About SSH command in Linux

Dear Experts,

I'm developing a Java service (on Redhat) that uses SSH command to another remote PC.
I uses private key for authentication.

If the private key exists and authentication is successful, my service is OK.
But the problem is:
-  If the private key not exist or can not access, there will be a prompt dialog to ask for a password.
openssh's dialog
-  How can we prevent the dialog for asking password?
-  I tried to modify
       [PaswordAuthentication yes/no]
    in [/etc/ssh/ssh_config] but it will affect all system (not only my service).

Who is Participating?
mccarlConnect With a Mentor IT Business Systems Analyst / Software DeveloperCommented:
If you want to disable password authentication just for your particular session you can pass the following argument on the 'ssh' command line...

Open in new window

If that doesn't work, you might also look into the PreferredAuthentications option (depending on which protocol version you are using), it is doucmented on the ssh_config man page...

There are normally two solutions to this problem.

Either enable public-private key mechanism as you just described

Or use some Expect (or alike) utility that would read the terminal prompts and provide a password.

First one is the better way to go.

SSH should be used for admin kind of jobs.  If you are designing a software solution, you better use some CGI or web kind of programming to accomplish the same.
Your java app should/could use an encrypted stream and deal with the credential exchange without the use of an external command.  Your app controls whether to present the password prompt to the user.

Depending on which ssh class you incorporate into your java service there might be a way as the other experts pointed to dealing with error/event handling.
The option disabling password authentication is a shortsighted solution as it could hide a future failure especially making hard to resolve an issue like loss of connectivity to the remote system or termination of sshd or a misconfiguration of a firewall on the remote system.  All the above might not provide feedback to resolve the issue quickly.
Build your data science skills into a career

Are you ready to take your data science career to the next step, or break into data science? With Springboard’s Data Science Career Track, you’ll master data science topics, have personalized career guidance, weekly calls with a data science expert, and a job guarantee.

FSOFT-SAAuthor Commented:
The option "-oPasswordAuthentication=no" on the 'ssh' command line works fine for me.
mccarlIT Business Systems Analyst / Software DeveloperCommented:
@FSOFT-SA,  Glad to help! :)

@arnold,  I don't think there is anything shortsighted or incorrect about this method. All it is saying is that IF public key authentication has failed, rather than fallback and attempt a password authentication which can never succeed anyway, just fail the whole attempt straight away. The end result is still the same, either the ssh process succeeds due to correct public key auth otherwise the process fails (just now it fails without having to have shown the useless password dialog box). And I don't see how authentication methods used relates to loss of connectivity or firewall misconfiguration, or what feedback is provided
I agree that your suggestion is valid, my point on the shortsighted deals with adding a "reporting" mechanism rather than failing gracefully which is how I interpreted the question given the current situation where a "user" gets a prompt for a password.

The option to disable password auth, means the user's attempts fails. Not sure what if any notice is output to the user or if any notification to the admin is made to indicate an attempt to access servers failed for login/authentication issue.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.