com.maverick.sshd

Class SshContext

java.lang.Object

com.maverick.nio.ProtocolContext

com.maverick.sshd.SshContext

All Implemented Interfaces:

ExecutorServiceProvider

public class SshContext
extends ProtocolContext
implements ExecutorServiceProvider

This class defines an SSH context for listening interfaces on the Daemon.

Author:

Lee David Painter

Field Summary

Fields

Modifier and Type	Field and Description
static int	ANY
static String	CIPHER_AES_GCM_128
static String	CIPHER_AES_GCM_256
static String	CIPHER_AES128_CBC
static String	CIPHER_AES128_CTR
static String	CIPHER_AES192_CBC
static String	CIPHER_AES192_CTR
static String	CIPHER_AES256_CBC
static String	CIPHER_AES256_CTR
static String	CIPHER_ARCFOUR
static String	CIPHER_ARCFOUR_128
static String	CIPHER_ARCFOUR_256
static String	CIPHER_BLOWFISH_CBC
static String	CIPHER_TRIPLEDES_CBC
static String	CIPHER_TRIPLEDES_CTR
static String	COMPRESSION_NONE Compression off
static String	COMPRESSION_ZLIB ZLIB compression
static String	HMAC_MD5 MD5 message authentication
static String	HMAC_MD5_96 MD5 96 bit message authentication
static String	HMAC_MD5_ETM
static String	HMAC_RIPEMD160
static String	HMAC_RIPEMD160_ETM
static String	HMAC_SHA1 SHA1 message authentication
static String	HMAC_SHA1_96 SHA1 96 bit message authentication
static String	HMAC_SHA1_ETM
static String	HMAC_SHA256
static String	HMAC_SHA256_96
static String	HMAC_SHA256_ETM
static String	HMAC_SHA512
static String	HMAC_SHA512_96
static String	HMAC_SHA512_ETM
static String	KEX_CURVE_25519_SHA256
static String	KEX_CURVE_25519_SHA256_LIBSSH_ORG
static String	KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1 Constant for the algorithm name "diffie-hellman-group-exchange-sha1".
static String	KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256
static String	KEX_DIFFIE_HELLMAN_GROUP1_SHA1 Constant for the algorithm name "diffie-hellman-group1-sha1".
static String	KEX_DIFFIE_HELLMAN_GROUP14_SHA1 Constant for the algorithm name "diffie-hellman-group14-sha1".
static String	KEX_DIFFIE_HELLMAN_GROUP14_SHA256 Constant for the algorithm name "diffie-hellman-group14-sha256".
static String	KEX_DIFFIE_HELLMAN_GROUP15_SHA512 Constant for the algorithm name "diffie-hellman-group15-sha512".
static String	KEX_DIFFIE_HELLMAN_GROUP16_SHA512 Constant for the algorithm name "diffie-hellman-group16-sha512".
static String	KEX_DIFFIE_HELLMAN_GROUP17_SHA512 Constant for the algorithm name "diffie-hellman-group17-sha512".
static String	KEX_DIFFIE_HELLMAN_GROUP18_SHA512 Constant for the algorithm name "diffie-hellman-group18-sha512".
static String	KEX_ECDH_NISPT_256
static String	KEX_ECDH_NISPT_384
static String	KEX_ECDH_NISPT_521
static String	KEX_RSA_1024_SHA1
static String	KEX_RSA_2048_SHA256
static int	KEYBOARD_INTERACTIVE
static String	KEYBOARD_INTERACTIVE_AUTHENTICATION
static int	PASSWORD
static String	PASSWORD_AUTHENTICATION Identifier for password authentication
static int	PUBLIC_KEY
static String	PUBLIC_KEY_ECDSA256
static String	PUBLIC_KEY_ECDSA384
static String	PUBLIC_KEY_ECDSA521
static String	PUBLIC_KEY_ED25519
static String	PUBLIC_KEY_ED448
static String	PUBLIC_KEY_RSA_SHA256
static String	PUBLIC_KEY_RSA_SHA512
static String	PUBLIC_KEY_SSHDSS SSH2 DSA Public Key
static String	PUBLIC_KEY_SSHRSA SSH2 RSA Public Key
static int	PUBLIC_KEYandPASSWORD
static String	PUBLICKEY_AUTHENTICATION Identifier for public key authentication

Fields inherited from class com.maverick.nio.ProtocolContext

keepAlive, receiveBufferSize, reuseAddress, sendBufferSize, tcpNoDelay

Constructor Summary

Constructors

Constructor and Description
SshContext() Constructs a default context but does not set the daemon
SshContext(Daemon daemon) Constructs a default context
SshContext(Daemon daemon, SecurityLevel securityLevel)

