headers
Casper Langemeijer | 19 Jun 2012 21:30
Picon
Gravatar

Re-authenticate

Hi All,

I'm trying to get the number of bugs on the ssh2 php bindings down a bit.
One of the oldest open bugs is a request for a feature to re-authenticate:

unfortunately it is not possible to re-use a SSH connection for several log ins (authentications). This
would be *very* useful because it takes ages to establish a ssh connection, so one could save a lot of time if
it were possible to re-login via ssh2_auth_password().
Btw, the server hangs up if one tries to re-authenticate a second time.

Can this be done with libssh2? Can this be done with the ssh protocol at 
all?

My guess is that it's never going to happen and we should tell the bug 
poster, but I need to be sure.

Greetings, Casper
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Permalink | Reply |
headers
Alexander Lamaison | 19 Jun 2012 23:44
Picon

Re: Re-authenticate

On 19 June 2012 20:30, Casper Langemeijer <casper@...> wrote:
> Hi All,
>
> I'm trying to get the number of bugs on the ssh2 php bindings down a bit.
> One of the oldest open bugs is a request for a feature to re-authenticate:
>
> unfortunately it is not possible to re-use a SSH connection for several log
> ins (authentications). This would be *very* useful because it takes ages to
> establish a ssh connection, so one could save a lot of time if it were
> possible to re-login via ssh2_auth_password().
> Btw, the server hangs up if one tries to re-authenticate a second time.

What do you mean by reauthenticate/re-login?  One the connection has
been authenticated, that's it; the server won't de-authentication it.
If, on the other hand, the connection breaks then you have no
connection to revive.  Starting and authenticating from scratch
becomes the only option.

Alex

--

-- 
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Permalink | Reply |
headers
Peter Stuge | 20 Jun 2012 03:57
Picon

Re: Re-authenticate

Casper Langemeijer wrote:
> re-use a SSH connection for several log ins (authentications)

This is correct. The SSH protocol only ever does authentication once
for every session, at the beginning. After the session is
authenticated then it is possible to open many channels.

libssh2 exposes both these things in the API.

> re-authenticate a second time.
> 
> Can this be done with libssh2?

Can you explain in more detail what you want to do?

> Can this be done with the ssh protocol at all?

http://trac.libssh2.org/wiki/FAQ#WhatistheSSH-2protocol

After a session passes authentication there can be many channels.
Everything you use SSH for is a channel. The PHP plugin can choose
to reuse sessions transparently, in order to avoid creating new
sessions.

But under no circumstances can a single session be authenticated more
than once. That also does not make sense in protocol terms. Please do
look at the protocol RFCs. They are very very easy to read.

//Peter
_______________________________________________
(Continue reading)

Permalink | Reply |

Gmane