ssh allows you to connect to an sshd server and execute commands on the remote computer. It can automatically encrypt, authenticate, and compress transmitted data. The SSH protocol is available in two incompatible varieties: SSH1 and SSH2. SSH2 was invented to avoid the patent issues regarding RSA (RSA patent has expired), and to fix some data integrity problem that SSH1 has, and for a number of other technical reasons. SSH2 protocol has been standardized on IETF Secure Shell working group and drafts related to SSH2 protocol are available on the web.

1 Introduction

SSH2 protocol support.

  • Key exchange: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
  • Cipher: blowfish-cbc,3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,3des-ctr,arcfour,arcfour128,arcfour256
  • MAC: hmac-md5, hmac-sha1, hmac-md5-96, hmac-sha1-96
  • Host key type: ssh-dss,ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
  • Userauth: password
  • Userauth: publickey(DSA,RSA,ECDSA)

2 Userauth with password

Create a ssh client for command execution using the following command.

Copy 
// create a client using username and password
    var client = new Ax.net.SshClient('192.168.100.14', 22, 'username', 'password');
    var response = client.exec("ls -l");
    console.log(response.status);
    console.log(response.sdtErr);
    console.log(response.stdOut);

2.1 Run an informix dbaccess commmand

Copy 
// create a client using username and password
    var client = new Ax.net.SshClient('192.168.100.14', 22, 'username', 'password');
	var response = client.exec(`dbaccess sysmaster - <<!
select * from systables where tabid =1;
!				
`)

3 Userauth: publickey

You can use the openSSL keys to conenct to a remote computer.

  1. Generate the ssh keys
    Copy 
    $ ssh-keygen -m pem -t RSA
    This generates the RSA files in old format under your directory
    • .ssh/id_rsa
    • .ssh/id_rsa.pub
  2. Transfer the public key to the remote authorized keys
    Copy 
    $ ssh-copy-id -i ~/.ssh/id_rsa.pub informix@dbsrv4
> password: [enter remote password]
  3. Verify connection is valid
    Copy 
    $ ssh informix@dbsrv4
> ...
  4. Generate a Java compatible PEM file for the private kye (the existing one can not be loaded by Java as it's only compatible for OpenSSL)
    Copy 
    $ openssl pkcs8 -in .ssh/id_rsa -topk8 -nocrypt -out privatekey-pkcs8.pem

Now you have the files with the private key (java compatible) and the public key:

  • privatekey-pkcs8.pem
  • .ssh/id_rsa.pub

Create a ssh client for command execution using the following command.

Copy 
// create a client with the public & private key
    var pubKey = `ssh-rsa N+Re6xZ/5xgyYCiZNmu799le5r/Z6Fz4VJnuCuHJUO00+4RUD/vgIiJKSeXCzGyuCyzTVGxPNvz username@computer.local`;				
    var priKey = `-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC85AdjEMDkXdfZ
rpmZ8ei9xs2XAO+IaonoiXr7aQhxdLD+mvVQSOfVTyWK31MGkqrXVJgdcusxsd9C
t5fbyWWDq9OBAVb/NRi2xPQ4b1qKKVQ9+RjebHC5WinrMcPIOsRIs1V+lBCkTE/s
nNMntUH8eXFFQweBv4Oa46j+HgH0iKWVqrYAAnQZeGlwUEnhSuJ+DEjwUogF74O6
....
88KQl/GvAfgWlOXx4qJXZ71sLwSK0g+sncMuLxFnAoGBAJE+V/HyULz70TU4f5Tb
A1vJb3r7aBfPUNRXFylkzT/rcNvtb1/Q3rt0/CXQgN15GJolAA0lcjy420iGzngM
LU2M4RIOGipQZky9D7TxuQEKvdn86yqobRfAPatMF45kBhdq+m0U6jiwNFmYlqx0
S4337B5u8VJEWozcAl+OJ3bJ
-----END PRIVATE KEY-----
`;				
    var client = new Ax.net.SshClient('192.168.100.14', 22, 'informix', priKey, pubKey);
    client.exec("ls -l")
For more information about openSSL and Java read Using openssl and java for RSA keys