Re: ssh-agent support

Mon, 21 Dec 2009 04:23:54 -0800 

Simon Josefsson <[email protected]> writes:

> I should have said that I tried the ssh2_agent example with my OpenPGP
> smartcard, and authentication worked!  So libssh2 now support smartcard
> based SSH.  Cool!

I should also have tried with my OpenPGP card, but good to hear!
Probably you are using gpg-agent as ssh-agent?

> However there seems to be a glitch:
>
> j...@mocca:~/src/libssh2 master$ ./example/ssh2_agent 192.168.1.124 root
>       Authentication with username root and public key cardno:000500000139 
> succeeded!
> Fingerprint: 87 25 0B E3 95 8B 27 0F A3 4D BB 80 BE 49 3A C3 
>
> This hangs.

Ah, ssh2_agent seems to request userauth-list after successful
authentication - that was my mistake on cut&paste from ssh2.c.  I was
satisfied with the "succeeded!" message, sorry.

The attached patch will fix this.


diff --git a/example/ssh2_agent.c b/example/ssh2_agent.c
index a8e8519..6b0c323 100644
--- a/example/ssh2_agent.c
+++ b/example/ssh2_agent.c
@@ -93,6 +93,14 @@ int main(int argc, char *argv[])
         return 1;
     }
 
+    /* check what authentication methods are available */
+    userauthlist = libssh2_userauth_list(session, username, strlen(username));
+    printf("Authentication methods: %s\n", userauthlist);
+    if (strstr(userauthlist, "publickey") == NULL) {
+        fprintf(stderr, "\"publickey\" authentication is not supported\n");
+        goto shutdown;
+    }
+
     /* Connect to the ssh-agent */
     agent = libssh2_agent_init(session);
     if (!agent) {
@@ -149,14 +157,6 @@ int main(int argc, char *argv[])
     }
     printf("\n");
 
-    /* check what authentication methods are available */
-    userauthlist = libssh2_userauth_list(session, username, strlen(username));
-    printf("Authentication methods: %s\n", userauthlist);
-    if (strstr(userauthlist, "publickey") == NULL) {
-        fprintf(stderr, "\"publickey\" authentication is not supported\n");
-        goto shutdown;
-    }
-
     /* Request a shell */
     if (!(channel = libssh2_channel_open_session(session))) {
         fprintf(stderr, "Unable to open a session\n");

Regards,
-- 
Daiki Ueno

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

Reply via email to