Method Summary

Modifier and Type	Method and Description
void	addCommand(String name, Class<? extends ExecutableCommand> cls) Add an com.maverick.sshd.ExecutableCommand to the configuration.
void	addEventListener(EventListener listener)
void	addGlobalRequestHandler(GlobalRequestHandler handler)
void	addHostKey(SshKeyPair keyPair) Add a host key to the configuration.
void	addRequiredAuthentication(String method) Set an authentication method as required.
void	addSFTPExtensionFactory(SftpExtensionFactory factory)
boolean	containsCommand(String name) Determine whether a command is configured.
ProtocolEngine	createEngine() Create a protocol engine.
int	decrementConnections()
void	enableFIPSMode() Deprecated. This method is out-of-date. Use JCEProvider.initializeDefaultProvider("BCFIPS") passing a FIPS approved JCE provider in approved mode to restrict algorithms to only those supported by the approved FIPS environment.
void	enableSFTPVersion4() Deprecated.
static SshKeyPair	GenerateKeyFiles(File keyFilename, String type, int bitlength, int privateKeyFormat, int publicKeyFormat) Deprecated. use generateKeyFiles instead.
static SshKeyPair	generateKeyFiles(File keyFilename, String type, int bitlength, int privateKeyFormat, int publicKeyFormat, String passphrase) Generate a public and private key pair, save them to keyFilename and keyFilename.pub, return the key pair
boolean	getAllowDeniedKEX()
AuthenticationMechanismFactory	getAuthenticationMechanismFactory()
String	getBannerMessage() Get the authentication banner to display to connecting clients.
ByteBufferPool	getByteBufferPool()
int	getChannelDataTimeoutSeconds()
ChannelFactory	getChannelFactory()
int	getChannelLimit() Get the maximum number of open channels allowed by each client.
String	getCiphersCS()
String	getCiphersSC() Get the ciphers for the Server->Client stream.
Class<? extends ExecutableCommand>	getCommand(String name) Get the Class implementation for a given command.
int	getCompressionLevel() Get the current compression level
int	getConnections()
long	getConnectionUploadQuota()
DaemonContext	getDaemonContext()
String	getDefaultTerminal() Get the default terminal to execute when the user requests to start a shell.
boolean	getDisableSFTPDirChecks()
List<EventListener>	getEventListeners()
ExecutorService	getExecutorService()
FileSystemFactory	getFileSystemProvider() Get the FileSystem for this SSHD instance.
int	getForwardingBufferMaxQueueCount()
ForwardingCallback	getForwardingCallback() Get the forwarding callback implementation for this server context.
ForwardingPolicy	getForwardingPolicy()
GlobalRequestHandler	getGlobalRequestHandler(String requestname)
SshKeyPair	getHostKey(String algorithm) Get the SSHD host key for a given algorithm.
SshKeyPair[]	getHostKeys() Get all the hosts keys.
String	getHttpRedirectUrl()
int	getIdleAuthenticationTimeoutSeconds()
int	getIdleConnectionTimeoutSeconds() Should the connection be disconnected on session timeout?
IPPolicy	getIPPolicy()
int	getKeepAliveDataMaxLength() Get the maximum data length for the keep-alive packet.
int	getKeepAliveInterval() Get the current keep-alive interval (in seconds).
Configuration	getKerberosConfiguration() Get the custom Kerberos configuration.
String	getKerberosDC() Get the Kerberos domain controller address .
String	getKerberosRealm() Get the realm name to use for GSSAPI Kerberos authentication.
char[]	getKerberosServicePassword() Get the Kerberos service account password.
String	getKerberosServicePrincipal() Get the Kerberos service account password.
int	getKeyExchangePacketLimit() Get the number of packets to send before a key exchange is forced
String	getKeyExchanges() Get the ciphers for the Server->Client stream.
int	getKeyExchangeTransferLimit() Get the number of bytes to transfer before a key exchange is forced.
LoadBalancerPolicy	getLoadBalancerPolicy()
Locale	getLocale()
String	getMacsCS() Get the ciphers for the Client->Server stream.
String	getMacsSC() Get the ciphers for the Server->Client stream.
int	getMaxAuthentications() Get the maximum number of failed authentications allowed for each connection.
int	getMaxConcurrentTransfers()
int	getMaxDHGroupExchangeKeySize()
int	getMaximumChannelsPerConnection()
int	getMaximumConnections() Get the maximum number of connections allowed at any one time.
int	getMaximumNumberOfAsyncSFTPRequests() Deprecated. This setting is redundant
int	getMaximumPacketLength() Get the maximum supported length of an SSH packet.
int	getMaximumPublicKeyVerificationAttempts() Get the number of public keys that each user can attempt to verify for public key authentication.
int	getMaximumSFTPWindowSpace()
int	getMaximumSocketsBacklogPerRemotelyForwardedConnection()
int	getMaximumUserConnections() Get the maximum number of connections a user is allowed at any one time.
int	getMaxSessions()
int	getMaxumumSessionWindowSpace()
MessagePolicy	getMessagePolicy()
int	getMinDHGroupExchangeKeySize()
int	getMinimumRemotePacketSize()
int	getMinimumSFTPWindowSapce()
String	getPreferredCipherCS() Get the currently preferred cipher for the Client->Server stream.
String	getPreferredCipherSC() Get the currently preferred cipher for the Server->Client stream.
String	getPreferredCompressionCS() Get the currently preferred compression for the Client->Server stream.
String	getPreferredCompressionSC() Get the currently preferred compression for the Server->Client stream.
String	getPreferredKeyExchange() Get the currently preferred key exchange method.
String	getPreferredMacCS() Get the currently preferred mac for the Client->Server stream.
String	getPreferredMacSC() Get the currently supported mac for the Server-Client stream.
String	getPreferredPublicKey() Get the currently preferred public key algorithm.
boolean	getPreventDirectoryDuplicateReadsPerChannel()
PublicKeyAuthenticationVerifier	getPublicKeyAuthenticationVerifier()
String	getPublicKeys() Get the ciphers for the Server->Client stream.
boolean	getRemoteForwardingCancelKillsTunnels() Determines whether the cancellation of a remote forwarding drops currently active tunnels
Class<? extends RemoteForwardingFactory>	getRemoteForwardingFactoryImpl()
Class<? extends RemoteForwardingManager>	getRemoteForwardingManagerImpl()
String[]	getRequiredAuthentications() Lists the required authentication methods.
RequiredAuthenticationStrategy	getRequiredAuthenticationStrategy()
SecurityLevel	getSecurityLevel()
Daemon	getServer() Get the instance of the SSHD for this context.
int	getSessionTimeout() Returns the session timeout in seconds
String	getSFTPCharsetEncoding() Get the current encoding value for filenames in SFTP sessions.
SftpExtension	getSFTPExtension(String requestName)
List<SftpExtensionFactory>	getSFTPExtensionFactories()
String	getSFTPLongnameDateFormat()
String	getSFTPLongnameDateFormatWithTime()
int	getSFTPVersion()
Class<? extends ExecutableCommand>	getShellCommand() Get an ExecutableCommand implementation that provides the default shell.
ShellPolicy	getShellPolicy()
String	getSoftwareVersionComments() Get the software/version/comments field that is to be used in the SSH protocols negotiation procedure.
String	getSupportedPublicKeys() Returns a comma delimited string containing installed public key types.
String	getTooManyConnectionsText()
UsernamePolicy	getUsernamePolicy()
String	getWelcomeText()
boolean	getWriteSCPBaseDir()
boolean	hasPublicKey(String algorithm) Determine if the server has a host key configured.
int	incrementConnections()
void	init(Daemon daemon) Initialise the SshContext by setting the daemon
boolean	isAllowZeroLengthFileUpload()
boolean	isEnableETM()
boolean	isHttpRedirect()
boolean	isKeyExchangeDisabled()
boolean	isManagedSFTPWindow() Deprecated.
boolean	isNonStandardAlgorithmsEnabled()
boolean	isPublicKeyVerificationFailedAuth()
boolean	isSCPReadWriteEvents()
boolean	isSFTPCloseFileBeforeFailedTransferEvents()
boolean	isSFTPReadWriteEvents()
boolean	isSFTPVersion4Enabled() Deprecated.
boolean	isSHA1SignaturesSupported()
void	loadHostKey(InputStream in, String type, int bitlength)
void	loadHostKey(InputStream in, String type, int bitlength, int privateKeyFormat, int publicKeyFormat, String passPhrase)
void	loadHostKey(InputStream in, String type, int bitlength, String passPhrase)
SshKeyPair	loadKey(File key, String passphrase)
SshKeyPair	loadKey(InputStream in, String passphrase)
void	loadKeystore(File keystoreFile, String alias, String storePassphrase, String keyPassphrase) Load a keystore for use as an SSH host key.
void	loadKeystore(File keystoreFile, String alias, String storePassphrase, String keyPassphrase, String storeType)
void	loadKeystore(InputStream in, String alias, String storePassphrase, String keyPassphrase)
void	loadKeystore(InputStream in, String alias, String storePassphrase, String keyPassphrase, String storeType)
void	loadOrGenerateHostKey(File key, String type, int bitlength) Load a host key from file, if the file does not exist then generate the key.
void	loadOrGenerateHostKey(File key, String type, int bitlength, int privateKeyFormat, int publicKeyFormat, String passPhrase) Load a host key from file, if the file does not exist then generate the key.
void	loadOrGenerateHostKey(File key, String type, int bitlength, String passPhrase)
void	loadSshCertificate(File keyFile, String passphrase, File certFile)
void	loadSshCertificate(SshCertificate cert)
void	removeEventListener(EventListener listener)
void	removeSFTPExtensionFactory(SftpExtensionFactory factory)
void	setAllowDeniedKEX(boolean allowKeyExchangeForDeniedConnection)
void	setAllowZeroLengthFileUpload(boolean allowZeroLengthFileUpload)
void	setAuthenicationMechanismFactory(AuthenticationMechanismFactory authFactory)
void	setBannerMessage(String authenticationBanner) Set the banner message that is displayed to all connecing clients prior to authentication.
void	setChannelDataTimeoutSeconds(int channelDataTimeout)
void	setChannelFactory(ChannelFactory channelFactory)
void	setChannelLimit(int maxChannels) Set the maximum number of open channels allowed by each client (defaults to 100).
void	setCipherPreferredPositionCS(String name, int position)
void	setCipherPreferredPositionSC(String name, int position)
void	setCompressionLevel(int compressionLevel) Set the compression level to use if compression is enabled
void	setConnectionUploadQuota(long perConnectionUploadQuota)
void	setDefaultTerminal(String defaultTerminal) Set the default terminal to execute when the user requests to start a shell.
void	setDisableSFTPDirChecks(boolean disableSFTPDirChecks)
void	setEnableETM(boolean enableETM)
void	setExecutorService(ExecutorService executor)
void	setFileSystemProvider(FileSystemFactory fileSystemFactory) Set the FileSystem for this SSHD instance.
void	setForwardingBufferMaxQueueCount(int forwardingBufferMaxQueueCount)
void	setForwardingCallback(ForwardingCallback forwardingCallback) Set the forwarding callback implementation for this server context.
void	setForwardingPolicy(ForwardingPolicy forwardingPolicy)
void	setHttpRedirect(boolean httpRedirect)
void	setHttpRedirectUrl(String httpRedirectUrl)
void	setIdleAuthenticationTimeoutSeconds(int idleAuthenticationTimeoutSeconds)
void	setIdleConnectionTimeoutSeconds(int idleConnectionTimeout) Inform the context that the connection should be disconnected on session timeout
void	setIPPolicy(IPPolicy ipPolicy)
void	setKeepAliveDataMaxLength(int keepAliveDataMaxLength) Set the maximum data length for the keep-alive packet.
void	setKeepAliveInterval(int keepAliveInterval) Set the keep-alive interval (in seconds).
void	setKerberosConfiguration(Configuration kerberosConfiguration) Set the custom Kerberos configuration.
void	setKerberosDC(String kerberosDC) Set the Kerberos domain controller address .
void	setKerberosRealm(String kerberosRealm) Set the realm name to use for GSSAPI Kerberos authentication.
void	setKerberosServicePassword(char[] kerberosServicePassword) Set the Kerberos service account password.
void	setKerberosServicePrincipal(String kerberosServicePrincipal) Set the Kerberos service account princial.
void	setKeyExchangeDisabled(boolean keyExchangeDisabled)
void	setKeyExchangePacketLimit(int MAX_NUM_PACKETS_BEFORE_REKEY) This tells the server how many packets to use before a key exchange.
void	setKeyExchangePreferredPosition(String name, int position)
void	setKeyExchangeTransferLimit(int MAX_NUM_BYTES_BEFORE_REKEY) This limit tells the server when to force a key exchange.
void	setLocale(Locale locale)
void	setMacPreferredPositionCS(String name, int position)
void	setMacPreferredPositionSC(String name, int position)
void	setManagedSFTPWindow(boolean managedSFTPWindow) Deprecated.
void	setMaxAuthentications(int maxAuthentications) Set the maximum number of failed authentications allowed for each connection.
void	setMaxConcurrentTransfers(int maxConcurrentTransfers)
void	setMaxDHGroupExchangeKeySize(int maxDHGroupExchangeKeySize)
void	setMaximumChannelsPerConnection(int maximumChannelsPerConnection)
void	setMaximumConnections(int maximumConnections) Set the maximum number of connections allowed at any one time.
void	setMaximumNumberofAsyncSFTPRequests(int maximumSftpRequests) Deprecated. This setting is redundant
void	setMaximumPacketLength(int maximumPacketLength) Set the maximum supported length of an SSH packet.
void	setMaximumPublicKeyVerificationAttempts(int maximumPublicKeyVerificationAttempts) Set the number of public keys that a user can verify for public key authentication.
void	setMaximumSFTPWindowSpace(int maximumSFTPWindowSpace)
void	setMaximumSocketsBacklogPerRemotelyForwardedConnection(int maximumSocketsBacklogPerRemotelyForwardedConnection)
void	setMaximumUserConnections(int maximumUserConnections) Set the maximum number of connections a user is allowed at any one time.
void	setMaxSessions(int maxSessions)
void	setMaxumumSessionWindowSpace(int maxumumSessionWindowSpace)
void	setMessagePolicy(MessagePolicy messagePolicy)
void	setMinDHGroupExchangeKeySize(int minDHGroupExchangeKeySize)
void	setMinimumRemotePacketSize(int minimumRemotePacketSize)
void	setMinimumSFTPWindowSapce(int minimumSFTPWindowSapce) Deprecated.
void	setMinimumSFTPWindowSpace(int minimumSFTPWindowSapce)
void	setNonStandardAlgorithmsEnabled(boolean nonStandardAlgorithmsEnabled)
void	setPreferredCipherCC(String[] order) Set the preferred CS cipher order
void	setPreferredCipherCS(int[] order) Set the preferred SC cipher order
void	setPreferredCipherCS(String name) Set the preferred cipher for the Client->Server stream.
void	setPreferredCipherSC(int[] order) Set the preferred SC cipher order
void	setPreferredCipherSC(String name) Set the preferred cipher for the Server->Client stream.
void	setPreferredCipherSC(String[] order) Set the preferred SC cipher order
void	setPreferredCompressionCS(String name) Set the preferred compression for the Client->Server stream.
void	setPreferredCompressionSC(String name) Set the preferred compression for the Server->Client stream.
void	setPreferredKeyExchange(String name) Set the preferred key exchange method.
void	setPreferredKeyExchange(String[] order)
void	setPreferredMacCS(int[] order) Set the preferred CS Mac order
void	setPreferredMacCS(String name) Set the preferred MAC for the Client->Server stream.
void	setPreferredMacCS(String[] order)
void	setPreferredMacSC(int[] order) Set the preferred SC Mac order
void	setPreferredMacSC(String name) Set the preferred mac for the Server->Client stream.
void	setPreferredMacSC(String[] order)
void	setPreferredPublicKey(String name) Set the preferred public key algorithm.
void	setPreventDirectoryDuplicateReadsPerChannel(boolean preventDirectorySuplicateReadsPerChannel)
void	setPublicKeyAuthenticationVerifier(PublicKeyAuthenticationVerifier verifier)
void	setPublicKeyPreferredPosition(String name, int position)
void	setPublicKeyStore(PublicKeyStore publicKeyStore) For publickey authentication you can optionally provide an alternative key store implementation.
void	setPublicKeyVerificationIsFailedAuth(boolean publicKeyVerificationIsFailedAuth)
void	setRemoteForwardingCancelKillsTunnels(boolean killTunnelsOnRemoteForwardingCancel) When the user cancels a remote forwarding should active tunnels be dropped?
void	setRemoteForwardingFactoryImpl(Class<? extends RemoteForwardingFactory> remoteForwardingChannelFactory)
void	setRemoteForwardingManagerImpl(Class<? extends RemoteForwardingManager> remoteForwardingManagerImpl)
void	setRequiredAuthenticationMethods(int authmethods)
void	setRequiredAuthenticationStrategy(RequiredAuthenticationStrategy requiredAuthenticationStrategy)
void	setSCPReadWriteEvents(boolean scpReadWriteEvents)
void	setSessionTimeout(int sessionTimeoutSeconds) Sets the session timeout in seconds
void	setSFTPCharsetEncoding(String sftpCharsetEncoding) Set the default encoding for filenames in SFTP sessions.
void	setSFTPCloseFileBeforeFailedTransferEvents(boolean closeFileBeforeFailedTransferEvents)
void	setSFTPLongnameDateFormat(String sftpLongnameDateFormat)
void	setSFTPLongnameDateFormatWithTime(String sftpLongnameDateFormatWithTime)
void	setSFTPReadWriteEvents(boolean sftpReadWriteEvents)
void	setSHA1SignaturesSupported(boolean supportSHA1Signatures)
void	setShellCommand(Class<? extends ExecutableCommand> shellCommand) Set an ExecutableCommand implementation that provides the default shell.
void	setShellPolicy(ShellPolicy shellPolicy)
void	setShellPolixy(ShellPolicy shellPolicy) Deprecated.
void	setSoftwareVersionComments(String softwareVersionComments) Set the current implementations software/version/comments field that is used during the SSH protocols negotiation procedure.
void	setSupportedSFTPVersion(int sftpVersion)
void	setTooManyConnectionsText(String tooManyConnectionsText)
void	setUsernamePolicy(UsernamePolicy usernamePolicy)
void	setWelcomeText(String welcomeText)
void	setWriteSCPBaseDir(boolean writeSCPBaseDir)
void	shutdown()
ComponentFactory<SshCipher>	supportedCiphersCS() Returns a factory implementation that enables configuration of the available ciphers.
ComponentFactory<SshCipher>	supportedCiphersSC()
ComponentFactory<SshCompression>	supportedCompressionsCS() Get the supported compression algorithms.
ComponentFactory<SshCompression>	supportedCompressionsSC()
ComponentFactory<SshKeyExchange>	supportedKeyExchanges() Get the supported key exchange methods.
ComponentFactory<SshHmac>	supportedMacsCS() Get the supported message authentication algorithms.
ComponentFactory<SshHmac>	supportedMacsSC()
ComponentFactory<SshPublicKey>	supportedPublicKeys()
ComponentFactory<Subsystem>	supportedSubsystems() Deprecated. No longer used. Subsystems are created by ChannelFactory

