SSH_SESSION *connect_host(const char *hostname){ SSH_SESSION *session; SSH_OPTIONS *options; int auth=0; int state; options=ssh_options_new(); ssh_options_set_host(options,hostname); session=ssh_new(); ssh_set_options(session,options); if(ssh_connect(session)){ fprintf(stderr,"Connection failed : %s\n",ssh_get_error(session)); ssh_disconnect(session); return NULL; } state = ssh_session_is_known_server(session); switch(state){ case SSH_SERVER_KNOWN_OK: break; /* ok */ case SSH_SERVER_KNOWN_CHANGED: fprintf(stderr,"Host key for server changed : server's one is now :\n"); fprintf(stderr,"For security reason, connection will be stopped\n"); ssh_disconnect(session); ssh_finalize(); return NULL; case SSH_SERVER_FOUND_OTHER: fprintf(stderr,"The host key for this server was not found but an other type of key exists.\n"); fprintf(stderr,"An attacker might change the default server key to confuse your client" "into thinking the key does not exist\n" "We advise you to rerun the client with -d or -r for more safety.\n"); ssh_disconnect(session); ssh_finalize(); return NULL; case SSH_SERVER_NOT_KNOWN: fprintf(stderr,"The server is unknown. Leaving now"); ssh_disconnect(session); return NULL; case SSH_SERVER_ERROR: fprintf(stderr,"%s",ssh_get_error(session)); ssh_disconnect(session); return NULL; } ssh_userauth_none(session, NULL); auth=ssh_userauth_autopubkey(session, NULL); if(auth==SSH_AUTH_ERROR){ fprintf(stderr,"Authenticating with pubkey: %s\n",ssh_get_error(session)); ssh_disconnect(session); return NULL; } if(auth!=SSH_AUTH_SUCCESS){ fprintf(stderr,"Authentication failed: %s\n",ssh_get_error(session)); ssh_disconnect(session); return NULL; } ssh_log(session, SSH_LOG_FUNCTIONS, "Authentication success"); return session; }
int main(int argc, char **argv){ SSH_SESSION *session; SSH_OPTIONS *options; int auth=0; char *password; char *banner; int state; char buf[10]; unsigned char hash[MD5_DIGEST_LEN]; options=ssh_options_new(); if(ssh_options_getopt(options,&argc, argv)) usage(); opts(argc,argv); signal(SIGTERM,do_exit); if(user) ssh_options_set_username(options,user); ssh_options_set_host(options,host); session=ssh_new(); ssh_set_options(session,options); if(ssh_connect(session)){ fprintf(stderr,"Connection failed : %s\n",ssh_get_error(session)); ssh_disconnect(session); ssh_finalize(); return 1; } state=ssh_is_server_known(session); switch(state){ case SSH_SERVER_KNOWN_OK: break; /* ok */ case SSH_SERVER_KNOWN_CHANGED: fprintf(stderr,"Host key for server changed : server's one is now :\n"); ssh_get_pubkey_hash(session,hash); ssh_print_hexa("Public key hash",hash,MD5_DIGEST_LEN); fprintf(stderr,"For security reason, connection will be stopped\n"); ssh_disconnect(session); ssh_finalize(); exit(-1); case SSH_SERVER_FOUND_OTHER: fprintf(stderr,"The host key for this server was not found but an other type of key exists.\n"); fprintf(stderr,"An attacker might change the default server key to confuse your client" "into thinking the key does not exist\n" "We advise you to rerun the client with -d or -r for more safety.\n"); ssh_disconnect(session); ssh_finalize(); exit(-1); case SSH_SERVER_NOT_KNOWN: fprintf(stderr,"The server is unknown. Do you trust the host key ?\n"); ssh_get_pubkey_hash(session,hash); ssh_print_hexa("Public key hash",hash,MD5_DIGEST_LEN); fgets(buf,sizeof(buf),stdin); if(strncasecmp(buf,"yes",3)!