英文:
GoLang: ssh client config for given public RSA key
问题
我需要使用给定的公共RSA密钥来初始化与远程主机的ssh连接。我目前的代码如下:
func sftpClient(host, port, user, pass string) (*sftp.Client, error) {
var authMethod ssh.AuthMethod
if strings.Index(pass, "-----BEGIN RSA PRIVATE KEY-----") == 0 {
signer, err := ssh.ParsePrivateKey([]byte(pass))
if err != nil {
return nil, err
}
authMethod = ssh.PublicKeys(signer)
} else if strings.Index(pass, "---- BEGIN SSH2 PUBLIC KEY ----") == 0 {
publicKey, err := ssh.ParsePublicKey([]byte(pass))
if err != nil {
return nil, err
}
authMethod = ???
} else {
authMethod = ssh.Password(pass)
}
config := &ssh.ClientConfig{
User: user,
Auth: []ssh.AuthMethod{authMethod},
HostKeyCallback: ssh.InsecureIgnoreHostKey(),
Config: ssh.Config{
Ciphers: []string{
// some ciphers here
},
},
}
conn, err := ssh.Dial("tcp", host+":"+port, config)
if err != nil {
return nil, err
}
client, err := sftp.NewClient(conn)
if err != nil {
return nil, err
}
return client, nil
}
基于密码的身份验证和基于私钥的身份验证都可以正常工作,因为ssh库提供了这些包装器(ssh.Password
和ssh.PublicKeys
,它们创建了某种AuthMethod
)。我尝试了一些选项,但尝试不多,因为我找不到很多选项:
authMethod = ssh.NewPublicKey(publicKey)
authMethod = publicKey
但是它们都不起作用。
我还尝试使用不同的方法解析公钥,但也失败了。我使用的方法是ssh.ParseAuthorizedKey
,但与ssh.ParsePublicKey
类似,它返回一个似乎无法用作身份验证方法的PublicKey
。
所以我的问题是:如何在Go中使用给定的公共RSA密钥初始化ssh客户端?
英文:
I need to initiate an ssh connection to a remote host given its public RSA key. The code I have so far is the following
func sftpClient(host, port, user, pass string) (*sftp.Client, error) {
var authMethod ssh.AuthMethod
if strings.Index(pass, "-----BEGIN RSA PRIVATE KEY-----") == 0 {
signer, err := ssh.ParsePrivateKey([]byte(pass))
if err != nil {
return nil, err
}
authMethod = ssh.PublicKeys(signer)
} else if strings.Index(pass, "---- BEGIN SSH2 PUBLIC KEY ----") == 0 {
publicKey, err := ssh.ParsePublicKey([]byte(pass))
if err != nil {
return nil, err
}
authMethod = ???
} else {
authMethod = ssh.Password(pass)
}
config := &ssh.ClientConfig{
User: user,
Auth: []ssh.AuthMethod{authMethod},
HostKeyCallback: ssh.InsecureIgnoreHostKey(),
Config: ssh.Config{
Ciphers: []string{
// some ciphers here
},
},
}
conn, err := ssh.Dial("tcp", host+":"+port, config)
if err != nil {
return nil, err
}
client, err := sftp.NewClient(conn)
if err != nil {
return nil, err
}
return client, nil
}
The password based authentication and the private key based authentication work just fine since the ssh library provides these wrappers (ssh.Password
and ssh.PublicKeys
which create some sort of AuthMethod
). I have not tried a lot since I could not find a lot of options:
authMethod = ssh.NewPublicKey(publicKey)
authMethod = publicKey
None of them work.
I also tried to parse the public key using a different method but this also fails. The method I used was ssh.ParseAuthorizedKey
but this - similar to the ss.ParsePublicKey
return a PublicKey
which cannot be used as an authentication method apparently.
So my question is: How can I initiate an ssh client on Go using a given public RSA key?
答案1
得分: 2
如何在Go中使用给定的公共RSA密钥启动ssh客户端?
你不能使用公钥来验证ssh客户端。你需要将公钥提供给服务器,然后客户端使用私钥进行验证。
ssh密钥认证的价值在于私钥永远不会离开系统;不需要在网络上传输任何敏感信息。
英文:
> How can I initiate an ssh client on Go using a given public RSA key?
You can't use a public key to authenticate an ssh client. You give the public key to the server, then the client uses the private key to authenticate.
The value of ssh key authentication is that the private key never leaves the system; nothing sensitive has to be transferred across the wire.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论