Authentication & credentials

SSHAuthentication

public enum SSHAuthentication: Sendable {
    case password(String)
    case privateKeyFile(path: String, passphrase: String? = nil)
    case keyboardInteractive(SSHKeyboardInteractiveResponseProvider)
    case agent(SSHAgentConfiguration = SSHAgentConfiguration())
}

public typealias SSHKeyboardInteractiveResponseProvider =
    @Sendable (_ name: String, _ instruction: String,
               _ prompts: [SSHKeyboardInteractivePrompt]) -> [String]

SSHKeyboardInteractivePrompt

public struct SSHKeyboardInteractivePrompt: Equatable, Sendable {
    public var prompt: String
    public var echo: Bool

    public init(prompt: String, echo: Bool)
}

SSHAgentConfiguration

public struct SSHAgentConfiguration: Equatable, Sendable {
    public var socketPath: String?

    public init(socketPath: String? = nil)
}

SSHAuthenticationMethod

public enum SSHAuthenticationMethod: Equatable, Sendable {
    case none
    case password
    case publicKey
    case hostBased
    case keyboardInteractive
    case gssapi
}

SSHAuthenticationDiscoveryResult

public struct SSHAuthenticationDiscoveryResult: Equatable, Sendable {
    public var methods: [SSHAuthenticationMethod]
    public var issueBanner: String?
    public var serverBanner: String?

    public init(
        methods: [SSHAuthenticationMethod],
        issueBanner: String?,
        serverBanner: String?
    )
}

SSHKeychainCredentialStore

public struct SSHKeychainCredentialStore: @unchecked Sendable {
    public static let defaultService = "wiki.qaq.sshkit.credentials"

    public init(
        service: String = SSHKeychainCredentialStore.defaultService,
        accessGroup: String? = nil
    )

    public func savePassword(_ password: String, account: String) throws
    public func password(account: String) throws -> String?

    public func savePrivateKey(_ credential: SSHPrivateKeyCredential, account: String) throws
    public func privateKey(account: String) throws -> SSHPrivateKeyCredential?

    public func removeCredentials(account: String) throws
}

Synchronous, throws Keychain errors via the underlying KeychainAccess dependency. Swift-only; no Obj-C counterpart.

SSHPrivateKeyCredential

public struct SSHPrivateKeyCredential: Codable, Equatable, Sendable {
    public var privateKeyOpenSSH: String
    public var passphrase: String?

    public init(privateKeyOpenSSH: String, passphrase: String? = nil)
}