=0){ ssh_disconnect(session); exit(-1); } fprintf(stderr,"This new key will be written on disk for further usage. do you agree ?\n"); fgets(buf,sizeof(buf),stdin); if(strncasecmp(buf,"yes",3)==0){ if(ssh_write_knownhost(session)) fprintf(stderr,"error %s\n",ssh_get_error(session)); } break; case SSH_SERVER_ERROR: fprintf(stderr,"%s",ssh_get_error(session)); ssh_disconnect(session); ssh_finalize(); exit(-1); } /* no ? you should :) */ auth=ssh_userauth_autopubkey(session); if(auth==SSH_AUTH_ERROR){ fprintf(stderr,"Authenticating with pubkey: %s\n",ssh_get_error(session)); ssh_finalize(); return -1; } banner=ssh_get_issue_banner(session); if(banner){ printf("%s\n",banner); free(banner); } if(auth!=SSH_AUTH_SUCCESS){ auth=auth_kbdint(session); if(auth==SSH_AUTH_ERROR){ fprintf(stderr,"authenticating with keyb-interactive: %s\n", ssh_get_error(session)); ssh_finalize(); return -1; } } if(auth!=SSH_AUTH_SUCCESS){ password=getpass("Password : "******"Authentication failed: %s\n",ssh_get_error(session)); ssh_disconnect(session); ssh_finalize(); return -1; } memset(password,0,strlen(password)); } ssh_say(1,"Authentication success\n"); printf("%s\n",argv[0]); if(strstr(argv[0],"sftp")){ sftp=1; ssh_say(1,"doing sftp instead\n"); } if(!sftp){ if(!cmds[0]) shell(session); else batch_shell(session); } else do_sftp(session); if(!sftp && !cmds[0]) do_cleanup(); ssh_disconnect(session); ssh_finalize(); return 0; }
int main(int argc, char **argv){ SSH_OPTIONS *options=ssh_options_new(); SSH_SESSION *session; SSH_BIND *ssh_bind; CHANNEL *chan=NULL; SFTP_SESSION *sftp=NULL; int ret; int donotfork=0; char *config="mercurius.conf"; ssh_options_getopt(options,&argc,argv); while((ret=getopt(argc, argv, "Df:"))!=-1){ switch(ret){ case 'D': donotfork=1; break; case 'f': config=strdup(optarg); break; case '?': usage(argv[0]); exit(1); } } if(optind<argc) { usage(argv[0]); exit(1); } ret=parse_config(config); if(ret != 0){ printf("Error parsing configuration file\n"); return 1; } if(!rsa && !dsa){ printf("There must be at least one RSA or DSA host key\n"); return 1; } if(dsa) ssh_options_set_dsa_server_key(options,dsa); if(rsa) ssh_options_set_rsa_server_key(options,rsa); //printf("port : %d\n",port); if(port!=0) ssh_options_set_port(options,port); ssh_bind=ssh_bind_new(); ssh_bind_set_options(ssh_bind,options); if(ssh_bind_listen(ssh_bind)<0){ printf("Error listening to socket: %s\n",ssh_get_error(ssh_bind)); return 1; } signal(SIGCHLD,SIG_IGN); if(!donotfork){ ssh_say(1,"Going into background...\n"); if(fork()){ exit(0); } } while(1){ session=ssh_bind_accept(ssh_bind); if(!session){ printf("error accepting a connection : %s\n",ssh_get_error(ssh_bind)); return 1; } if(fork()==0){ break; } ssh_silent_disconnect(session); } ssh_bind_free(ssh_bind); //printf("Socket connected : %d\n",ssh_get_fd(session)); if(ssh_accept(session)){ printf("ssh_accept : %s\n",ssh_get_error(session)); return 1; } if(do_auth(session)<0){ printf("error : %s\n",ssh_get_error(session)); return 1; } ssh_say(1,"user authenticated\n"); chan=recv_channel(session); if(!chan){ printf("error : %s\n",ssh_get_error(session)); return 1; } sftp=sftp_server_new(session,chan); if(sftp_server_init(sftp)){ printf("error : %s\n",ssh_get_error(session)); return 1; } ssh_say(1,"Sftp session open by client\n"); sftploop(session,sftp); ssh_say(1,"Client disconnected\n"); ssh_disconnect(session); return 0; }