I'm working on something in Karaf, and I wrote this test. The
serverKeyVerifier is never called. What am I missing?
My goal here is to inspect the key to make sure that the server is
using a particular key; is there any way to get the fingerprint the
way that openssh does?
As a final question, this test fails when I load up a PEM key on the
server side, complaining of an auth failure; I'm not sure what to make
of how changing the key causes that.
@Test
public void usePemKey() throws Exception {
SshClient client = SshClient.setUpDefaultClient();
client.setServerKeyVerifier(new ServerKeyVerifier() {
@Override
public boolean verifyServerKey(ClientSession
sshClientSession, SocketAddress remoteAddress, PublicKey serverKey) {
System.err.println(serverKey.getAlgorithm());
System.err.println(serverKey.getFormat());
StringBuilder dump = new StringBuilder();
for (byte b : serverKey.getEncoded()) {
dump.append(String.format("%02x", b));
}
System.err.println(dump.toString());
return true;
}
});
client.start();
ConnectFuture future = client.connect("karaf", "localhost",
8101).await();
ClientSession session = future.getSession();
int ret = ClientSession.WAIT_AUTH;
while ((ret & ClientSession.WAIT_AUTH) != 0) {
session.addPasswordIdentity("karaf");
session.auth().verify();
ret = session.waitFor(ClientSession.WAIT_AUTH |
ClientSession.CLOSED | ClientSession.AUTHED, 0);
}
if ((ret & ClientSession.CLOSED) != 0) {
throw new Exception("Could not open SSH channel");
}
session.close(true);
}