Methods inherited from class com.maverick.nio.ProtocolContext

createConnection, createConnectionImpl, getReceiveBufferSize, getSendBufferSize, getSocketConnectionFactory, getSocketOptionKeepAlive, getSocketOptionReuseAddress, getSocketOptionTcpNoDelay, getSoLinger, getSoLingerTimeout, hasSetSoLinger, setReceiveBufferSize, setSendBufferSize, setSocketConnectionFactory, setSocketHandlerImpl, setSocketOptionKeepAlive, setSocketOptionReuseAddress, setSocketOptionTcpNoDelay, setSoLinger

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CIPHER_TRIPLEDES_CBC

public static final String CIPHER_TRIPLEDES_CBC

See Also:

Constant Field Values

CIPHER_TRIPLEDES_CTR

public static final String CIPHER_TRIPLEDES_CTR

See Also:

Constant Field Values

CIPHER_BLOWFISH_CBC

public static final String CIPHER_BLOWFISH_CBC

See Also:

Constant Field Values

CIPHER_AES128_CBC

public static final String CIPHER_AES128_CBC

See Also:

Constant Field Values

CIPHER_AES192_CBC

public static final String CIPHER_AES192_CBC

See Also:

Constant Field Values

CIPHER_AES256_CBC

public static final String CIPHER_AES256_CBC

See Also:

Constant Field Values

CIPHER_AES128_CTR

public static final String CIPHER_AES128_CTR

See Also:

Constant Field Values

CIPHER_AES192_CTR

public static final String CIPHER_AES192_CTR

See Also:

Constant Field Values

CIPHER_AES256_CTR

public static final String CIPHER_AES256_CTR

See Also:

Constant Field Values

CIPHER_ARCFOUR

public static final String CIPHER_ARCFOUR

See Also:

Constant Field Values

CIPHER_ARCFOUR_128

public static final String CIPHER_ARCFOUR_128

See Also:

Constant Field Values

CIPHER_ARCFOUR_256

public static final String CIPHER_ARCFOUR_256

See Also:

Constant Field Values

CIPHER_AES_GCM_128

public static final String CIPHER_AES_GCM_128

See Also:

Constant Field Values

CIPHER_AES_GCM_256

public static final String CIPHER_AES_GCM_256

See Also:

Constant Field Values

HMAC_SHA1

public static final String HMAC_SHA1

SHA1 message authentication

See Also:

Constant Field Values

HMAC_SHA1_ETM

public static final String HMAC_SHA1_ETM

See Also:

Constant Field Values

HMAC_SHA1_96

public static final String HMAC_SHA1_96

SHA1 96 bit message authentication

See Also:

Constant Field Values

HMAC_MD5

public static final String HMAC_MD5

MD5 message authentication

See Also:

Constant Field Values

HMAC_MD5_ETM

public static final String HMAC_MD5_ETM

See Also:

Constant Field Values

HMAC_MD5_96

public static final String HMAC_MD5_96

MD5 96 bit message authentication

See Also:

Constant Field Values

HMAC_SHA256

public static final String HMAC_SHA256

See Also:

Constant Field Values

HMAC_SHA256_ETM

public static final String HMAC_SHA256_ETM

See Also:

Constant Field Values

HMAC_SHA256_96

public static final String HMAC_SHA256_96

See Also:

Constant Field Values

HMAC_SHA512

public static final String HMAC_SHA512

See Also:

Constant Field Values

HMAC_SHA512_ETM

public static final String HMAC_SHA512_ETM

See Also:

Constant Field Values

HMAC_SHA512_96

public static final String HMAC_SHA512_96

See Also:

