Golang 的 ssh 包 与 Open

GoSSHD

golang.org/x/crypto/sshServerConfigPublicKeyCallback

PublicKeyauthorized_keys

PublicKeyCallback

公钥身份认证

Open-SSHpublickeyOpen-SSHpasswordServerConfig

nonepasswordpublickey

nonepassword

自始至终 Open-SSH 都不会动用密钥身份验证方式来连接用 golang ssh 包编写的服务器。

none

过程如下：

golang ssh 身份验证逻辑

golang.org/x/crypto/sshserver.gofor

MaxAuthTries

switch

PublickeyCallbacknone

userAuthFailureMsg

  byte         SSH_MSG_USERAUTH_FAILURE
  name-list    authentications that can continue
  boolean      partial success

在 golang 中定义如下：

type userAuthFailureMsg struct {
   Methods        []string `sshtype:"51"`
   PartialSuccess bool
}

Open-SSH 的连接逻辑

none

AuthLogCallback

ServerConfig.NoClientAuthfalse

server.gofailureMsgnil

config.PublickeyCallbacknilfailureMsg

但 Open-SSH 客户端收到后就不再尝试了，会中断连接：

io.EOF

publickeygolang.org/x/crypto/ssh

对于 password 认证

Open-SSH 会

PasswordCallbacknonepasswordpublickey

publickeypassword

Open-SSHpassword

123456passwordpayload6126ascii

---

PublickKeyCallback

fmt.Println

none

publickeypayload