Subject: Re: Authentication on user request

Re: Authentication on user request

From: Ted Lemon <mellon_at_fugue.com>
Date: Thu, 19 Aug 2010 10:49:34 -0400

On Aug 19, 2010, at 7:22 AM, Paresh Thakor wrote:
> Without authentication, user needs to be able to open terminal and on terminal he'll input password, which will be used for authentication. This way, user keeps password security.

I will tell you what I think the answer to this is, but I'm a n00b, so maybe someone will correct me.

The answer is that if the remote end offers password authentication as an option, then you provide the user with a prompt where they type in their username and password. You then provide that information to the remote end using the libssh2_userauth_password() API function. You should provide a callback to prompt the user for a password change in case the host requests this.

If the remote end requests keyboard-interactive authentication, then you would get the username and call the libssh2_userauth_keyboard_interactive() function with a callback that will be called to prompt the user for their password. This may actually be the more likely scenario--I don't know because I haven't tried it.

So the point is that the user is never typing at a prompt offered by the remote host--it's always interacting with your program.

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-08-19