JSch.addIdentity的pubkey参数的用途 [英] Purpose of pubkey parameter of JSch.addIdentity

问题描述

我指的是

public void addIdentity(String name,
                        byte[] prvkey,
                        byte[] pubkey,
                        byte[] passphrase)
                 throws JSchException

我尝试使用它，无论我以pubkey作为输入(无论长度或字符如何)，只要prvkey匹配，都将建立连接.

I tried using it and no matter what input I give as pubkey (doesn't matter the length or the characters), as long as the prvkey matches, the connection will be established.

这是正常现象吗?为什么甚至还要请求pubkey?

Is this the normal behavior? Why is the pubkey even requested then?

经过更多研究，似乎没有故意忽略pubkey，但是它必须遵守某些规则才能被考虑，否则似乎仍然仅考虑prvkey.

After a bit more research, it seems like the pubkey is not ignored on purpose, but it has to respect certain rules to be taken into consideration, otherwise it still seems to consider only the prvkey.

推荐答案

当您在JSch(或任何SSH库/客户端)中加载了多个密码短语加密的密钥对时，拥有未加密的公共密钥特别有用.

Having unencrypted public key is particularly useful, when you have multiple passphrase-encrypted key-pairs loaded into the JSch (or any SSH library/client).

具有未加密的公共密钥，客户端(JSch)可以使用公共密钥来询问​​服务器，是否可以识别该密钥.如果是这样，则只有JSch才会要求密码短语来解密私钥.

Having the unencrypted public key, the client (JSch) can use the public key to ask the server, whether it recognizes the key. If it does, only then the JSch will ask for the passphrase to decrypt the private key.

如果只有一个密钥，或者所有密钥都未加密，则无需指定pubkey(使用null).

If you have only one key or if all your keys are unencrypted, you do not need to specify the pubkey (use null).

这篇关于JSch.addIdentity的pubkey参数的用途的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！