linux libssh2 实例
颛孙钱青
以下是包含必备头文件
#include "libssh2_config.h"
#include<libssh2.h>
#include<libssh2_sftp.h>以下为定义的静态子串常量
const char *keyfile1 = "~/.ssh/id_rsa.pub";
const char *keyfile2 = "~/.ssh/id_rsa";
const char *username = "username";
const char *password = "password";
unsigned long hostaddr;
int rc, sock, i, auth_pw = 0;
struct sockaddr_in_sin;
const char *fingerprint;
char * userauthlist;
LIBSSH2_SESSION *session;
LIBSSH2_CHANNEL *channel;连接到SSH2步骤:
(1)建立socket并连接到远程主机SSH2服务(22端口);
(2)创建一个LIBSSH2_SESSION 实例并启动它。启动动作包括设置欢迎横幅、交换密钥并且设置加密、压缩和MAC层。
session = libssh2_session_init(); //创建一个会话实例
if(libssh2_session_handshake(session, sock))
{
fprintf(stderr, "Failure establishing SSH session");
return -1;
}(3)认证:检查主机密钥指纹并检查可用的认证方式。
fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
userauthlist = libssh2_userauth_list(session, username, strlen(username));
if(strstr(userauthlist, "password") != NULL)
{
auth_pw |= 1;
}
if(strstr(userauthlist, "keyboad-interactive") != NULL)
{
auth_pw |= 2;
}
if(strstr(userauthlist, "publickey") != NULL)
{
auth_pw |= 4;
}(4)如果在参数列表中设置了认证方式,则将认证方式设为命令中的方式(前提是该方式是通过上个步骤检测可用的)。
if(argc > 4)
{
if((auth_pw & 1) && !strcasecmp(argv[4], "-p"))
{
auth_pw = 1;
}
if((auth_pw & 2) && !strcasecmp(argv[4], "-i"))
{
auth_pw = 2;
}
if((auth_pw && 4) && !strcasecmp(argv[4], "-k"))
{
auth_pw = 4;
}
}(5)根据上一步选定的认证方式开始认证。
if (auth_pw & 1) {
/* We could authenticate via password */
if (libssh2_userauth_password(session, username, password)) {
fprintf(stderr, "\tAuthentication by password failed!\n");
goto shutdown;
} else {
fprintf(stderr, "\tAuthentication by password succeeded.\n");
}
} else if (auth_pw & 2) {
/* Or via keyboard-interactive */
if (libssh2_userauth_keyboard_interactive(session, username,
&kbd_callback) ) {
fprintf(stderr,
"\tAuthentication by keyboard-interactive failed!\n");
goto shutdown;
} else {
fprintf(stderr,
"\tAuthentication by keyboard-interactive succeeded.\n");
}
} else if (auth_pw & 4) {
/* Or by public key */
if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
keyfile2, password)) {
fprintf(stderr, "\tAuthentication by public key failed!\n");
goto shutdown;
} else {
fprintf(stderr, "\tAuthentication by public key succeeded.\n");
}
} else {
fprintf(stderr, "No supported authentication methods found!\n");
goto shutdown;
}(6)请求一个shell
if(!(channel = libssh2_channel_open_session(session)))(7)设置一些环境变量,并上传给服务器
libssh2_channel_setenv(channel, "F00", "bar");(8)请求一个vanilla的终端模拟。
libssh2_channel_request_pty(channel, "vanilla")(9)在上一步请求的pty上开启SHELL。
libssh2_channel_shell(channel)(10)至此,可以交互使用shell了
libssh2_channel_read();
libssh2_channel_read_stderr();
libssh2_channel_write();
libssh2_channel_write_stderr();
/* 打开或关闭阻塞模式 */
libssh2_channel_set_blocking();
/* 如果服务器发送EOF */
libssh2_channel_eof()返回非0;
/* 关闭channel */
libssh2_channel_close();
/* 释放一个channel */
libssh2_channel_free();(11)ssh交互完成后,关闭会话并释放会话
libssh2_session_disconnect(session, "Normal Shutdown");
libssh2_session_free(session);(12)关闭sock并退出libssh2
close(sock);
libssh2_exit();官网实例以作参考:
https://github.com/libssh2/libssh2/blob/master/example/ssh2.c
/*
* Sample showing how to do SSH2 connect.
