ -65,50 +65,61 @@ int authenticate_kbdint(ssh_session session){
|
|||||||
}
|
}
|
||||||
|
|
||||||
int authenticate_console(ssh_session session){
|
int authenticate_console(ssh_session session){
|
||||||
int auth;
|
int rc;
|
||||||
int methods;
|
int method;
|
||||||
char *password;
|
char *password;
|
||||||
char *banner;
|
char *banner;
|
||||||
|
|
||||||
ssh_userauth_none(session, NULL);
|
// Try to authenticate
|
||||||
methods = ssh_auth_list(session);
|
rc = ssh_userauth_none(session, NULL);
|
||||||
printf("supported auth methods: ");
|
if (rc == SSH_AUTH_ERROR) {
|
||||||
if (methods & SSH_AUTH_METHOD_PUBLICKEY) {
|
perror("Authentication failed.");
|
||||||
printf("publickey");
|
return rc;
|
||||||
}
|
}
|
||||||
if (methods & SSH_AUTH_METHOD_INTERACTIVE) {
|
|
||||||
printf(", keyboard-interactive");
|
|
||||||
}
|
|
||||||
if (methods & SSH_AUTH_METHOD_PASSWORD) {
|
|
||||||
printf(", password");
|
|
||||||
}
|
|
||||||
printf("\n");
|
|
||||||
|
|
||||||
auth=ssh_userauth_autopubkey(session, NULL);
|
method = ssh_auth_list(session);
|
||||||
if(auth==SSH_AUTH_ERROR){
|
while (rc != SSH_AUTH_SUCCESS) {
|
||||||
return auth;
|
|
||||||
|
// Try to authenticate with public key first
|
||||||
|
if (method & SSH_AUTH_METHOD_PUBLICKEY) {
|
||||||
|
rc = ssh_userauth_autopubkey(session, NULL);
|
||||||
|
if (rc == SSH_AUTH_ERROR) {
|
||||||
|
perror("Authentication failed.");
|
||||||
|
return rc;
|
||||||
|
} else if (rc == SSH_AUTH_SUCCESS) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Try to authenticate with keyboard interactive";
|
||||||
|
if (method & SSH_AUTH_METHOD_INTERACTIVE) {
|
||||||
|
rc = authenticate_kbdint(session);
|
||||||
|
if (rc == SSH_AUTH_ERROR) {
|
||||||
|
perror("Authentication failed.");
|
||||||
|
return rc;
|
||||||
|
} else if (rc == SSH_AUTH_SUCCESS) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
password=getpass("Password: ");
|
||||||
|
// Try to authenticate with password
|
||||||
|
if (method & SSH_AUTH_METHOD_PASSWORD) {
|
||||||
|
rc = ssh_userauth_password(session, NULL, password);
|
||||||
|
if (rc == SSH_AUTH_ERROR) {
|
||||||
|
perror("Authentication failed.");
|
||||||
|
return rc;
|
||||||
|
} else if (rc == SSH_AUTH_SUCCESS) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
banner=ssh_get_issue_banner(session);
|
|
||||||
if(banner){
|
banner = ssh_get_issue_banner(session);
|
||||||
|
if (banner) {
|
||||||
printf("%s\n",banner);
|
printf("%s\n",banner);
|
||||||
free(banner);
|
free(banner);
|
||||||
}
|
}
|
||||||
if(auth!=SSH_AUTH_SUCCESS && (methods & SSH_AUTH_METHOD_INTERACTIVE)){
|
|
||||||
auth=authenticate_kbdint(session);
|
return rc;
|
||||||
if(auth==SSH_AUTH_ERROR){
|
|
||||||
return auth;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if(auth!=SSH_AUTH_SUCCESS && (methods & SSH_AUTH_METHOD_PASSWORD)){
|
|
||||||
password=getpass("Password: ");
|
|
||||||
if(ssh_userauth_password(session,NULL,password) != SSH_AUTH_SUCCESS){
|
|
||||||
return auth;
|
|
||||||
}
|
|
||||||
memset(password,0,strlen(password));
|
|
||||||
}
|
|
||||||
if(auth==SSH_AUTH_SUCCESS)
|
|
||||||
ssh_log(session, SSH_LOG_FUNCTIONS, "Authentication success");
|
|
||||||
if(auth==SSH_AUTH_PARTIAL)
|
|
||||||
return SSH_AUTH_DENIED;
|
|
||||||
return auth;
|
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user