Constant Field Values

HMAC_RIPEMD160

public static final String HMAC_RIPEMD160

See Also:

Constant Field Values

HMAC_RIPEMD160_ETM

public static final String HMAC_RIPEMD160_ETM

See Also:

Constant Field Values

COMPRESSION_NONE

public static final String COMPRESSION_NONE

Compression off

See Also:

Constant Field Values

COMPRESSION_ZLIB

public static final String COMPRESSION_ZLIB

ZLIB compression

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP1_SHA1

public static final String KEX_DIFFIE_HELLMAN_GROUP1_SHA1

Constant for the algorithm name "diffie-hellman-group1-sha1".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1

public static final String KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1

Constant for the algorithm name "diffie-hellman-group-exchange-sha1".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256

public static final String KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP14_SHA256

public static final String KEX_DIFFIE_HELLMAN_GROUP14_SHA256

Constant for the algorithm name "diffie-hellman-group14-sha256".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP14_SHA1

public static final String KEX_DIFFIE_HELLMAN_GROUP14_SHA1

Constant for the algorithm name "diffie-hellman-group14-sha1".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP15_SHA512

public static final String KEX_DIFFIE_HELLMAN_GROUP15_SHA512

Constant for the algorithm name "diffie-hellman-group15-sha512".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP16_SHA512

public static final String KEX_DIFFIE_HELLMAN_GROUP16_SHA512

Constant for the algorithm name "diffie-hellman-group16-sha512".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP17_SHA512

public static final String KEX_DIFFIE_HELLMAN_GROUP17_SHA512

Constant for the algorithm name "diffie-hellman-group17-sha512".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP18_SHA512

public static final String KEX_DIFFIE_HELLMAN_GROUP18_SHA512

Constant for the algorithm name "diffie-hellman-group18-sha512".

See Also:

Constant Field Values

KEX_ECDH_NISPT_256

public static final String KEX_ECDH_NISPT_256

See Also:

Constant Field Values

KEX_ECDH_NISPT_384

public static final String KEX_ECDH_NISPT_384

See Also:

Constant Field Values

KEX_ECDH_NISPT_521

public static final String KEX_ECDH_NISPT_521

See Also:

Constant Field Values

KEX_CURVE_25519_SHA256_LIBSSH_ORG

public static final String KEX_CURVE_25519_SHA256_LIBSSH_ORG

See Also:

Constant Field Values

KEX_CURVE_25519_SHA256

public static final String KEX_CURVE_25519_SHA256

See Also:

Constant Field Values

KEX_RSA_2048_SHA256

public static final String KEX_RSA_2048_SHA256

See Also:

Constant Field Values

KEX_RSA_1024_SHA1

public static final String KEX_RSA_1024_SHA1

See Also:

Constant Field Values

PUBLIC_KEY_SSHDSS

public static final String PUBLIC_KEY_SSHDSS

SSH2 DSA Public Key

See Also:

Constant Field Values

PUBLIC_KEY_SSHRSA

public static final String PUBLIC_KEY_SSHRSA

SSH2 RSA Public Key

See Also:

Constant Field Values

PUBLIC_KEY_ECDSA256

public static final String PUBLIC_KEY_ECDSA256

See Also:

Constant Field Values

PUBLIC_KEY_ECDSA384

public static final String PUBLIC_KEY_ECDSA384

See Also:

Constant Field Values

PUBLIC_KEY_ECDSA521

public static final String PUBLIC_KEY_ECDSA521

See Also:

Constant Field Values

PUBLIC_KEY_ED448

public static final String PUBLIC_KEY_ED448

See Also:

Constant Field Values

PUBLIC_KEY_ED25519

public static final String PUBLIC_KEY_ED25519

See Also:

Constant Field Values

PUBLIC_KEY_RSA_SHA256

public static final String PUBLIC_KEY_RSA_SHA256

See Also:

Constant Field Values

PUBLIC_KEY_RSA_SHA512

public static final String PUBLIC_KEY_RSA_SHA512

See Also:

Constant Field Values

PASSWORD_AUTHENTICATION

public static final String PASSWORD_AUTHENTICATION

Identifier for password authentication

See Also:

Constant Field Values

PUBLICKEY_AUTHENTICATION

public static final String PUBLICKEY_AUTHENTICATION

Identifier for public key authentication

See Also:

Constant Field Values

KEYBOARD_INTERACTIVE_AUTHENTICATION

public static final String KEYBOARD_INTERACTIVE_AUTHENTICATION

See Also:

Constant Field Values

ANY

public static final int ANY

See Also:

Constant Field Values

PUBLIC_KEY

public static final int PUBLIC_KEY

See Also:

Constant Field Values

PASSWORD

public static final int PASSWORD

See Also:

Constant Field Values

PUBLIC_KEYandPASSWORD

public static final int PUBLIC_KEYandPASSWORD

See Also:

Constant Field Values

KEYBOARD_INTERACTIVE

public static final int KEYBOARD_INTERACTIVE

See Also:

Constant Field Values

Constructor Detail

SshContext

public SshContext()
           throws IOException

Constructs a default context but does not set the daemon

Throws:

IOException

SshContext

public SshContext(Daemon daemon,
                  SecurityLevel securityLevel)
           throws IOException

Throws:

IOException

SshContext

public SshContext(Daemon daemon)
           throws IOException

Constructs a default context

Throws:

IOException

Method Detail

init

public void init(Daemon daemon)

Initialise the SshContext by setting the daemon

createEngine

public ProtocolEngine createEngine()
                            throws IOException

Description copied from class: ProtocolContext

Create a protocol engine.

Specified by:

createEngine in class ProtocolContext

Returns:

ProtocolEngine

Throws:

IOException

loadOrGenerateHostKey

public void loadOrGenerateHostKey(File key,
                                  String type,
                                  int bitlength)
                           throws IOException,
                                  InvalidPassphraseException,
                                  SshException

Load a host key from file, if the file does not exist then generate the key.

Parameters:

key - the key file

type - the type of key; acceptable values are SshKeyPairGenerator.SSH2_RSA or SshKeyPairGenerator.SSH2_DSA

bitlength - the bit length of the key

Throws:

IOException

SshException

InvalidPassphraseException

loadOrGenerateHostKey

public void loadOrGenerateHostKey(File key,
                                  String type,
                                  int bitlength,
                                  String passPhrase)
                           throws IOException,
                                  InvalidPassphraseException,
                                  SshException

Throws:

IOException

InvalidPassphraseException

SshException

loadHostKey

public void loadHostKey(InputStream in,
                        String type,
                        int bitlength)
                 throws IOException,
                        InvalidPassphraseException,
                        SshException

Throws:

IOException

InvalidPassphraseException

SshException

loadHostKey

public void loadHostKey(InputStream in,
                        String type,
                        int bitlength,
                        String passPhrase)
                 throws IOException,
                        InvalidPassphraseException,
                        SshException

Throws:

IOException

InvalidPassphraseException

SshException

loadOrGenerateHostKey

public void loadOrGenerateHostKey(File key,
                                  String type,
                                  int bitlength,
                                  int privateKeyFormat,
                                  int publicKeyFormat,
                                  String passPhrase)
                           throws IOException,
                                  InvalidPassphraseException,
                                  SshException

Load a host key from file, if the file does not exist then generate the key.

Parameters:

key - the key file

type - the type of key; acceptable values are SshKeyPairGenerator.SSH2_RSA or SshKeyPairGenerator.SSH2_DSA

bitlength - the bit length of the key

privateKeyFormat - the format of the private key, SshPrivateKeyFileFactory

publicKeyFormat - the format of the public key, {see com.sshtools.publickey.SshPublicKeyFileFactory}

passPhrase - the passPhrase of an existing host key

Throws:

IOException

SshException

InvalidPassphraseException

loadHostKey

public void loadHostKey(InputStream in,
                        String type,
                        int bitlength,
                        int privateKeyFormat,
                        int publicKeyFormat,
                        String passPhrase)
                 throws IOException,
                        InvalidPassphraseException,
                        SshException

Throws:

IOException

InvalidPassphraseException

SshException

loadKey

public SshKeyPair loadKey(File key,
                          String passphrase)
                   throws IOException,
                          InvalidPassphraseException

Throws:

IOException

InvalidPassphraseException

loadKey

public SshKeyPair loadKey(InputStream in,
                          String passphrase)
                   throws IOException,
                          InvalidPassphraseException

Throws:

IOException

InvalidPassphraseException

GenerateKeyFiles

@Deprecated
public static SshKeyPair GenerateKeyFiles(File keyFilename,
                                                      String type,
                                                      int bitlength,
                                                      int privateKeyFormat,
                                                      int publicKeyFormat)
                                               throws IOException,
                                                      SshException

Deprecated. use generateKeyFiles instead.

Generate a public and private key pair, save them to keyFilename and keyFilename.pub, return the key pair

Parameters:

keyFilename -

type -

bitlength -

privateKeyFormat -

publicKeyFormat -

Returns:

SshKeyPair generated.