*
* The sample code has default values for host name, user name, password
* and path to copy, but you can specify them on the command line like:
*
* "ssh2 host user password [-p|-i|-k]"
*/
#include "libssh2_config.h"
#include <libssh2.h>
#include <libssh2_sftp.h>
#ifdef HAVE_WINDOWS_H
# include <windows.h>
#endif
#ifdef HAVE_WINSOCK2_H
# include <winsock2.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
# ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
# ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#include <sys/types.h>
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <ctype.h>
const char *keyfile1 = "~/.ssh/id_rsa.pub";
const char *keyfile2 = "~/.ssh/id_rsa";
const char *username = "username";
const char *password = "password";
static void kbd_callback(const char *name, int name_len,
const char *instruction, int instruction_len,
int num_prompts,
const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
void **abstract)
{
(void)name;
(void)name_len;
(void)instruction;
(void)instruction_len;
if(num_prompts == 1) {
responses[0].text = strdup(password);
responses[0].length = strlen(password);
}
(void)prompts;
(void)abstract;
} /* kbd_callback */
int main(int argc, char *argv[])
{
unsigned long hostaddr;
int rc, sock, i, auth_pw = 0;
struct sockaddr_in sin;
const char *fingerprint;
char *userauthlist;
LIBSSH2_SESSION *session;
LIBSSH2_CHANNEL *channel;
#ifdef WIN32
WSADATA wsadata;
int err;
err = WSAStartup(MAKEWORD(2, 0), &wsadata);
if(err != 0) {
fprintf(stderr, "WSAStartup failed with error: %d\n", err);
return 1;
}
#endif
if(argc > 1) {
hostaddr = inet_addr(argv[1]);
}
else {
hostaddr = htonl(0x7F000001);
}
if(argc > 2) {
username = argv[2];
}
if(argc > 3) {
password = argv[3];
}
rc = libssh2_init(0);
if(rc != 0) {
fprintf(stderr, "libssh2 initialization failed (%d)\n", rc);
return 1;
}
/* Ultra basic "connect to port 22 on localhost". Your code is
* responsible for creating the socket establishing the connection
*/
sock = socket(AF_INET, SOCK_STREAM, 0);
sin.sin_family = AF_INET;
sin.sin_port = htons(22);
sin.sin_addr.s_addr = hostaddr;
if(connect(sock, (struct sockaddr*)(&sin),
sizeof(struct sockaddr_in)) != 0) {
fprintf(stderr, "failed to connect!\n");
return -1;
}
/* Create a session instance and start it up. This will trade welcome
* banners, exchange keys, and setup crypto, compression, and MAC layers
*/
session = libssh2_session_init();
if(libssh2_session_handshake(session, sock)) {
fprintf(stderr, "Failure establishing SSH session\n");
return -1;
}
/* At this point we havn't authenticated. The first thing to do is check
* the hostkey's fingerprint against our known hosts Your app may have it
* hard coded, may go to a file, may present it to the user, that's your
* call
*/
fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
fprintf(stderr, "Fingerprint: ");
for(i = 0; i < 20; i++) {
fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
}
fprintf(stderr, "\n");
/* check what authentication methods are available */
userauthlist = libssh2_userauth_list(session, username, strlen(username));
fprintf(stderr, "Authentication methods: %s\n", userauthlist);
if(strstr(userauthlist, "password") != NULL) {
auth_pw |= 1;
}
if(strstr(userauthlist, "keyboard-interactive") != NULL) {
auth_pw |= 2;
}
if(strstr(userauthlist, "publickey") != NULL) {
auth_pw |= 4;
}
/* if we got an 4. argument we set this option if supported */
if(argc > 4) {
if((auth_pw & 1) && !strcasecmp(argv[4], "-p")) {
auth_pw = 1;
}
if((auth_pw & 2) && !strcasecmp(argv[4], "-i")) {
auth_pw = 2;
}
if((auth_pw & 4) && !strcasecmp(argv[4], "-k")) {
auth_pw = 4;
}
}
if(auth_pw & 1) {
/* We could authenticate via password */
if(libssh2_userauth_password(session, username, password)) {
fprintf(stderr, "\tAuthentication by password failed!\n");
goto shutdown;
}
else {
fprintf(stderr, "\tAuthentication by password succeeded.\n");
}
}
else if(auth_pw & 2) {
/* Or via keyboard-interactive */
if(libssh2_userauth_keyboard_interactive(session, username,
&kbd_callback) ) {
fprintf(stderr,
"\tAuthentication by keyboard-interactive failed!\n");
goto shutdown;
}
else {
fprintf(stderr,
"\tAuthentication by keyboard-interactive succeeded.\n");
}
}
else if(auth_pw & 4) {
/* Or by public key */
if(libssh2_userauth_publickey_fromfile(session, username, keyfile1,
keyfile2, password)) {
fprintf(stderr, "\tAuthentication by public key failed!\n");
goto shutdown;
}
else {
fprintf(stderr, "\tAuthentication by public key succeeded.\n");
}
}
else {
fprintf(stderr, "No supported authentication methods found!\n");
goto shutdown;
}
/* Request a shell */
channel = libssh2_channel_open_session(session);
if(!channel) {
fprintf(stderr, "Unable to open a session\n");
goto shutdown;
}
/* Some environment variables may be set,
* It's up to the server which ones it'll allow though
*/
libssh2_channel_setenv(channel, "FOO", "bar");
/* Request a terminal with 'vanilla' terminal emulation
* See /etc/termcap for more options
*/
if(libssh2_channel_request_pty(channel, "vanilla")) {
fprintf(stderr, "Failed requesting pty\n");
goto skip_shell;
}
/* Open a SHELL on that pty */
if(libssh2_channel_shell(channel)) {
fprintf(stderr, "Unable to request shell on allocated pty\n");
goto shutdown;
}
/* At this point the shell can be interacted with using
* libssh2_channel_read()
* libssh2_channel_read_stderr()
* libssh2_channel_write()
* libssh2_channel_write_stderr()
*
* Blocking mode may be (en|dis)abled with: libssh2_channel_set_blocking()
* If the server send EOF, libssh2_channel_eof() will return non-0
* To send EOF to the server use: libssh2_channel_send_eof()
* A channel can be closed with: libssh2_channel_close()
* A channel can be freed with: libssh2_channel_free()
*/
skip_shell:
if(channel) {
libssh2_channel_free(channel);
channel = NULL;
}
/* Other channel types are supported via:
* libssh2_scp_send()
* libssh2_scp_recv2()
* libssh2_channel_direct_tcpip()
*/
shutdown:
libssh2_session_disconnect(session,
"Normal Shutdown, Thank you for playing");
libssh2_session_free(session);
#ifdef WIN32
closesocket(sock);
#else
close(sock);
#endif
fprintf(stderr, "all done!\n");
libssh2_exit();
return 0;
}
类似资料: