以下为定义的静态子串常量
const char *keyfile1 = "~/.ssh/id_rsa.pub";
const char *keyfile2 = "~/.ssh/id_rsa";
const char *username = "username";
const char *password = "password";
unsigned long hostaddr;
int rc, sock, i, auth_pw = 0;
struct sockaddr_in_sin;
const char *fingerprint;
char * userauthlist;
LIBSSH2_SESSION *session;
LIBSSH2_CHANNEL *channel;
连接到SSH2步骤:
(1)建立socket并连接到远程主机SSH2服务(22端口);
(2)创建一个LIBSSH2_SESSION 实例并启动它。启动动作包括设置欢迎横幅、交换密钥并且设置加密、压缩和MAC层。
session = libssh2_session_init(); //创建一个会话实例
if(libssh2_session_handshake(session, sock))
fprintf(stderr, "Failure establishing SSH session");
return -1;
(3)认证:检查主机密钥指纹并检查可用的认证方式。
fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
userauthlist = libssh2_userauth_list(session, username, strlen(username));
if(strstr(userauthlist, "password") != NULL)
auth_pw |= 1;
if(strstr(userauthlist, "keyboad-interactive") != NULL)
auth_pw |= 2;
if(strstr(userauthlist, "publickey") != NULL)
auth_pw |= 4;
(4)如果在参数列表中设置了认证方式,则将认证方式设为命令中的方式(前提是该方式是通过上个步骤检测可用的)。
if(argc > 4)
if((auth_pw & 1) && !strcasecmp(argv[4], "-p"))
auth_pw = 1;
if((auth_pw & 2) && !strcasecmp(argv[4], "-i"))
auth_pw = 2;
if((auth_pw && 4) && !strcasecmp(argv[4], "-k"))
auth_pw = 4;
(5)根据上一步选定的认证方式开始认证。
if (auth_pw & 1) {
/* We could authenticate via password */
if (libssh2_userauth_password(session, username, password)) {
fprintf(stderr, "\tAuthentication by password failed!\n");
goto shutdown;
} else {
fprintf(stderr, "\tAuthentication by password succeeded.\n");
} else if (auth_pw & 2) {
/* Or via keyboard-interactive */
if (libssh2_userauth_keyboard_interactive(session, username,
&kbd_callback) ) {
fprintf(stderr,
"\tAuthentication by keyboard-interactive failed!\n");
goto shutdown;
} else {
fprintf(stderr,
"\tAuthentication by keyboard-interactive succeeded.\n");
} else if (auth_pw & 4) {
/* Or by public key */
if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
keyfile2, password)) {
fprintf(stderr, "\tAuthentication by public key failed!\n");
goto shutdown;
} else {
fprintf(stderr, "\tAuthentication by public key succeeded.\n");
} else {
fprintf(stderr, "No supported authentication methods found!\n");
goto shutdown;
(6)请求一个shell
if(!(channel = libssh2_channel_open_session(session)))
(7)设置一些环境变量,并上传给服务器
libssh2_channel_setenv(channel, "F00", "bar");
(8)请求一个vanilla的终端模拟。
libssh2_channel_request_pty(channel, "vanilla")
(9)在上一步请求的pty上开启SHELL。
libssh2_channel_shell(channel)
(10)至此,可以交互使用shell了
libssh2_channel_read();
libssh2_channel_read_stderr();
libssh2_channel_write();
libssh2_channel_write_stderr();
/* 打开或关闭阻塞模式 */
libssh2_channel_set_blocking();
/* 如果服务器发送EOF */
libssh2_channel_eof()返回非0;
/* 关闭channel */
libssh2_channel_close();
/* 释放一个channel */
libssh2_channel_free();
(11)ssh交互完成后,关闭会话并释放会话
libssh2_session_disconnect(session, "Normal Shutdown");
libssh2_session_free(session);
(12)关闭sock并退出libssh2
close(sock);
libssh2_exit();
官网实例以作参考:
https://github.com/libssh2/libssh2/blob/master/example/ssh2.c
* Sample showing how to do SSH2 connect.
* The sample code has default values for host name, user name, password
* and path to copy, but you can specify them on the command line like:
* "ssh2 host user password [-p|-i|-k]"
#include "libssh2_config.h"
#include <libssh2.h>
#include <libssh2_sftp.h>
#ifdef HAVE_WINDOWS_H
# include <windows.h>
#endif
#ifdef HAVE_WINSOCK2_H
# include <winsock2.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif
# ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
# ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#include <sys/types.h>
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <ctype.h>
const char *keyfile1 = "~/.ssh/id_rsa.pub";
const char *keyfile2 = "~/.ssh/id_rsa";
const char *username = "username";
const char *password = "password";
static void kbd_callback(const char *name, int name_len,
const char *instruction, int instruction_len,
int num_prompts,
const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
void **abstract)
(void)name;
(void)name_len;
(void)instruction;
(void)instruction_len;
if(num_prompts == 1) {
responses[0].text = strdup(password);
responses[0].length = strlen(password);
(void)prompts;
(void)abstract;
} /* kbd_callback */
int main(int argc, char *argv[])
unsigned long hostaddr;
int rc, sock, i, auth_pw = 0;
struct sockaddr_in sin;
const char *fingerprint;
char *userauthlist;
LIBSSH2_SESSION *session;
LIBSSH2_CHANNEL *channel;
#ifdef WIN32
WSADATA wsadata;
int err;
err = WSAStartup(MAKEWORD(2, 0), &wsadata);
if(err != 0) {
fprintf(stderr, "WSAStartup failed with error: %d\n", err);
return 1;
#endif
if(argc > 1) {
hostaddr = inet_addr(argv[1]);
else {
hostaddr = htonl(0x7F000001);
if(argc > 2) {
username = argv[2];
if(argc > 3) {
password = argv[3];
rc = libssh2_init(0);
if(rc != 0) {
fprintf(stderr, "libssh2 initialization failed (%d)\n", rc);
return 1;
/* Ultra basic "connect to port 22 on localhost". Your code is
* responsible for creating the socket establishing the connection
sock = socket(AF_INET, SOCK_STREAM, 0);
sin.sin_family = AF_INET;
sin.sin_port = htons(22);
sin.sin_addr.s_addr = hostaddr;
if(connect(sock, (struct sockaddr*)(&sin),
sizeof(struct sockaddr_in)) != 0) {
fprintf(stderr, "failed to connect!\n");
return -1;
/* Create a session instance and start it up. This will trade welcome
* banners, exchange keys, and setup crypto, compression, and MAC layers
session = libssh2_session_init();
if(libssh2_session_handshake(session, sock)) {
fprintf(stderr, "Failure establishing SSH session\n");
return -1;
/* At this point we havn't authenticated. The first thing to do is check
* the hostkey's fingerprint against our known hosts Your app may have it
* hard coded, may go to a file, may present it to the user, that's your
* call
fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
fprintf(stderr, "Fingerprint: ");
for(i = 0; i < 20; i++) {
fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
fprintf(stderr, "\n");
/* check what authentication methods are available */
userauthlist = libssh2_userauth_list(session, username, strlen(username));
fprintf(stderr, "Authentication methods: %s\n", userauthlist);
if(strstr(userauthlist, "password") != NULL) {
auth_pw |= 1;
if(strstr(userauthlist, "keyboard-interactive") != NULL) {
auth_pw |= 2;
if(strstr(userauthlist, "publickey") != NULL) {
auth_pw |= 4;
/* if we got an 4. argument we set this option if supported */
if(argc > 4) {
if((auth_pw & 1) && !strcasecmp(argv[4], "-p")) {
auth_pw = 1;
if((auth_pw & 2) && !strcasecmp(argv[4], "-i")) {
auth_pw = 2;
if((auth_pw & 4) && !strcasecmp(argv[4], "-k")) {
auth_pw = 4;
if(auth_pw & 1) {
/* We could authenticate via password */
if(libssh2_userauth_password(session, username, password)) {
fprintf(stderr, "\tAuthentication by password failed!\n");
goto shutdown;
else {
fprintf(stderr, "\tAuthentication by password succeeded.\n");
else if(auth_pw & 2) {
/* Or via keyboard-interactive */
if(libssh2_userauth_keyboard_interactive(session, username,
&kbd_callback) ) {
fprintf(stderr,
"\tAuthentication by keyboard-interactive failed!\n");
goto shutdown;
else {
fprintf(stderr,
"\tAuthentication by keyboard-interactive succeeded.\n");
else if(auth_pw & 4) {
/* Or by public key */
if(libssh2_userauth_publickey_fromfile(session, username, keyfile1,
keyfile2, password)) {
fprintf(stderr, "\tAuthentication by public key failed!\n");
goto shutdown;
else {
fprintf(stderr, "\tAuthentication by public key succeeded.\n");
else {
fprintf(stderr, "No supported authentication methods found!\n");
goto shutdown;
/* Request a shell */
channel = libssh2_channel_open_session(session);
if(!channel) {
fprintf(stderr, "Unable to open a session\n");
goto shutdown;
/* Some environment variables may be set,
* It's up to the server which ones it'll allow though
libssh2_channel_setenv(channel, "FOO", "bar");
/* Request a terminal with 'vanilla' terminal emulation
* See /etc/termcap for more options
if(libssh2_channel_request_pty(channel, "vanilla")) {
fprintf(stderr, "Failed requesting pty\n");
goto skip_shell;
/* Open a SHELL on that pty */
if(libssh2_channel_shell(channel)) {
fprintf(stderr, "Unable to request shell on allocated pty\n");
goto shutdown;
/* At this point the shell can be interacted with using
* libssh2_channel_read()
* libssh2_channel_read_stderr()
* libssh2_channel_write()
* libssh2_channel_write_stderr()
* Blocking mode may be (en|dis)abled with: libssh2_channel_set_blocking()
* If the server send EOF, libssh2_channel_eof() will return non-0
* To send EOF to the server use: libssh2_channel_send_eof()
* A channel can be closed with: libssh2_channel_close()
* A channel can be freed with: libssh2_channel_free()
skip_shell:
if(channel) {
libssh2_channel_free(channel);
channel = NULL;
/* Other channel types are supported via:
* libssh2_scp_send()
* libssh2_scp_recv2()
* libssh2_channel_direct_tcpip()
shutdown:
libssh2_session_disconnect(session,
"Normal Shutdown, Thank you for playing");
libssh2_session_free(session);
#ifdef WIN32
closesocket(sock);
#else
close(sock);
#endif
fprintf(stderr, "all done!\n");
libssh2_exit();
return 0;
1,由于返回数据过大,因此会出现“--More--”问题,该问题,可通过模拟手动数据enter键使返回数据正常。
2,当时操作步骤1时,会出现数据格式存在问题,因此可以修改API,
#define MAX_PTY_SIZE (40960...
推荐开源项目:libssh2 - SSH2协议库
libssh2the SSH library项目地址:https://gitcode.com/gh_mirrors/li/libssh2 项目介绍
libssh2是一个实现SSH2协议的开源库,它以修订版BSD许可证授权。该项目提供了一种在各种编程语言中安全地执行远程操作的方法,如文件传输、命令执行等。通过libssh2,开发者可以轻松集成SSH...
参考:linux中ldconfig的使用介绍 ldconfig是一个动态链接库管理命令,其目的为了让动态链接库为系统所共享。ldconfig的主要用途:
1.默认搜寻/lilb和/usr/lib,以及配置文件/etc/ld.so.conf内所列的目录下的库文件。
2.搜索出可共享的动态链接库,库文件的格式为:lib***.so.**,进而创建出动态装入程序(ld.so)所需的连接和缓存文件。缓存
近期项目中需要用到ssh链接设备,需要用到libssh2,此文总结了libssh2在windows平台上编译过程,编译结果将在文章末尾放出。
下载libssh2源码
github下载libssh2源码,下载地址:https://github.com/libssh2/libssh2/releases
下载cmake
cmake官网下载cmake,下载地址:https://cmake.org/download/
下载OpenSSL
直接从http://slproweb.com/products/Win32O
要下载和编译Linux的libssh2.so版本,可以按照以下步骤进行:
1. 首先,从libssh2官方网站(https://www.libssh2.org/)或者其他可靠的资源库中找到最新的libssh2版本的源代码压缩包。
2. 下载源代码压缩包到本地计算机,可以使用命令行工具如wget或者通过浏览器下载。
3. 解压缩源代码压缩包,在命令行中使用tar命令进行解压缩。例如,使用以下命令解压缩压缩包:
tar -zxvf libssh2-x.x.x.tar.gz
(其中x.x.x代表源代码压缩包的版本号)
4. 进入解压缩后的libssh2目录,使用cd命令切换到解压后的文件夹内。
5. 使用编译工具(如gcc)对libssh2进行编译,可以使用以下命令进行编译:
./configure
make install
注意:在编译之前,请确保您已经安装了必要的依赖项(如libssl-dev)。
6. 编译完成后,libssh2.so文件将会生成在系统默认的库文件路径中,一般为/usr/local/lib。如果您希望将其安装到其他位置,可以在configure命令中通过--prefix选项指定安装路径。
7. 可以使用ldconfig命令来刷新系统的动态链接器缓存,以便让系统找到新安装的libssh2.so文件。可以使用以下命令来刷新缓存:
sudo ldconfig
8. 现在,您可以在您的应用程序中使用libssh2库进行开发和测试。记得在编译应用程序时,使用-L选项指定libssh2.so所在的目录,并使用-lssh2选项链接到libssh2库。
以上是一个简单的示例解释如何在Linux上下载和编译libssh2.so版本。具体步骤和命令可能因系统版本和安装环境而有所不同,建议在实际操作中参考官方文档或其他可靠资源。