Throws:

IOException

SshException

generateKeyFiles

public static SshKeyPair generateKeyFiles(File keyFilename,
                                          String type,
                                          int bitlength,
                                          int privateKeyFormat,
                                          int publicKeyFormat,
                                          String passphrase)
                                   throws IOException,
                                          SshException

Generate a public and private key pair, save them to keyFilename and keyFilename.pub, return the key pair

Parameters:

keyFilename -

type -

bitlength -

privateKeyFormat -

publicKeyFormat -

Returns:

SshKeyPair generated.

Throws:

IOException

SshException

loadKeystore

public void loadKeystore(File keystoreFile,
                         String alias,
                         String storePassphrase,
                         String keyPassphrase)
                  throws IOException

Load a keystore for use as an SSH host key. This will create a public key using the X509V3_SIGN_RSA and X509V3_SIGN_RSA_SHA1 host key types. DSA keys are currently not supported.

Parameters:

keystoreFile - path to the keystore file

alias - the alias of the key in the keystore

storePassphrase - the passphrase of the keystore

keyPassphrase - the passphrase of the key

Throws:

IOException

loadKeystore

public void loadKeystore(InputStream in,
                         String alias,
                         String storePassphrase,
                         String keyPassphrase)
                  throws IOException

Throws:

IOException

loadKeystore

public void loadKeystore(File keystoreFile,
                         String alias,
                         String storePassphrase,
                         String keyPassphrase,
                         String storeType)
                  throws IOException

Throws:

IOException

loadKeystore

public void loadKeystore(InputStream in,
                         String alias,
                         String storePassphrase,
                         String keyPassphrase,
                         String storeType)
                  throws IOException

Throws:

IOException

addGlobalRequestHandler

public void addGlobalRequestHandler(GlobalRequestHandler handler)

getGlobalRequestHandler

public GlobalRequestHandler getGlobalRequestHandler(String requestname)

getRemoteForwardingFactoryImpl

public Class<? extends RemoteForwardingFactory> getRemoteForwardingFactoryImpl()

getRemoteForwardingManagerImpl

public Class<? extends RemoteForwardingManager> getRemoteForwardingManagerImpl()

setRemoteForwardingFactoryImpl

public void setRemoteForwardingFactoryImpl(Class<? extends RemoteForwardingFactory> remoteForwardingChannelFactory)
                                    throws IOException

Throws:

IOException

setRemoteForwardingManagerImpl

public void setRemoteForwardingManagerImpl(Class<? extends RemoteForwardingManager> remoteForwardingManagerImpl)
                                    throws IOException

Throws:

IOException

setPublicKeyStore

public void setPublicKeyStore(PublicKeyStore publicKeyStore)

For publickey authentication you can optionally provide an alternative key store implementation. This allows you to change the default behaviour of reading keys from the users .ssh/authorized_keys file.

Parameters:

publicKeyStore - PublicKeyStore

getRequiredAuthentications

public String[] getRequiredAuthentications()

Lists the required authentication methods.

Returns:

String[]

addRequiredAuthentication

public void addRequiredAuthentication(String method)

Set an authentication method as required. You can have multiple required authentications but by default none are required, although at least one authentication MUST be performed. For example to require both password and publickey authentication use the following statements in the SshDaemon#configure(ConfigurationContext) method.

 context.addRequiredAuthentication(ConfigurationContext.PUBLICKEY_AUTHENTICATION);
 context.addRequiredAuthentication(ConfigurationContext.PASSWORD_AUTHENTICATION);
 

Parameters:

method - String

getBannerMessage

public String getBannerMessage()

Get the authentication banner to display to connecting clients.

Returns:

String

getServer

public Daemon getServer()

Get the instance of the SSHD for this context.

Returns:

Daemon

getSFTPCharsetEncoding

public String getSFTPCharsetEncoding()

Get the current encoding value for filenames in SFTP sessions.

Returns:

String

setSFTPCharsetEncoding

public void setSFTPCharsetEncoding(String sftpCharsetEncoding)

Set the default encoding for filenames in SFTP sessions. The default encoding for the currently supported SFTP protocol is ISO-8859-1.

Parameters:

sftpCharsetEncoding - String

getSessionTimeout

public int getSessionTimeout()

Returns the session timeout in seconds

Returns:

int

setSessionTimeout

public void setSessionTimeout(int sessionTimeoutSeconds)

Sets the session timeout in seconds

Parameters:

sessionTimeoutSeconds - int

setChannelLimit

public void setChannelLimit(int maxChannels)

Set the maximum number of open channels allowed by each client (defaults to 100).

Parameters:

maxChannels -

getChannelLimit

public int getChannelLimit()

Get the maximum number of open channels allowed by each client.

Returns:

int

getMaxAuthentications

public int getMaxAuthentications()

Get the maximum number of failed authentications allowed for each connection.

Returns:

int

setMaxAuthentications

public void setMaxAuthentications(int maxAuthentications)

Set the maximum number of failed authentications allowed for each connection.

Parameters:

maxAuthentications -

setMaximumConnections

public void setMaximumConnections(int maximumConnections)

Set the maximum number of connections allowed at any one time.

Parameters:

maximumConnections - int

getMaximumConnections

public int getMaximumConnections()

Get the maximum number of connections allowed at any one time.

Returns:

int

setMaximumUserConnections

public void setMaximumUserConnections(int maximumUserConnections)

Set the maximum number of connections a user is allowed at any one time.

Parameters:

maximumConnections - int

getMaximumUserConnections

public int getMaximumUserConnections()

Get the maximum number of connections a user is allowed at any one time.

Returns:

int

supportedCiphersCS

public ComponentFactory<SshCipher> supportedCiphersCS()

Returns a factory implementation that enables configuration of the available ciphers.

The standard default ciphers installed are 3DES and Blowfish, however the J2SSH Maverick API on which this server is based also supports a number of optional ciphers AES, CAST and Twofish. These can be installed by adding the sshtools-cipher.jar to your class path and using the following code within your SSHD SshDaemon#configure(ConfigurationContext) method.

 // import the cipher package
 import com.sshtools.cipher.*;

 // Add AES
 context.supportedCiphers().add(AES128Cbc.AES128_CBC, AES128Cbc.class);
 context.supportedCiphers().add(AES192Cbc.AES192_CBC, AES192Cbc.class);
 context.supportedCiphers().add(AES256Cbc.AES256_CBC, AES256Cbc.class);

 // Add Twofish - note the 256 bit cipher has two different entries to maintain backwards compatibility
 context.supportedCiphers().add(Twofish128Cbc.TWOFISH128_CBC, Twofish128Cbc.class);
 context.supportedCiphers().add(Twofish192Cbc.TWOFISH192_CBC, Twofish192Cbc.class);
 context.supportedCiphers().add(Twofish256Cbc.TWOFISH256_CBC, Twofish256Cbc.class);
 context.supportedCiphers().add(Twofish256Cbc.TWOFISH_CBC, Twofish256Cbc.class);

 // Add CAST
  context.supportedCiphers().add(CAST128Cbc.CAST128_CBC, CAST128Cbc.class);
 

Returns:

the component factory

supportedCiphersSC

public ComponentFactory<SshCipher> supportedCiphersSC()

getPreferredCipherCS

public String getPreferredCipherCS()

Get the currently preferred cipher for the Client->Server stream.

Returns:

the preferred Client-Server cipher

setPreferredCipherCS

public void setPreferredCipherCS(String name)
                          throws IOException,
                                 SshException

Set the preferred cipher for the Client->Server stream.

Use the static fields available within this class (or the com.sshtools.cipher classes) to identify the correct cipher.

context.setPreferredCipherCS(ConfigurationContext.CIPHER_BLOWFISH_CBC);

The default cipher is 3DES

Parameters:

name -

Throws:

IOException - if the cipher is not supported

SshException

setBannerMessage

public void setBannerMessage(String authenticationBanner)

Set the banner message that is displayed to all connecing clients prior to authentication. If this method is used then com.maverick.sshd.NoneAuthentication.getBannerForUser(String) should not be overridden.

Parameters:

authenticationBanner -

getPreferredCipherSC

public String getPreferredCipherSC()

Get the currently preferred cipher for the Server->Client stream.

Returns:

the preferred Server-Client cipher

getSoftwareVersionComments

public String getSoftwareVersionComments()

Get the software/version/comments field that is to be used in the SSH protocols negotiation procedure.

Returns:

String

setSoftwareVersionComments

public void setSoftwareVersionComments(String softwareVersionComments)

Set the current implementations software/version/comments field that is used during the SSH protocols negotiation procedure. This value MUST consist of printable US-ASCII characters with the exception of whitespace and the minus sign (-) and be no longer than 200 characters.

Parameters:

softwareVersionComments -

setPreferredCipherSC

public void setPreferredCipherSC(String name)
                          throws IOException,
                                 SshException

Set the preferred cipher for the Server->Client stream.

Use the static fields available within this class (or the com.sshtools.cipher classes) to identify the correct cipher.

context.setPreferredCipherSC(ConfigurationContext.CIPHER_BLOWFISH_CBC);

The default cipher is 3DES

Parameters:

name -

Throws:

IOException

SshException

supportedMacsCS

public ComponentFactory<SshHmac> supportedMacsCS()

Get the supported message authentication algorithms.

There are no optional MAC algorithms currently available and this method is supplied in preperation for future enhancements.

Returns:

the component factory

supportedMacsSC

public ComponentFactory<SshHmac> supportedMacsSC()

getPreferredMacCS

public String getPreferredMacCS()

Get the currently preferred mac for the Client->Server stream.

