class Net::SSH::Authentication::Methods::Hostbased
Implements the host-based SSH authentication method.
def authenticate(next_service, username, password = nil)
Attempts to perform host-based authorization of the user by trying
def authenticate(next_service, username, password = nil) return false unless key_manager key_manager.each_identity do |identity| return true if authenticate_with(identity, next_service, username, key_manager) end return false end
def authenticate_with(identity, next_service, username, key_manager)
Attempts to perform host-based authentication of the user, using
def authenticate_with(identity, next_service, username, key_manager) debug { "trying hostbased (#{identity.fingerprint})" } client_username = ENV['USER'] || username req = build_request(identity, next_service, username, "#{hostname}.", client_username) sig_data = Buffer.from(:string, session_id, :raw, req) sig = key_manager.sign(identity, sig_data.to_s) message = Buffer.from(:raw, req, :string, sig) send_message(message) message = session.next_message case message.type when USERAUTH_SUCCESS info { "hostbased succeeded (#{identity.fingerprint})" } return true when USERAUTH_FAILURE info { "hostbased failed (#{identity.fingerprint})" } raise Net::SSH::Authentication::DisallowedMethod unless message[:authentications].split(/,/).include? 'hostbased' return false else raise Net::SSH::Exception, "unexpected server response to USERAUTH_REQUEST: #{message.type} (#{message.inspect})" end end
def build_request(identity, next_service, username, hostname, client_username)
def build_request(identity, next_service, username, hostname, client_username) userauth_request(username, next_service, "hostbased", identity.ssh_type, Buffer.from(:key, identity).to_s, hostname, client_username).to_s end
def hostname
def hostname session.transport.socket.client_name end