/**
* Configure known host database for connection
*
* @param c a connection
* @throws IOException if there is a IO problem
*/
private void configureKnownHosts(Connection c) throws IOException {
File knownHostFile = new File(knownHostPath);
if (knownHostFile.exists()) {
database.addHostkeys(knownHostFile);
}
final List<String> algorithms = myHost.getHostKeyAlgorithms();
c.setServerHostKeyAlgorithms(algorithms.toArray(new String[algorithms.size()]));
}
/**
* Try public key
*
* @param c a ssh connection
* @param keyPath a path to key
* @return true if authentication is successful
*/
private boolean tryPublicKey(final Connection c, final String keyPath) {
try {
final File file = new File(keyPath);
if (file.exists()) {
// if encrypted ask user for passphrase
String passphrase = null;
char[] text = FileUtil.loadFileText(file);
if (isEncryptedKey(text)) {
// need to ask passphrase from user
int i;
for (i = myHost.getNumberOfPasswordPrompts(); i > 0; i--) {
passphrase =
myXmlRpcClient.askPassphrase(
myHandlerNo, getUserHostString(), keyPath, myLastError);
if (passphrase == null) {
// if no passphrase was entered, just return false and try something other
return false;
} else {
try {
PEMDecoder.decode(text, passphrase);
myLastError = "";
} catch (IOException e) {
// decoding failed
myLastError = GitBundle.message("sshmain.invalidpassphrase", keyPath);
continue;
}
break;
}
}
if (i == 0) {
myLastError =
GitBundle.message(
"sshmain.too.mush.passphrase.guesses",
keyPath,
myHost.getNumberOfPasswordPrompts());
return false;
}
}
// try authentication
if (c.authenticateWithPublicKey(myHost.getUser(), text, passphrase)) {
myLastError = "";
return true;
} else {
if (passphrase != null) {
// mark as failed authentication only if passphrase were asked
myLastError = GitBundle.message("sshmain.pk.authenitication.failed", keyPath);
} else {
myLastError = "";
}
}
}
return false;
} catch (Exception e) {
return false;
}
}