Returns:

the preferred Client-Server mac

setPreferredMacCS

public void setPreferredMacCS(String name)
                       throws IOException,
                              SshException

Set the preferred MAC for the Client->Server stream.

Use the static fields available within this class to identify the correct MAC.

context.setPreferredMacCS(ConfigurationContext.HMAC_MD5);

The default MAC is HMAC_SHA1

Parameters:

name -

Throws:

IOException

SshException

getPreferredMacSC

public String getPreferredMacSC()

Get the currently supported mac for the Server-Client stream.

Returns:

the preferred Server-Client mac

setRemoteForwardingCancelKillsTunnels

public void setRemoteForwardingCancelKillsTunnels(boolean killTunnelsOnRemoteForwardingCancel)

When the user cancels a remote forwarding should active tunnels be dropped?

Parameters:

killTunnelsOnRemoteForwardingCancel - boolean

getRemoteForwardingCancelKillsTunnels

public boolean getRemoteForwardingCancelKillsTunnels()

Determines whether the cancellation of a remote forwarding drops currently active tunnels

Returns:

boolean

getMaximumPublicKeyVerificationAttempts

public int getMaximumPublicKeyVerificationAttempts()

Get the number of public keys that each user can attempt to verify for public key authentication. If the user exceeds this limit the connection is terminated.

Returns:

int

setMaximumPublicKeyVerificationAttempts

public void setMaximumPublicKeyVerificationAttempts(int maximumPublicKeyVerificationAttempts)

Set the number of public keys that a user can verify for public key authentication. If the user exceeds this limit the connection is terminated.

Parameters:

maximumPublicKeyVerificationAttempts - int

setPreferredMacSC

public void setPreferredMacSC(String name)
                       throws IOException,
                              SshException

Set the preferred mac for the Server->Client stream.

Use the static fields available within this class to identify the correct MAC.

context.setPreferredMacCS(ConfigurationContext.HMAC_MD5);

The default MAC is HMAC_SHA1

Parameters:

name -

Throws:

IOException

SshException

supportedCompressionsCS

public ComponentFactory<SshCompression> supportedCompressionsCS()

Get the supported compression algorithms.

There are no optional compression algorithms currently available and this method is supplied in preperation for future enhancements.

Returns:

the component factory

supportedCompressionsSC

public ComponentFactory<SshCompression> supportedCompressionsSC()

getPreferredCompressionCS

public String getPreferredCompressionCS()

Get the currently preferred compression for the Client->Server stream.

Returns:

the preferred Client-Server compression

setPreferredCompressionCS

public void setPreferredCompressionCS(String name)
                               throws IOException

Set the preferred compression for the Client->Server stream.

It is recommended that you do not set the preferred compression so that the client has control over the compression selection.

Parameters:

name -

Throws:

IOException

getPreferredCompressionSC

public String getPreferredCompressionSC()

Get the currently preferred compression for the Server->Client stream.

Returns:

the preferred Server->Client compression

setPreferredCompressionSC

public void setPreferredCompressionSC(String name)
                               throws IOException

Set the preferred compression for the Server->Client stream.

It is recommended that you do not set the preferred compression so that the client has control over the compression selection.

Parameters:

name -

Throws:

IOException

supportedKeyExchanges

public ComponentFactory<SshKeyExchange> supportedKeyExchanges()

Get the supported key exchange methods.

There are no optional key exchange algorithms currently available and this method is supplied in preperation for future enhancements.

Returns:

the component factory

getPreferredKeyExchange

public String getPreferredKeyExchange()

Get the currently preferred key exchange method.

Returns:

the preferred key exhcange

setPreferredKeyExchange

public void setPreferredKeyExchange(String name)
                             throws IOException,
                                    SshException

Set the preferred key exchange method.

There is only one supported key exchange algorithm and as such this method is supplied in preperation for future enhancements.

Parameters:

name -

Throws:

IOException

SshException

getPreferredPublicKey

public String getPreferredPublicKey()

Get the currently preferred public key algorithm.

Returns:

the preferred public key

getSupportedPublicKeys

public String getSupportedPublicKeys()

Returns a comma delimited string containing installed public key types.

Returns:

String

setPreferredPublicKey

public void setPreferredPublicKey(String name)
                           throws IOException,
                                  SshException

Set the preferred public key algorithm.

This value must be one of the installed public key algorithm names. You will be able to obtain these from the public keys that you installed using ?????? and an example of how to do this is provided in the ConfigurationContext#addHostKey(SshKeyPair) method description.

Parameters:

name -

Throws:

IOException

SshException

getHostKeys

public SshKeyPair[] getHostKeys()

Get all the hosts keys.

Returns:

SshPublicKey[]

getHostKey

public SshKeyPair getHostKey(String algorithm)
                      throws IOException

Get the SSHD host key for a given algorithm.

Parameters:

algorithm -

Returns:

SshKeyPair

Throws:

IOException

addHostKey

public void addHostKey(SshKeyPair keyPair)
                throws IOException

Add a host key to the configuration.

A host key provides a mechanism for a client to authenticate the server. If the client knows the public key of the server it can validate the signature that the server generated using its private key with the known public key of the server. In order for your server to operate you need to generate and install at least one host key.

It is now recommended to use the SshDaemon#loadOrGenerateHostKey(File, String, int, ConfigurationContext) method for generating and loading a host key.

Parameters:

keyPair -

Throws:

IOException

addCommand

public void addCommand(String name,
                       Class<? extends ExecutableCommand> cls)

Add an com.maverick.sshd.ExecutableCommand to the configuration. If a request to execute a command with the name name is received an instance of the class is created to handle the command execution.

Parameters:

name - String

cls - Class

containsCommand

public boolean containsCommand(String name)

Determine whether a command is configured.

Parameters:

name - String

Returns:

boolean

getCommand

public Class<? extends ExecutableCommand> getCommand(String name)

Get the Class implementation for a given command.

Parameters:

name - String

Returns:

Class

getShellCommand

public Class<? extends ExecutableCommand> getShellCommand()

Get an ExecutableCommand implementation that provides the default shell.

Returns:

Class

setShellCommand

public void setShellCommand(Class<? extends ExecutableCommand> shellCommand)

Set an ExecutableCommand implementation that provides the default shell.

Parameters:

shellCommand -

hasPublicKey

public boolean hasPublicKey(String algorithm)

Determine if the server has a host key configured.

Parameters:

algorithm -

Returns:

boolean

setFileSystemProvider

public void setFileSystemProvider(FileSystemFactory fileSystemFactory)

Set the FileSystem for this SSHD instance.

This uses a class object rather so that the server can manage the creation of instances of this class.

Parameters:

filesystemProvider -

getFileSystemProvider

public FileSystemFactory getFileSystemProvider()

Get the FileSystem for this SSHD instance.

Returns:

Class

getDefaultTerminal

public String getDefaultTerminal()

Get the default terminal to execute when the user requests to start a shell.

This setting is not used explicitly by the server but is available from the context so that a session implementation can obtain it through the protected ConnectionProtocol instance.

Returns:

String

setDefaultTerminal

public void setDefaultTerminal(String defaultTerminal)

Set the default terminal to execute when the user requests to start a shell.

This setting is not used explicitly by the server but is available from the context so that a session implementation can obtain it through the protected ConnectionProtocol instance.

Parameters:

defaultTerminal -

supportedSubsystems

public ComponentFactory<Subsystem> supportedSubsystems()

Deprecated. No longer used. Subsystems are created by ChannelFactory

Get the supported Subsystem's for this SSHD instance.

If you have implemented a custom subsystem you can use the factory object returned by this method to install the new subsystem.

 context.supportedSubsystems().add("mysubsystem", MySubsystem.class);
 

Returns:

AbstractComponentFactory

setCompressionLevel

public void setCompressionLevel(int compressionLevel)

Set the compression level to use if compression is enabled

Parameters:

compressionLevel - int

getCompressionLevel

public int getCompressionLevel()

Get the current compression level

Returns:

int

setAllowDeniedKEX

public void setAllowDeniedKEX(boolean allowKeyExchangeForDeniedConnection)

setRequiredAuthenticationMethods

public void setRequiredAuthenticationMethods(int authmethods)

getAllowDeniedKEX

public boolean getAllowDeniedKEX()

getMaximumSocketsBacklogPerRemotelyForwardedConnection

public int getMaximumSocketsBacklogPerRemotelyForwardedConnection()

setMaximumSocketsBacklogPerRemotelyForwardedConnection

public void setMaximumSocketsBacklogPerRemotelyForwardedConnection(int maximumSocketsBacklogPerRemotelyForwardedConnection)

getTooManyConnectionsText

public String getTooManyConnectionsText()

setTooManyConnectionsText

public void setTooManyConnectionsText(String tooManyConnectionsText)

getCiphersSC

public String getCiphersSC()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getCiphersCS

public String getCiphersCS()

getMacsCS

public String getMacsCS()

Get the ciphers for the Client->Server stream.

Returns:

the Client-Server ciphers in order of preference

getMacsSC

public String getMacsSC()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getPublicKeys

public String getPublicKeys()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getKeyExchanges

public String getKeyExchanges()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

setPreferredCipherSC

public void setPreferredCipherSC(int[] order)
                          throws SshException

Set the preferred SC cipher order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setPreferredCipherSC

public void setPreferredCipherSC(String[] order)
                          throws SshException

Set the preferred SC cipher order

Parameters:

order -

Throws:

SshException

setPreferredCipherCS

public void setPreferredCipherCS(int[] order)
                          throws SshException

Set the preferred SC cipher order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setPreferredCipherCC

public void setPreferredCipherCC(String[] order)
                          throws SshException

Set the preferred CS cipher order

Parameters:

order -

Throws:

SshException

setPreferredMacSC

public void setPreferredMacSC(int[] order)
                       throws SshException

Set the preferred SC Mac order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setPreferredMacSC

public void setPreferredMacSC(String[] order)
                       throws SshException

Parameters:

order -

Throws:

SshException

setPreferredKeyExchange

public void setPreferredKeyExchange(String[] order)
                             throws SshException

Parameters:

order -

Throws:

SshException

setPreferredMacCS

public void setPreferredMacCS(int[] order)
                       throws SshException

Set the preferred CS Mac order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setPreferredMacCS

public void setPreferredMacCS(String[] order)
                       throws SshException

Throws:

SshException

setCipherPreferredPositionCS

public void setCipherPreferredPositionCS(String name,
                                         int position)
                                  throws SshException

Throws:

SshException

setCipherPreferredPositionSC

public void setCipherPreferredPositionSC(String name,
                                         int position)
                                  throws SshException

Throws:

SshException

setMacPreferredPositionSC

public void setMacPreferredPositionSC(String name,
                                      int position)
                               throws SshException

Throws:

SshException

setMacPreferredPositionCS

public void setMacPreferredPositionCS(String name,
                                      int position)
                               throws SshException

Throws:

SshException

setPublicKeyPreferredPosition

public void setPublicKeyPreferredPosition(String name,
                                          int position)
                                   throws SshException

Throws:

SshException

setKeyExchangePreferredPosition

public void setKeyExchangePreferredPosition(String name,
                                            int position)
                                     throws SshException

Throws:

SshException

setForwardingCallback

public void setForwardingCallback(ForwardingCallback forwardingCallback)

Set the forwarding callback implementation for this server context.

Parameters:

forwardingCallback - NNForwardingCallback

getForwardingCallback

public ForwardingCallback getForwardingCallback()

Get the forwarding callback implementation for this server context.

Returns:

ForwardingCallback

setMaximumPacketLength

public void setMaximumPacketLength(int maximumPacketLength)

Set the maximum supported length of an SSH packet.

Parameters:

maximumPacketLength - int

getMaximumPacketLength

public int getMaximumPacketLength()

Get the maximum supported length of an SSH packet.

Returns:

int

setKeyExchangeTransferLimit

public void setKeyExchangeTransferLimit(int MAX_NUM_BYTES_BEFORE_REKEY)

This limit tells the server when to force a key exchange.

Parameters:

MAX_NUM_BYTES_BEFORE_REKEY - int

setKeyExchangePacketLimit

public void setKeyExchangePacketLimit(int MAX_NUM_PACKETS_BEFORE_REKEY)

This tells the server how many packets to use before a key exchange.

Parameters:

MAX_NUM_PACKETS_BEFORE_REKEY - int

getKeyExchangeTransferLimit

public int getKeyExchangeTransferLimit()

Get the number of bytes to transfer before a key exchange is forced.

Returns:

int

getKeyExchangePacketLimit

public int getKeyExchangePacketLimit()

Get the number of packets to send before a key exchange is forced

Returns:

int

getIdleConnectionTimeoutSeconds

public int getIdleConnectionTimeoutSeconds()

Should the connection be disconnected on session timeout?

Returns:

setIdleConnectionTimeoutSeconds

public void setIdleConnectionTimeoutSeconds(int idleConnectionTimeout)

Inform the context that the connection should be disconnected on session timeout

Parameters:

idleConnectionTimeout -

supportedPublicKeys

public ComponentFactory<SshPublicKey> supportedPublicKeys()

getKeepAliveInterval

public int getKeepAliveInterval()

Get the current keep-alive interval (in seconds). The server sends an SSH_MSG_IGNORE every n seconds after no activity on a connection.

Returns:

setKeepAliveInterval

public void setKeepAliveInterval(int keepAliveInterval)

Set the keep-alive interval (in seconds). The server sends an SSH_MSG_IGNORE message every n seconds after no activity on a connection.

Parameters:

keepAliveInterval -

getKeepAliveDataMaxLength

public int getKeepAliveDataMaxLength()

Get the maximum data length for the keep-alive packet.

Returns:

setKeepAliveDataMaxLength

public void setKeepAliveDataMaxLength(int keepAliveDataMaxLength)

Set the maximum data length for the keep-alive packet. Default is 128, the actual number of bytes is random up to this maximum.

Parameters:

keepAliveDataMaxLength -

getKerberosRealm

public String getKerberosRealm()

Get the realm name to use for GSSAPI Kerberos authentication. The realm should be in UPPER case, for example EXAMPLE.COM. This is not used if a custom Configuration has been set using setKerberosConfiguration(Configuration).

Returns:

kerberos realm

setKerberosRealm

public void setKerberosRealm(String kerberosRealm)

Set the realm name to use for GSSAPI Kerberos authentication. The realm should be in UPPER case, for example EXAMPLE.COM.

Parameters:

kerberosRealm - kerberos realm

getKerberosDC

public String getKerberosDC()

Get the Kerberos domain controller address . This may be a hostname or IP address.

Returns:

kerberos domain controller

setKerberosDC

public void setKerberosDC(String kerberosDC)

Set the Kerberos domain controller address . This may be a hostname or IP address.

Parameters:

kerberosDC - kerberos domain controller

getKerberosServicePassword

public char[] getKerberosServicePassword()

Get the Kerberos service account password. By default, this will only be needed if the service does not already have a valid ticket in the keytab.

Returns:

kerberos service password

setKerberosServicePassword

public void setKerberosServicePassword(char[] kerberosServicePassword)

Set the Kerberos service account password. By default, this will only be needed if the service does not already have a valid ticket in the keytab.

Parameters:

kerberosServicePassword - param kerberos service account password

getKerberosServicePrincipal

public String getKerberosServicePrincipal()

Get the Kerberos service account password. By default, this will only be needed if the service does not already have a valid ticket in the keytab. This is not used if a custom Configuration has been set using setKerberosConfiguration(Configuration).

Returns:

setKerberosServicePrincipal

public void setKerberosServicePrincipal(String kerberosServicePrincipal)

Set the Kerberos service account princial. By default, this will only be needed if the service does not already have a valid ticket in the keytab or if there is more than one. This is not used if a custom Configuration has been set using setKerberosConfiguration(Configuration).

Parameters:

kerberosServicePrincipal - kerberos service account principal

getKerberosConfiguration

public Configuration getKerberosConfiguration()

Get the custom Kerberos configuration. By default this will return null.

Returns:

kerberos configuration

setKerberosConfiguration

public void setKerberosConfiguration(Configuration kerberosConfiguration)

Set the custom Kerberos configuration. By default this will return null.

Parameters:

kerberosConfiguration - kerberos configuration

isAllowZeroLengthFileUpload

public boolean isAllowZeroLengthFileUpload()

Returns:

setAllowZeroLengthFileUpload

public void setAllowZeroLengthFileUpload(boolean allowZeroLengthFileUpload)

Parameters:

allowZeroLengthFileUpload -

setLocale

public void setLocale(Locale locale)

getLocale

public Locale getLocale()

enableFIPSMode

@Deprecated
public void enableFIPSMode()
                                throws SshException

Deprecated. This method is out-of-date. Use JCEProvider.initializeDefaultProvider("BCFIPS") passing a FIPS approved JCE provider in approved mode to restrict algorithms to only those supported by the approved FIPS environment.

Throws:

SshException

getExecutorService

public ExecutorService getExecutorService()

Specified by:

getExecutorService in interface ExecutorServiceProvider

Specified by:

getExecutorService in class ProtocolContext

setExecutorService

public void setExecutorService(ExecutorService executor)

Specified by:

setExecutorService in interface ExecutorServiceProvider

setMaxConcurrentTransfers

public void setMaxConcurrentTransfers(int maxConcurrentTransfers)

getMaxConcurrentTransfers

public int getMaxConcurrentTransfers()

setPublicKeyVerificationIsFailedAuth

public void setPublicKeyVerificationIsFailedAuth(boolean publicKeyVerificationIsFailedAuth)

isPublicKeyVerificationFailedAuth

public boolean isPublicKeyVerificationFailedAuth()

enableSFTPVersion4

@Deprecated
public void enableSFTPVersion4()

Deprecated.

setSupportedSFTPVersion

public void setSupportedSFTPVersion(int sftpVersion)

getSFTPVersion

public int getSFTPVersion()

isSFTPVersion4Enabled

@Deprecated
public boolean isSFTPVersion4Enabled()

Deprecated.

shutdown

public void shutdown()

Specified by:

shutdown in class ProtocolContext

getByteBufferPool

public ByteBufferPool getByteBufferPool()

loadSshCertificate

public void loadSshCertificate(File keyFile,
                               String passphrase,
                               File certFile)
                        throws IOException,
                               InvalidPassphraseException

Throws:

IOException

InvalidPassphraseException

loadSshCertificate

public void loadSshCertificate(SshCertificate cert)
                        throws IOException,
                               InvalidPassphraseException

Throws:

IOException

InvalidPassphraseException

getAuthenticationMechanismFactory

public AuthenticationMechanismFactory getAuthenticationMechanismFactory()

setAuthenicationMechanismFactory

public void setAuthenicationMechanismFactory(AuthenticationMechanismFactory authFactory)

getForwardingBufferMaxQueueCount

public int getForwardingBufferMaxQueueCount()

setForwardingBufferMaxQueueCount

public void setForwardingBufferMaxQueueCount(int forwardingBufferMaxQueueCount)

getWelcomeText

public String getWelcomeText()

setWelcomeText

public void setWelcomeText(String welcomeText)

getPublicKeyAuthenticationVerifier

public PublicKeyAuthenticationVerifier getPublicKeyAuthenticationVerifier()

setPublicKeyAuthenticationVerifier

public void setPublicKeyAuthenticationVerifier(PublicKeyAuthenticationVerifier verifier)

getShellPolicy

public ShellPolicy getShellPolicy()

setShellPolixy

@Deprecated
public void setShellPolixy(ShellPolicy shellPolicy)

Deprecated.

setShellPolicy

public void setShellPolicy(ShellPolicy shellPolicy)

getIPPolicy

public IPPolicy getIPPolicy()

setIPPolicy

public void setIPPolicy(IPPolicy ipPolicy)

getForwardingPolicy

public ForwardingPolicy getForwardingPolicy()

setForwardingPolicy

public void setForwardingPolicy(ForwardingPolicy forwardingPolicy)

getDaemonContext

public DaemonContext getDaemonContext()

getChannelFactory

public ChannelFactory getChannelFactory()

setChannelFactory

public void setChannelFactory(ChannelFactory channelFactory)

setConnectionUploadQuota

public void setConnectionUploadQuota(long perConnectionUploadQuota)

getConnectionUploadQuota

public long getConnectionUploadQuota()

getIdleAuthenticationTimeoutSeconds

public int getIdleAuthenticationTimeoutSeconds()

setIdleAuthenticationTimeoutSeconds

public void setIdleAuthenticationTimeoutSeconds(int idleAuthenticationTimeoutSeconds)

getMinDHGroupExchangeKeySize

public int getMinDHGroupExchangeKeySize()

setMinDHGroupExchangeKeySize

public void setMinDHGroupExchangeKeySize(int minDHGroupExchangeKeySize)

getMaxDHGroupExchangeKeySize

public int getMaxDHGroupExchangeKeySize()

setMaxDHGroupExchangeKeySize

public void setMaxDHGroupExchangeKeySize(int maxDHGroupExchangeKeySize)

setSFTPReadWriteEvents

public void setSFTPReadWriteEvents(boolean sftpReadWriteEvents)

isSFTPReadWriteEvents

public boolean isSFTPReadWriteEvents()

setSCPReadWriteEvents

public void setSCPReadWriteEvents(boolean scpReadWriteEvents)

isSCPReadWriteEvents

public boolean isSCPReadWriteEvents()

getSFTPLongnameDateFormat

public String getSFTPLongnameDateFormat()

getSFTPLongnameDateFormatWithTime

public String getSFTPLongnameDateFormatWithTime()

setSFTPLongnameDateFormat

public void setSFTPLongnameDateFormat(String sftpLongnameDateFormat)

setSFTPLongnameDateFormatWithTime

public void setSFTPLongnameDateFormatWithTime(String sftpLongnameDateFormatWithTime)

getChannelDataTimeoutSeconds

public int getChannelDataTimeoutSeconds()

setChannelDataTimeoutSeconds

public void setChannelDataTimeoutSeconds(int channelDataTimeout)

addEventListener

public void addEventListener(EventListener listener)

removeEventListener

public void removeEventListener(EventListener listener)

getEventListeners

public List<EventListener> getEventListeners()

getMaximumNumberOfAsyncSFTPRequests

@Deprecated
public int getMaximumNumberOfAsyncSFTPRequests()

Deprecated. This setting is redundant

Returns:

setMaximumNumberofAsyncSFTPRequests

@Deprecated
public void setMaximumNumberofAsyncSFTPRequests(int maximumSftpRequests)

Deprecated. This setting is redundant

Parameters:

maximumSftpRequests -

getRequiredAuthenticationStrategy

public RequiredAuthenticationStrategy getRequiredAuthenticationStrategy()

setRequiredAuthenticationStrategy

public void setRequiredAuthenticationStrategy(RequiredAuthenticationStrategy requiredAuthenticationStrategy)

getMaximumSFTPWindowSpace

public int getMaximumSFTPWindowSpace()

setMaximumSFTPWindowSpace

public void setMaximumSFTPWindowSpace(int maximumSFTPWindowSpace)

getMaxumumSessionWindowSpace

public int getMaxumumSessionWindowSpace()

getMinimumSFTPWindowSapce

public int getMinimumSFTPWindowSapce()

setMinimumSFTPWindowSapce

@Deprecated
public void setMinimumSFTPWindowSapce(int minimumSFTPWindowSapce)

Deprecated.

setMinimumSFTPWindowSpace

public void setMinimumSFTPWindowSpace(int minimumSFTPWindowSapce)

setMaxumumSessionWindowSpace

public void setMaxumumSessionWindowSpace(int maxumumSessionWindowSpace)

isManagedSFTPWindow

@Deprecated
public boolean isManagedSFTPWindow()

Deprecated.

setManagedSFTPWindow

@Deprecated
public void setManagedSFTPWindow(boolean managedSFTPWindow)

Deprecated.

addSFTPExtensionFactory

public void addSFTPExtensionFactory(SftpExtensionFactory factory)

removeSFTPExtensionFactory

public void removeSFTPExtensionFactory(SftpExtensionFactory factory)

getSFTPExtension

public SftpExtension getSFTPExtension(String requestName)

getSFTPExtensionFactories

public List<SftpExtensionFactory> getSFTPExtensionFactories()

isHttpRedirect

public boolean isHttpRedirect()

setHttpRedirect

public void setHttpRedirect(boolean httpRedirect)

getHttpRedirectUrl

public String getHttpRedirectUrl()

setHttpRedirectUrl

public void setHttpRedirectUrl(String httpRedirectUrl)

isKeyExchangeDisabled

public boolean isKeyExchangeDisabled()

setKeyExchangeDisabled

public void setKeyExchangeDisabled(boolean keyExchangeDisabled)

isSFTPCloseFileBeforeFailedTransferEvents

public boolean isSFTPCloseFileBeforeFailedTransferEvents()

setSFTPCloseFileBeforeFailedTransferEvents

public void setSFTPCloseFileBeforeFailedTransferEvents(boolean closeFileBeforeFailedTransferEvents)

getMaximumChannelsPerConnection

public int getMaximumChannelsPerConnection()

setMaximumChannelsPerConnection

public void setMaximumChannelsPerConnection(int maximumChannelsPerConnection)

getMaxSessions

public int getMaxSessions()

setMaxSessions

public void setMaxSessions(int maxSessions)

getWriteSCPBaseDir

public boolean getWriteSCPBaseDir()

setWriteSCPBaseDir

public void setWriteSCPBaseDir(boolean writeSCPBaseDir)

getDisableSFTPDirChecks

public boolean getDisableSFTPDirChecks()

setDisableSFTPDirChecks

public void setDisableSFTPDirChecks(boolean disableSFTPDirChecks)

getMinimumRemotePacketSize

public int getMinimumRemotePacketSize()

setMinimumRemotePacketSize

public void setMinimumRemotePacketSize(int minimumRemotePacketSize)

isEnableETM

public boolean isEnableETM()

getSecurityLevel

public SecurityLevel getSecurityLevel()

isNonStandardAlgorithmsEnabled

public boolean isNonStandardAlgorithmsEnabled()

setEnableETM

public void setEnableETM(boolean enableETM)

setNonStandardAlgorithmsEnabled

public void setNonStandardAlgorithmsEnabled(boolean nonStandardAlgorithmsEnabled)

getConnections

public int getConnections()

incrementConnections

public int incrementConnections()

decrementConnections

public int decrementConnections()

getLoadBalancerPolicy

public LoadBalancerPolicy getLoadBalancerPolicy()

getMessagePolicy

public MessagePolicy getMessagePolicy()

setMessagePolicy

public void setMessagePolicy(MessagePolicy messagePolicy)

setSHA1SignaturesSupported

public void setSHA1SignaturesSupported(boolean supportSHA1Signatures)

isSHA1SignaturesSupported

public boolean isSHA1SignaturesSupported()

getUsernamePolicy

public UsernamePolicy getUsernamePolicy()

setUsernamePolicy

public void setUsernamePolicy(UsernamePolicy usernamePolicy)

getPreventDirectoryDuplicateReadsPerChannel

public boolean getPreventDirectoryDuplicateReadsPerChannel()

setPreventDirectoryDuplicateReadsPerChannel

public void setPreventDirectoryDuplicateReadsPerChannel(boolean preventDirectorySuplicateReadsPerChannel)