tags:

views:

94

answers:

3
Q: 

how to ssh onto a host without password using java

Hi All

Im currently using a java application to run commands on a unix box by invoking an instance of the bash as follows --

proc = Runtime.getRuntime().exec("/bin/bash", null, wd);

and Im executing commands on the box by Printwriter as follows --

PrintWriter out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(proc.getOutputStream())), true);

Now, as a requirement I need to ssh onto another host, invoke an instance of that host's bash and run some commands. If this can be done without having to enter the password, it would be great. If not, how do I make the application to enter the 'password' at the right time? Reading the output of the shh command and based on that, writing out the password does not seem appealing.

Any pointers on the above would be of great help.

Regards p1nG

+4  A: 

Use a ssh-library written in Java instead of runtime-exec'ing a ssh program.

Thorbjørn Ravn Andersen  2010-07-29 16:27:48
I used JSch. Though, minimally documented, it worked for me.Thanks.
ping  2010-08-04 07:12:09
+1  A: 

You can use SSH-2 for java, which seems to be actively maintained.

Alternatively, set up a pubic/private key for password-less authentication, and store the private key in the ~/.ssh folder of the user running the java program.

mdma  2010-07-29 16:38:13
A: 

I can't imagine how you're going to avoid supplying a password. If you could log in to a system without supplying a password just by somehow telling it that supplying a password would be inconvenient for you, this would rather destroy the value of any security. Security Guard: "Do you have an ID that allows you access to this building?" Visitor: "Yes officer, but it's too much trouble to get it out of my wallet." Guard: "Oh, okay then, go rght ahead in."

Rather than exec'ing, you probably want to establish a socket connection and pass messages back and forth cleanly. Or as others have noted, use a library that does the grunt work for you.

Jay  2010-07-29 16:58:22
The OP wanted to just let the application provide the password instead of interactive password input. In addition SSH does provide password-less authentication as mdma points out.
Vinodh Ramasubramanian  2010-07-29 17:43:16
@Vinodh: Well, I don't want to get into an argument about what the OP meant. He did say, "If not, how do I make the application enter the password at the right time", which sounds to me like he means the application will supply the password, not a user interaction. If that isn't what he meant, okay. RE password-less authentication, again, maybe we're debating definitions here. The cited article talks about how to provide credentials without prompting the user. Credentials must still be provided. I wouldn't call that "password-less authentication".
Jay  2010-07-29 20:37:35
@jay, ssh supports public-private key authentification, no password needed.
Thorbjørn Ravn Andersen  2010-07-30 07:07:12
Well, I don't want to debate in circles. A public-private key is still credentials, it's the same idea as a password. I understood the point of the discusson to be, "Can I connect without having to supply authentication credentials?" To which the answer is no. If the queston is the exact kind of authentication credentials, then of course there are multiple ways that systems can be configured to authenticate.
Jay  2010-07-30 13:48:27

related questions

Obscuring network proxy password in plain text files on Linux/UNIX-likes
Why doesn't **find** find anything?
Getting stack traces on Unix systems, automatically
Differences between unix and windows files
How do you do a case insensitive search using a pattern modifier using less ?
Using Visual Studio to develop for C++ for Unix
How do I generate ASCII codes 2 and 3 in a Bash command line?
What's in your .procmailrc
Allow user to set up an SSH tunnel, but nothing else
What is PHP Safe Mode GID?
How to avoid redefining VERSION, PACKAGE, etc.
How can I encode xml files to xfdl (base64-gzip)?
Faster way to find duplicates conditioned by time
Date arithmetic in Unix shell scripts
Using Xming X Window Server over a VPN
Windows Equivalent of 'nice'
How do I configure and communicate with a serial port?
Choosing a static code analysis tool
What should a longtime Windows user know when starting to use Linux?
How do I use (n)curses in Ruby?
Process size on UNIX
Getting root permissions on a file inside of vi?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
Fastest way to get value of pi