libnetconf2  3.5.4
NETCONF server and client library in C.
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Groups Pages
Server SSH

Server-side settings for SSH connections. More...

Collaboration diagram for Server SSH:

Typedefs

typedef int(* nc_server_ssh_interactive_auth_clb )(const struct nc_session *session, ssh_session ssh_sess, ssh_message msg, void *user_data)
 Keyboard interactive authentication callback. More...
 

Functions

int nc_server_ssh_kbdint_get_nanswers (const struct nc_session *session, ssh_session libssh_session)
 Get the number of answers to Keyboard interactive authentication prompts. More...
 
int nc_server_ssh_set_authkey_path_format (const char *path)
 Set the format of the path to authorized_keys files. More...
 
void nc_server_ssh_set_interactive_auth_clb (nc_server_ssh_interactive_auth_clb auth_clb, void *user_data, void(*free_user_data)(void *user_data))
 Set the callback for SSH interactive authentication. More...
 
int nc_server_ssh_set_pam_conf_filename (const char *filename)
 Set the name of the PAM configuration file. More...
 

Detailed Description

Server-side settings for SSH connections.

Typedef Documentation

typedef int(* nc_server_ssh_interactive_auth_clb)(const struct nc_session *session, ssh_session ssh_sess, ssh_message msg, void *user_data)

Keyboard interactive authentication callback.

The callback has to handle sending interactive challenges and receiving responses by itself. An example callback may fit the following description: Prepare all prompts for the user and send them via ssh_message_auth_interactive_request(). Get the answers either by calling ssh_message_get() or nc_server_ssh_kbdint_get_nanswers(). Return value based on your authentication logic and user answers retrieved by calling ssh_userauth_kbdint_getanswer().

Parameters
[in]sessionNETCONF session.
[in]ssh_sesslibssh session.
[in]msgSSH message that contains the interactive request and which expects a reply with prompts.
[in]user_dataArbitrary user data.
Returns
0 for successful authentication, non-zero to deny the user.

Definition at line 514 of file session_server.h.

Function Documentation

int nc_server_ssh_set_authkey_path_format ( const char *  path)

Set the format of the path to authorized_keys files.

This path format will be set globally for all clients wishing to authenticate via the SSH Public Key system authentication.

Parameters
[in]pathPath to authorized_keys files. The path may contain the following tokens:
  • u - replaced by the username of the user trying to authenticate,
  • h - replaced by the home directory of the user trying to authenticate,
  • U - replaced by the UID of the user trying to authenticate,
  • %% - a literal ''.
Returns
0 on success, 1 on error.
void nc_server_ssh_set_interactive_auth_clb ( nc_server_ssh_interactive_auth_clb  auth_clb,
void *  user_data,
void(*)(void *user_data)  free_user_data 
)

Set the callback for SSH interactive authentication.

Parameters
[in]auth_clbKeyboard interactive authentication callback. This callback is only called once per authentication.
[in]user_dataOptional arbitrary user data that will be passed to interactive_auth_clb.
[in]free_user_dataOptional callback that will be called during cleanup to free any user_data.
int nc_server_ssh_kbdint_get_nanswers ( const struct nc_session *  session,
ssh_session  libssh_session 
)

Get the number of answers to Keyboard interactive authentication prompts.

The actual answers can later be retrieved by calling ssh_userauth_kbdint_getanswer() on the libssh_session.

Parameters
[in]sessionNETCONF session.
[in]libssh_sessionlibssh session.
Returns
Non-negative number of answers on success, -1 on configurable authentication timeout, disconnect or other error.
int nc_server_ssh_set_pam_conf_filename ( const char *  filename)

Set the name of the PAM configuration file.

This filename will be set globally for all clients wishing to authenticate via the SSH Keyboard Interactive authentication method.

Parameters
[in]filenameName of the PAM configuration file. The file needs to be located in the default PAM directory (usually /etc/pam.d/).
Returns
0 on success, 1 on error.