JSch 和 SharpSSH 的主要文件格式是什么?
我正在考虑使用 JSch 库(或者实际上是 sharpSSH 它的 C# 端口)。不幸的是,我找不到有关密钥加载功能使用的文件格式的任何文档:
jsch.addIdentity(filename, passphrase);
jsch.setKnownHosts(filename);
私钥和已知主机文件使用什么文件格式?
I'm looking at setting up public key client and server authentication for SFTP using the JSch library (or actually the sharpSSH C# port of it). Unfortunately I cannot find any documentation for the file formats used by the key loading functions:
jsch.addIdentity(filename, passphrase);
jsch.setKnownHosts(filename);
What file format is used by the private key and known hosts files?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
JSch 使用 OpenSSH 密钥文件 格式(公钥和私钥)。我没有找到这种格式的规范,但您可以使用 OpenSSH 的 ssh-keygen 工具,用于将密钥从/转换为其他格式(Google 将展示其他从/到更多格式转换的工具)。
更新:在 OpenSSH 邮件列表上询问并阅读一些 RFC 后,看起来 OpenSSH 的公钥文件包含(对于版本 2 密钥)RFC 4253(第 6.6 节),只需base64-环绕它(键类型作为前缀,注释字段作为后缀)。我还没有找到私钥文件的规范。
不幸的是,JSch 的官方文档几乎不存在,但我确实写了一些 Javadocs为它。 (虽然它似乎没有提到关键文件格式......我必须解决这个问题。)
JSch Wiki 中还有手册,其中包含关于公钥的页面身份验证(还没有提到密钥格式:-/)。
已知的hosts文件也与OpenSSH客户端对应的文件格式相同。它的格式在 OpenSSH 的 sshd 手册页,SSH 已知主机文件格式部分:
这实际上仅适用于 SSH 1 RSA 密钥。对于 SSH 2 密钥,您有一个类型标识符(
ecdsa-sha2-nistp256、ecdsa-sha2-nistp384、ecdsa-sha2-nistp521、ssh-dss或ssh-rsa),然后是 Base-64 编码形式的密钥。 (有关授权密钥文件,请参阅同一手册页的上方部分)。 (我认为 JSch 仅支持 DSA 和 RSA 密钥格式,不支持 ECDSA。)JSch uses the OpenSSH key file format (both for public and private keys). I didn't find a specification of this format, but you can use OpenSSH's ssh-keygen tool to convert the keys from/to other formats (and Google will show other tools of converting from/to even more formats).
Update: After asking on the OpenSSH mailing list and reading some RFC's, it looks like OpenSSH's public key file contains (for version 2 keys) the public key as specified in RFC 4253 (section 6.6), just with a base64-wrapping around it (and the key type as prefix, and a comment field as postfix). I still didn't yet find a specification for the private key file.
Unfortunately, the official documentation for JSch is almost nonexistent, but I did write some Javadocs for it. (Though it seems not to mention the key file format ... I'll have to fix this.)
There is also the Manual in the JSch Wiki, containing a page about public key authentication (which also doesn't mention the key format yet :-/).
The known hosts file is also in the same format as the corresponding file of the OpenSSH client. It's format is explained in OpenSSH's sshd manual page, section SSH KNOWN HOSTS FILE FORMAT:
This is actually only correct for SSH 1 RSA keys. For SSH 2 keys, you have a type identifier (
ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dssorssh-rsa) and then the key in base-64 encoded form. (See a bit up in the same manual page, for the authorized keys file). (I think JSch only supports the DSA and RSA key formats, no ECDSA.)