We're trying to sftp to a server that requires mutual authentication. We need to do this programmatically in java.
Is there a way to use mutual authentication (client certificates) with apache vfs when connecting to an SSH server?
A:
I'm not sure what you mean by mutual authentication. All SSH sessions involve authenticating both the identity of the server to the client and vice versa. I do know that Commons-VFS uses JSCH for its underlying SSH layer and you can use both password and publickey authentication with JSCH (and therefore with Commons-VFS). In addition, JSCH supports GSS-API for authentication, presumably to support additional auth mechanisms that aren't directly supported, but I don't see any way of using this through VFS, nor do I see any direct support in JSCH or Commons VFS for certificate based authentication. This class has all the SFTP specific options you can set on a file system provider in Commons VFS, and this page has all of the JSCH information, which will give you more flexibility in setting SFTP options but less homogeneity in your code if you're using other types of VFS filesystems as well.
If none of that satisfies, you can wait for Java 7 which will have pluggable file system providers and I'm sure someone will write a nice SFTP provider in short order after that comes out.
Jherico
2010-02-10 08:40:45