com.maverick.sshd
Class SshContext

java.lang.Object
  com.maverick.nio.ProtocolContext
      com.maverick.sshd.SshContext

public class SshContext

extends ProtocolContext

This class defines an SSH context for listening interfaces on the Daemon.

Author:

Lee David Painter

Field Summary

static int	ANY
static java.lang.String	CIPHER_BLOWFISH_CBC The Blowfish CBC cipher
static java.lang.String	CIPHER_TRIPLEDES_CBC The 3DES CBC cipher
static java.lang.String	COMPRESSION_NONE Compression off
static java.lang.String	COMPRESSION_ZLIB ZLIB compression
static java.lang.String	HMAC_MD5 MD5 message authentication
static java.lang.String	HMAC_SHA1 SHA1 message authentication
static java.lang.String	KEX_DIFFIE_HELLMAN_GROUP1_SHA1 Currently the one and only key exchange mechanism
static int	PASSWORD
static java.lang.String	PASSWORD_AUTHENTICATION Identifier for password authentication
static int	PUBLIC_KEY
static java.lang.String	PUBLIC_KEY_SSHDSS SSH2 DSA Public Key
static java.lang.String	PUBLIC_KEY_SSHRSA SSH2 RSA Public Key
static int	PUBLIC_KEYandPASSWORD
static java.lang.String	PUBLICKEY_AUTHENTICATION Identifier for public key authentication

Fields inherited from class com.maverick.nio.ProtocolContext

keepAlive, receiveBufferSize, reuseAddress, sendBufferSize, tcpNoDelay

Constructor Summary

SshContext()
Constructs a default context but does not set the daemon

SshContext(Daemon daemon)
Constructs a default context

Method Summary

void	addCommand(java.lang.String name, java.lang.Class cls) Add an com.maverick.sshd.ExecutableCommand to the configuration.
void	addGlobalRequestHandler(GlobalRequestHandler handler)
void	addHostKey(SshKeyPair keyPair) Add a host key to the configuration.
void	addRequiredAuthentication(java.lang.String method) Set an authentication method as required.
boolean	containsCommand(java.lang.String name) Determine whether a command is configured.
ProtocolEngine	createEngine() Create a protocol engine.
static SshKeyPair	GenerateKeyFiles(java.io.File keyFilename, java.lang.String type, int bitlength, int privateKeyFormat, int publicKeyFormat) Generate a public and private key pair, save them to keyFilename and keyFilename.pub, return the key pair
AccessManager	getAccessManager() Get the current AccessManager for this configuration.
boolean	getAllowDeniedKEX()
AuthenticationProvider	getAuthenticationProvider() Get the NativeAuthenticationProvider for this SSHD instance.
java.lang.String	getBannerMessage() Get the authentication banner to display to connecting clients.
int	getChannelLimit() Get the maximum number of open channels allowed by each client.
java.lang.String	getCiphersCS()
java.lang.String	getCiphersSC() Get the ciphers for the Server->Client stream.
java.lang.Class	getCommand(java.lang.String name) Get the Class implementation for a given command.
int	getCompressionLevel() Get the current compression level
java.lang.String	getDefaultTerminal() Get the default terminal to execute when the user requests to start a shell.
java.lang.Class	getFileSystemProvider_KeyStore()
java.lang.Class	getFileSystemProvider() Get the NativeFileSystemProvider for this SSHD instance.
ForwardingCallback	getForwardingCallback() Get the forwarding callback implementation for this server context.
GlobalRequestHandler	getGlobalRequestHandler(java.lang.String requestname)
SshKeyPair	getHostKey(java.lang.String algorithm) Get the SSHD host key for a given algorithm.
SshKeyPair[]	getHostKeys() Get all the hosts keys.
int	getKeyExchangePacketLimit() Get the number of packets to send before a key exchange is forced
java.lang.String	getKeyExchanges() Get the ciphers for the Server->Client stream.
int	getKeyExchangeTransferLimit() Get the number of bytes to transfer before a key exchange is forced.
java.lang.String	getMacsCS() Get the ciphers for the Client->Server stream.
java.lang.String	getMacsSC() Get the ciphers for the Server->Client stream.
int	getMaxAuthentications() Get the maximum number of failed authentications allowed for each connection.
int	getMaximumConnections() Get the maximum number of connections allowed at any one time.
int	getMaximumPacketLength() Get the maximum supported length of an SSH packet.
int	getMaximumPublicKeyVerificationAttempts() Get the number of public keys that each user can attempt to verify for public key authentication.
int	getMaximumSocketsBacklogPerRemotelyForwardedConnection()
java.lang.String	getPreferredCipherCS() Get the currently preferred cipher for the Client->Server stream.
java.lang.String	getPreferredCipherSC() Get the currently preferred cipher for the Server->Client stream.
java.lang.String	getPreferredCompressionCS() Get the currently preferred compression for the Client->Server stream.
java.lang.String	getPreferredCompressionSC() Get the currently preferred compression for the Server->Client stream.
java.lang.String	getPreferredKeyExchange() Get the currently preferred key exchange method.
java.lang.String	getPreferredMacCS() Get the currently preferred mac for the Client->Server stream.
java.lang.String	getPreferredMacSC() Get the currently supported mac for the Server-Client stream.
java.lang.String	getPreferredPublicKey() Get the currently preferred public key algorithm.
java.lang.String	getPublicKeys() Get the ciphers for the Server->Client stream.
PublicKeyStore	getPublicKeyStore() Get the currently configured public key store for authorizing public keys
boolean	getRemoteForwardingCancelKillsTunnels() Determines whether the cancellation of a remote forwarding drops currently active tunnels
java.lang.Class	getRemoteForwardingFactoryImpl()
java.lang.Class	getRemoteForwardingManagerImpl()
java.lang.String[]	getRequiredAuthentications() Lists the required authentication methods.
Daemon	getServer() Get the instance of the SSHD for this context.
int	getSessionTimeout() Returns the session timeout in seconds
java.lang.String	getSFTPCharsetEncoding() Get the current encoding value for filenames in SFTP sessions.
java.lang.Class	getShellCommand() Get an ExecutableCommand implementation that provides the default shell.
java.lang.String	getSoftwareVersionComments() Get the software/version/comments field that is to be used in the SSH protocols negotiation procedure.
java.lang.String	getSupportedPublicKeys() Returns a comma delimited string containing installed public key types.
java.lang.String	getTooManyConnectionsText()
boolean	hasPublicKey(java.lang.String algorithm) Determine if the server has a host key configured.
void	init(Daemon daemon) Initialise the SshContext by setting the daemon
boolean	isFileSystemAsynchronous() Get the file system operation mode; asynchronous (spawn a thread for each SFTP session so that file operations are not performed on the selector thread) or synchronous (use the selector thread - may affect performance on slow file systems (e.g.
SshKeyPair	loadKey(java.io.File key, java.lang.String passPhrase)
void	loadKeystore(java.io.File keystoreFile, java.lang.String alias, java.lang.String storePassphrase, java.lang.String keyPassphrase) Load a keystore for use as an SSH host key.
void	loadOrGenerateHostKey(java.io.File key, java.lang.String type, int bitlength) Load a host key from file, if the file does not exist then generate the key.
void	loadOrGenerateHostKey(java.io.File key, java.lang.String type, int bitlength, int privateKeyFormat, int publicKeyFormat, java.lang.String passPhrase) Load a host key from file, if the file does not exist then generate the key.
void	loadOrGenerateHostKey(java.io.File key, java.lang.String type, int bitlength, java.lang.String passPhrase)
void	setAccessManager(AccessManager accessManager) If you want to control access to individual SSH features then add an instance of the AccessManager here.
void	setAllowDeniedKEX(boolean allowKeyExchangeForDeniedConnection)
void	setAsynchronousFileOperations(boolean asynchronousFileOperations) Tell the server which file system operation mode to use; asynchronous (spawn a thread for each SFTP session so that file operations are not performed on the selector thread) or synchronous (use the selector thread - may affect performance on slow file systems (e.g networked))
void	setAuthenticationProvider(AuthenticationProvider nativeAuthenticationProvider) Set the NativeAuthenticationProvider for this SSHD instance.
void	setBannerMessage(java.lang.String authenticationBanner) Set the banner message that is displayed to all connecing clients prior to authentication.
void	setChannelLimit(int maxChannels) Set the maximum number of open channels allowed by each client (defaults to 100).
void	setCipherPreferredPositionCS(java.lang.String name, int position)
void	setCipherPreferredPositionSC(java.lang.String name, int position)
void	setCompressionLevel(int compressionLevel) Set the compression level to use if compression is enabled
void	setDefaultTerminal(java.lang.String defaultTerminal) Set the default terminal to execute when the user requests to start a shell.
void	setFileSystemProvider_KeyStore(java.lang.Class filesystemProvider_KeyStore) Set the NFS for the KeyStore.
void	setFileSystemProvider(java.lang.Class filesystemProvider) Set the NativeFileSystemProvider for this SSHD instance.
void	setForwardingCallback(ForwardingCallback forwardingCallback) Set the forwarding callback implementation for this server context.
void	setKeyExchangePacketLimit(int MAX_NUM_PACKETS_BEFORE_REKEY) This tells the server how many packets to use before a key exchange.
void	setKeyExchangePreferredPosition(java.lang.String name, int position)
void	setKeyExchangeTransferLimit(int MAX_NUM_BYTES_BEFORE_REKEY) This limit tells the server when to force a key exchange.
void	setMacPreferredPositionCS(java.lang.String name, int position)
void	setMacPreferredPositionSC(java.lang.String name, int position)
void	setMaxAuthentications(int maxAuthentications) Set the maximum number of failed authentications allowed for each connection.
void	setMaximumConnections(int maximumConnections) Set the maximum number of connections allowed at any one time.
void	setMaximumPacketLength(int maximumPacketLength) Set the maximum supported length of an SSH packet.
void	setMaximumPublicKeyVerificationAttempts(int maximumPublicKeyVerificationAttempts) Set the number of public keys that a user can verify for public key authentication.
void	setMaximumSocketsBacklogPerRemotelyForwardedConnection(int maximumSocketsBacklogPerRemotelyForwardedConnection)
void	setPreferredCipherCS(int[] order) Set the preferred SC cipher order
void	setPreferredCipherCS(java.lang.String name) Set the preferred cipher for the Client->Server stream.
void	setPreferredCipherSC(int[] order) Set the preferred SC cipher order
void	setPreferredCipherSC(java.lang.String name) Set the preferred cipher for the Server->Client stream.
void	setPreferredCompressionCS(java.lang.String name) Set the preferred compression for the Client->Server stream.
void	setPreferredCompressionSC(java.lang.String name) Set the preferred compression for the Server->Client stream.
void	setPreferredKeyExchange(java.lang.String name) Set the preferred key exchange method.
void	setPreferredMacCS(int[] order) Set the preferred CS Mac order
void	setPreferredMacCS(java.lang.String name) Set the preferred MAC for the Client->Server stream.
void	setPreferredMacSC(int[] order) Set the preferred SC Mac order
void	setPreferredMacSC(java.lang.String name) Set the preferred mac for the Server->Client stream.
void	setPreferredPublicKey(java.lang.String name) Set the preferred public key algorithm.
void	setPublicKeyPreferredPosition(java.lang.String name, int position)
void	setPublicKeyStore(PublicKeyStore publicKeyStore) For publickey authentication you can optionally provide an alternative key store implementation.
void	setRemoteForwardingCancelKillsTunnels(boolean killTunnelsOnRemoteForwardingCancel) When the user cancels a remote forwarding should active tunnels be dropped?
void	setRemoteForwardingFactoryImpl(java.lang.Class remoteForwardingChannelFactory)
void	setRemoteForwardingManagerImpl(java.lang.Class remoteForwardingManagerImpl)
void	setRequiredAuthenticationMethods(int authmethods)
void	setSessionProvider(java.lang.Class sessionProvider) Set the session provider for this configuration.
void	setSessionTimeout(int sessionTimeoutSeconds) Sets the session timeout in seconds
void	setSFTPCharsetEncoding(java.lang.String sftpCharsetEncoding) Set the default encoding for filenames in SFTP sessions.
void	setShellCommand(java.lang.Class shellCommand) Set an ExecutableCommand implementation that provides the default shell.
void	setSoftwareVersionComments(java.lang.String softwareVersionComments) Set the current implementations software/version/comments field that is used during the SSH protocols negotiation procedure.
void	setTooManyConnectionsText(java.lang.String tooManyConnectionsText)
ComponentFactory	supportedAuthenticationMechanisms() Get the supported authentication mechanisms.
ComponentFactory	supportedChannels() Get the supported Channel's for this SSHD instance.
ComponentFactory	supportedCiphersCS() Returns a factory implementation that enables configuration of the available ciphers.
ComponentFactory	supportedCiphersSC()
ComponentFactory	supportedCompressionsCS() Get the supported compression algorithms.
ComponentFactory	supportedCompressionsSC()
ComponentFactory	supportedKeyExchanges() Get the supported key exchange methods.
ComponentFactory	supportedMacsCS() Get the supported message authentication algorithms.
ComponentFactory	supportedMacsSC()
ComponentFactory	supportedPublicKeys()
ComponentFactory	supportedSubsystems() Get the supported Subsystem's for this SSHD instance.

Methods inherited from class com.maverick.nio.ProtocolContext

createConnection, createConnectionImpl, getReceiveBufferSize, getSendBufferSize, getSocketOptionKeepAlive, getSocketOptionReuseAddress, getSocketOptionTcpNoDelay, setReceiveBufferSize, setSendBufferSize, setSocketHandlerImpl, setSocketOptionKeepAlive, setSocketOptionReuseAddress, setSocketOptionTcpNoDelay

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CIPHER_TRIPLEDES_CBC

public static final java.lang.String CIPHER_TRIPLEDES_CBC

The 3DES CBC cipher

See Also:

Constant Field Values

CIPHER_BLOWFISH_CBC

public static final java.lang.String CIPHER_BLOWFISH_CBC

The Blowfish CBC cipher

See Also:

Constant Field Values

HMAC_SHA1

public static final java.lang.String HMAC_SHA1

SHA1 message authentication

See Also:

Constant Field Values

HMAC_MD5

public static final java.lang.String HMAC_MD5

MD5 message authentication

See Also:

Constant Field Values

COMPRESSION_NONE

public static final java.lang.String COMPRESSION_NONE

Compression off

See Also:

Constant Field Values

COMPRESSION_ZLIB

public static final java.lang.String COMPRESSION_ZLIB

ZLIB compression

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP1_SHA1

public static final java.lang.String KEX_DIFFIE_HELLMAN_GROUP1_SHA1

Currently the one and only key exchange mechanism

See Also:

Constant Field Values

PUBLIC_KEY_SSHDSS

public static final java.lang.String PUBLIC_KEY_SSHDSS

SSH2 DSA Public Key

See Also:

Constant Field Values

PUBLIC_KEY_SSHRSA

public static final java.lang.String PUBLIC_KEY_SSHRSA

SSH2 RSA Public Key

See Also:

Constant Field Values

PASSWORD_AUTHENTICATION

public static final java.lang.String PASSWORD_AUTHENTICATION

Identifier for password authentication

See Also:

Constant Field Values

PUBLICKEY_AUTHENTICATION

public static final java.lang.String PUBLICKEY_AUTHENTICATION

Identifier for public key authentication

See Also:

Constant Field Values

ANY

public static final int ANY

See Also:

Constant Field Values

PUBLIC_KEY

public static final int PUBLIC_KEY

See Also:

Constant Field Values

PASSWORD

public static final int PASSWORD

See Also:

Constant Field Values

PUBLIC_KEYandPASSWORD

public static final int PUBLIC_KEYandPASSWORD

See Also:

Constant Field Values

Constructor Detail

SshContext

public SshContext()
           throws java.io.IOException

Constructs a default context but does not set the daemon

SshContext

public SshContext(Daemon daemon)
           throws java.io.IOException

Constructs a default context

Throws:

java.io.IOException

Method Detail

supportedPublicKeys

public ComponentFactory supportedPublicKeys()

init

public void init(Daemon daemon)

Initialise the SshContext by setting the daemon

createEngine

public ProtocolEngine createEngine()
                            throws java.io.IOException

Description copied from class: ProtocolContext

Create a protocol engine.

Specified by:

createEngine in class ProtocolContext

Returns:

ProtocolEngine

Throws:

java.io.IOException

loadOrGenerateHostKey

public void loadOrGenerateHostKey(java.io.File key,
                                  java.lang.String type,
                                  int bitlength)
                           throws java.io.IOException,
                                  InvalidPassphraseException,
                                  SshException

Load a host key from file, if the file does not exist then generate the key.

Parameters:

key - the key file

type - the type of key; acceptable values are SshKeyPairGenerator.SSH2_RSA or SshKeyPairGenerator.SSH2_DSA

bitlength - the bit length of the key

Throws:

java.io.IOException

SshException

InvalidPassphraseException

loadOrGenerateHostKey

public void loadOrGenerateHostKey(java.io.File key,
                                  java.lang.String type,
                                  int bitlength,
                                  java.lang.String passPhrase)
                           throws java.io.IOException,
                                  InvalidPassphraseException,
                                  SshException

Throws:

java.io.IOException

InvalidPassphraseException

SshException

loadOrGenerateHostKey

public void loadOrGenerateHostKey(java.io.File key,
                                  java.lang.String type,
                                  int bitlength,
                                  int privateKeyFormat,
                                  int publicKeyFormat,
                                  java.lang.String passPhrase)
                           throws java.io.IOException,
                                  InvalidPassphraseException,
                                  SshException

Load a host key from file, if the file does not exist then generate the key.

Parameters:

key - the key file

type - the type of key; acceptable values are SshKeyPairGenerator.SSH2_RSA or SshKeyPairGenerator.SSH2_DSA

bitlength - the bit length of the key

privateKeyFormat - the format of the private key, SshPrivateKeyFileFactory

publicKeyFormat - the format of the public key, {see com.sshtools.publickey.SshPublicKeyFileFactory}

passPhrase - the passPhrase of an existing host key

Throws:

java.io.IOException

SshException

InvalidPassphraseException

loadKey

public SshKeyPair loadKey(java.io.File key,
                          java.lang.String passPhrase)
                   throws java.io.IOException,
                          InvalidPassphraseException

Throws:

java.io.IOException

InvalidPassphraseException

GenerateKeyFiles

public static SshKeyPair GenerateKeyFiles(java.io.File keyFilename,
                                          java.lang.String type,
                                          int bitlength,
                                          int privateKeyFormat,
                                          int publicKeyFormat)
                                   throws java.io.IOException,
                                          SshException

Generate a public and private key pair, save them to keyFilename and keyFilename.pub, return the key pair

Parameters:

keyFilename -

type -

bitlength -

privateKeyFormat -

publicKeyFormat -

Returns:

SshKeyPair generated.

Throws:

java.io.IOException

SshException

loadKeystore

public void loadKeystore(java.io.File keystoreFile,
                         java.lang.String alias,
                         java.lang.String storePassphrase,
                         java.lang.String keyPassphrase)
                  throws java.io.IOException

Load a keystore for use as an SSH host key. This will create a public key using the X509V3_SIGN_RSA and X509V3_SIGN_RSA_SHA1 host key types. DSA keys are currently not supported.

Parameters:

keystoreFile - path to the keystore file

alias - the alias of the key in the keystore

storePassphrase - the passphrase of the keystore

keyPassphrase - the passphrase of the key

Throws:

java.io.IOException

addGlobalRequestHandler

public void addGlobalRequestHandler(GlobalRequestHandler handler)

getGlobalRequestHandler

public GlobalRequestHandler getGlobalRequestHandler(java.lang.String requestname)

getRemoteForwardingFactoryImpl

public java.lang.Class getRemoteForwardingFactoryImpl()

getRemoteForwardingManagerImpl

public java.lang.Class getRemoteForwardingManagerImpl()

setRemoteForwardingFactoryImpl

public void setRemoteForwardingFactoryImpl(java.lang.Class remoteForwardingChannelFactory)
                                    throws java.io.IOException

Throws:

java.io.IOException

setRemoteForwardingManagerImpl

public void setRemoteForwardingManagerImpl(java.lang.Class remoteForwardingManagerImpl)
                                    throws java.io.IOException

Throws:

java.io.IOException

setPublicKeyStore

public void setPublicKeyStore(PublicKeyStore publicKeyStore)

For publickey authentication you can optionally provide an alternative key store implementation. This allows you to change the default behaviour of reading keys from the users .ssh/authorized_keys file.

Parameters:

publicKeyStore - PublicKeyStore

getPublicKeyStore

public PublicKeyStore getPublicKeyStore()

Get the currently configured public key store for authorizing public keys

Returns:

PublicKeyStore

getRequiredAuthentications

public java.lang.String[] getRequiredAuthentications()

Lists the required authentication methods.

Returns:

String[]

addRequiredAuthentication

public void addRequiredAuthentication(java.lang.String method)

Set an authentication method as required. You can have multiple required authentications but by default none are required, although at least one authentication MUST be performed. For example to require both password and publickey authentication use the following statements in the SshDaemon#configure(ConfigurationContext) method.

 context.addRequiredAuthentication(ConfigurationContext.PUBLICKEY_AUTHENTICATION);
 context.addRequiredAuthentication(ConfigurationContext.PASSWORD_AUTHENTICATION);
 

Parameters:

method - String

getBannerMessage

public java.lang.String getBannerMessage()

Get the authentication banner to display to connecting clients.

Returns:

String

getServer

public Daemon getServer()

Get the instance of the SSHD for this context.

Returns:

Daemon

getSFTPCharsetEncoding

public java.lang.String getSFTPCharsetEncoding()

Get the current encoding value for filenames in SFTP sessions.

Returns:

String

setSFTPCharsetEncoding

public void setSFTPCharsetEncoding(java.lang.String sftpCharsetEncoding)

Set the default encoding for filenames in SFTP sessions. The default encoding for the currently supported SFTP protocol is ISO-8859-1.

Parameters:

sftpCharsetEncoding - String

getSessionTimeout

public int getSessionTimeout()

Returns the session timeout in seconds

Returns:

int

setSessionTimeout

public void setSessionTimeout(int sessionTimeoutSeconds)

Sets the session timeout in seconds

Parameters:

sessionTimeoutSeconds - int

setChannelLimit

public void setChannelLimit(int maxChannels)

Set the maximum number of open channels allowed by each client (defaults to 100).

Parameters:

maxChannels -

getChannelLimit

public int getChannelLimit()

Get the maximum number of open channels allowed by each client.

Returns:

int

getMaxAuthentications

public int getMaxAuthentications()

Get the maximum number of failed authentications allowed for each connection.

Returns:

int

setMaxAuthentications

public void setMaxAuthentications(int maxAuthentications)

Set the maximum number of failed authentications allowed for each connection.

Parameters:

maxAuthentications -

setMaximumConnections

public void setMaximumConnections(int maximumConnections)

Set the maximum number of connections allowed at any one time.

Parameters:

maximumConnections - int

getMaximumConnections

public int getMaximumConnections()

Get the maximum number of connections allowed at any one time.

Returns:

int

supportedCiphersCS

public ComponentFactory supportedCiphersCS()

Returns a factory implementation that enables configuration of the available ciphers.

The standard default ciphers installed are 3DES and Blowfish, however the J2SSH Maverick API on which this server is based also supports a number of optional ciphers AES, CAST and Twofish. These can be installed by adding the sshtools-cipher.jar to your class path and using the following code within your SSHD SshDaemon#configure(ConfigurationContext) method.

 // import the cipher package
 import com.sshtools.cipher.*;
 
 // Add AES
 context.supportedCiphers().add(AES128Cbc.AES128_CBC, AES128Cbc.class);
 context.supportedCiphers().add(AES192Cbc.AES192_CBC, AES192Cbc.class);
 context.supportedCiphers().add(AES256Cbc.AES256_CBC, AES256Cbc.class);
 
 // Add Twofish - note the 256 bit cipher has two different entries to maintain backwards compatibility
 context.supportedCiphers().add(Twofish128Cbc.TWOFISH128_CBC, Twofish128Cbc.class);
 context.supportedCiphers().add(Twofish192Cbc.TWOFISH192_CBC, Twofish192Cbc.class);
 context.supportedCiphers().add(Twofish256Cbc.TWOFISH256_CBC, Twofish256Cbc.class);
 context.supportedCiphers().add(Twofish256Cbc.TWOFISH_CBC, Twofish256Cbc.class);
 
 // Add CAST
  context.supportedCiphers().add(CAST128Cbc.CAST128_CBC, CAST128Cbc.class);
 

Returns:

the component factory

supportedCiphersSC

public ComponentFactory supportedCiphersSC()

setAsynchronousFileOperations

public void setAsynchronousFileOperations(boolean asynchronousFileOperations)

Tell the server which file system operation mode to use; asynchronous (spawn a thread for each SFTP session so that file operations are not performed on the selector thread) or synchronous (use the selector thread - may affect performance on slow file systems (e.g networked))

Parameters:

asynchronousFileOperations -

isFileSystemAsynchronous

public boolean isFileSystemAsynchronous()

Get the file system operation mode; asynchronous (spawn a thread for each SFTP session so that file operations are not performed on the selector thread) or synchronous (use the selector thread - may affect performance on slow file systems (e.g. networked))

Returns:

boolean

getPreferredCipherCS

public java.lang.String getPreferredCipherCS()

Get the currently preferred cipher for the Client->Server stream.

Returns:

the preferred Client-Server cipher

setPreferredCipherCS

public void setPreferredCipherCS(java.lang.String name)
                          throws java.io.IOException,
                                 SshException

Set the preferred cipher for the Client->Server stream.

Use the static fields available within this class (or the com.sshtools.cipher classes) to identify the correct cipher.

context.setPreferredCipherCS(ConfigurationContext.CIPHER_BLOWFISH_CBC);

The default cipher is 3DES

Parameters:

name -

Throws:

java.io.IOException - if the cipher is not supported

SshException

setAccessManager

public void setAccessManager(AccessManager accessManager)

If you want to control access to individual SSH features then add an instance of the AccessManager here. The AccessManager is consulted before a user is allowed to connect, start a shell, execute a command or start a port forwarding connection.

Parameters:

accessManager -

getAccessManager

public AccessManager getAccessManager()

Get the current AccessManager for this configuration.

Returns:

AccessManager

setBannerMessage

public void setBannerMessage(java.lang.String authenticationBanner)

Set the banner message that is displayed to all connecing clients prior to authentication. If this method is used then com.maverick.sshd.NoneAuthentication.getBannerForUser(String) should not be overridden.

Parameters:

authenticationBanner -

getPreferredCipherSC

public java.lang.String getPreferredCipherSC()

Get the currently preferred cipher for the Server->Client stream.

Returns:

the preferred Server-Client cipher

getSoftwareVersionComments

public java.lang.String getSoftwareVersionComments()

Get the software/version/comments field that is to be used in the SSH protocols negotiation procedure.

Returns:

String

setSoftwareVersionComments

public void setSoftwareVersionComments(java.lang.String softwareVersionComments)

Set the current implementations software/version/comments field that is used during the SSH protocols negotiation procedure. This value MUST consist of printable US-ASCII characters with the exception of whitespace and the minus sign (-) and be no longer than 200 characters.

Parameters:

softwareVersionComments -

setPreferredCipherSC

public void setPreferredCipherSC(java.lang.String name)
                          throws java.io.IOException,
                                 SshException

Set the preferred cipher for the Server->Client stream.

Use the static fields available within this class (or the com.sshtools.cipher classes) to identify the correct cipher.

context.setPreferredCipherSC(ConfigurationContext.CIPHER_BLOWFISH_CBC);

The default cipher is 3DES

Parameters:

name -

Throws:

java.io.IOException

SshException

supportedMacsCS

public ComponentFactory supportedMacsCS()

Get the supported message authentication algorithms.

There are no optional MAC algorithms currently available and this method is supplied in preperation for future enhancements.

Returns:

the component factory

supportedMacsSC

public ComponentFactory supportedMacsSC()

getPreferredMacCS

public java.lang.String getPreferredMacCS()

Get the currently preferred mac for the Client->Server stream.

Returns:

the preferred Client-Server mac

setPreferredMacCS

public void setPreferredMacCS(java.lang.String name)
                       throws java.io.IOException,
                              SshException

Set the preferred MAC for the Client->Server stream.

Use the static fields available within this class to identify the correct MAC.

context.setPreferredMacCS(ConfigurationContext.HMAC_MD5);

The default MAC is HMAC_SHA1

Parameters:

name -

Throws:

java.io.IOException

SshException

getPreferredMacSC

public java.lang.String getPreferredMacSC()

Get the currently supported mac for the Server-Client stream.

Returns:

the preferred Server-Client mac

setRemoteForwardingCancelKillsTunnels

public void setRemoteForwardingCancelKillsTunnels(boolean killTunnelsOnRemoteForwardingCancel)

When the user cancels a remote forwarding should active tunnels be dropped?

Parameters:

killTunnelsOnRemoteForwardingCancel - boolean

getRemoteForwardingCancelKillsTunnels

public boolean getRemoteForwardingCancelKillsTunnels()

Determines whether the cancellation of a remote forwarding drops currently active tunnels

Returns:

boolean

getMaximumPublicKeyVerificationAttempts

public int getMaximumPublicKeyVerificationAttempts()

Get the number of public keys that each user can attempt to verify for public key authentication. If the user exceeds this limit the connection is terminated.

Returns:

int

setMaximumPublicKeyVerificationAttempts

public void setMaximumPublicKeyVerificationAttempts(int maximumPublicKeyVerificationAttempts)

Set the number of public keys that a user can verify for public key authentication. If the user exceeds this limit the connection is terminated.

Parameters:

maximumPublicKeyVerificationAttempts - int

setPreferredMacSC

public void setPreferredMacSC(java.lang.String name)
                       throws java.io.IOException,
                              SshException

Set the preferred mac for the Server->Client stream.

Use the static fields available within this class to identify the correct MAC.

context.setPreferredMacCS(ConfigurationContext.HMAC_MD5);

The default MAC is HMAC_SHA1

Parameters:

name -

Throws:

java.io.IOException

SshException

supportedCompressionsCS

public ComponentFactory supportedCompressionsCS()

Get the supported compression algorithms.

There are no optional compression algorithms currently available and this method is supplied in preperation for future enhancements.

Returns:

the component factory

supportedCompressionsSC

public ComponentFactory supportedCompressionsSC()

getPreferredCompressionCS

public java.lang.String getPreferredCompressionCS()

Get the currently preferred compression for the Client->Server stream.

Returns:

the preferred Client-Server compression

setPreferredCompressionCS

public void setPreferredCompressionCS(java.lang.String name)
                               throws java.io.IOException

Set the preferred compression for the Client->Server stream.

It is recommended that you do not set the preferred compression so that the client has control over the compression selection.

Parameters:

name -

Throws:

java.io.IOException

getPreferredCompressionSC

public java.lang.String getPreferredCompressionSC()

Get the currently preferred compression for the Server->Client stream.

Returns:

the preferred Server->Client compression

setPreferredCompressionSC

public void setPreferredCompressionSC(java.lang.String name)
                               throws java.io.IOException

Set the preferred compression for the Server->Client stream.

It is recommended that you do not set the preferred compression so that the client has control over the compression selection.

Parameters:

name -

Throws:

java.io.IOException

supportedKeyExchanges

public ComponentFactory supportedKeyExchanges()

Get the supported key exchange methods.

There are no optional key exchange algorithms currently available and this method is supplied in preperation for future enhancements.

Returns:

the component factory

getPreferredKeyExchange

public java.lang.String getPreferredKeyExchange()

Get the currently preferred key exchange method.

Returns:

the preferred key exhcange

setPreferredKeyExchange

public void setPreferredKeyExchange(java.lang.String name)
                             throws java.io.IOException,
                                    SshException

Set the preferred key exchange method.

There is only one supported key exchange algorithm and as such this method is supplied in preperation for future enhancements.

Parameters:

name -

Throws:

java.io.IOException

SshException

getPreferredPublicKey

public java.lang.String getPreferredPublicKey()

Get the currently preferred public key algorithm.

Returns:

the preferred public key

getSupportedPublicKeys

public java.lang.String getSupportedPublicKeys()

Returns a comma delimited string containing installed public key types.

Returns:

String

setPreferredPublicKey

public void setPreferredPublicKey(java.lang.String name)
                           throws java.io.IOException,
                                  SshException

Set the preferred public key algorithm.

This value must be one of the installed public key algorithm names. You will be able to obtain these from the public keys that you installed using ?????? and an example of how to do this is provided in the ConfigurationContext#addHostKey(SshKeyPair) method description.

Parameters:

name -

Throws:

java.io.IOException

SshException

getHostKeys

public SshKeyPair[] getHostKeys()

Get all the hosts keys.

Returns:

SshPublicKey[]

getHostKey

public SshKeyPair getHostKey(java.lang.String algorithm)
                      throws java.io.IOException

Get the SSHD host key for a given algorithm.

Parameters:

algorithm -

Returns:

SshKeyPair

Throws:

java.io.IOException

addHostKey

public void addHostKey(SshKeyPair keyPair)
                throws java.io.IOException

Add a host key to the configuration.

A host key provides a mechanism for a client to authenticate the server. If the client knows the public key of the server it can validate the signature that the server generated using its private key with the known public key of the server. In order for your server to operate you need to generate and install at least one host key.

It is now recommended to use the SshDaemon#loadOrGenerateHostKey(File, String, int, ConfigurationContext) method for generating and loading a host key.

Parameters:

keyPair -

Throws:

java.io.IOException

addCommand

public void addCommand(java.lang.String name,
                       java.lang.Class cls)

Add an com.maverick.sshd.ExecutableCommand to the configuration. If a request to execute a command with the name name is received an instance of the class is created to handle the command execution.

Parameters:

name - String

cls - Class

containsCommand

public boolean containsCommand(java.lang.String name)

Determine whether a command is configured.

Parameters:

name - String

Returns:

boolean

getCommand

public java.lang.Class getCommand(java.lang.String name)

Get the Class implementation for a given command.

Parameters:

name - String

Returns:

Class

getShellCommand

public java.lang.Class getShellCommand()

Get an ExecutableCommand implementation that provides the default shell.

Returns:

Class

setShellCommand

public void setShellCommand(java.lang.Class shellCommand)

Set an ExecutableCommand implementation that provides the default shell.

Parameters:

shellCommand -

hasPublicKey

public boolean hasPublicKey(java.lang.String algorithm)

Determine if the server has a host key configured.

Parameters:

algorithm -

Returns:

boolean

supportedAuthenticationMechanisms

public ComponentFactory supportedAuthenticationMechanisms()

Get the supported authentication mechanisms.

If you have implemented your own AuthenticationMechanism you can add it to the factory object returned by this method.

 context.supportedAuthenticationMechanisms().add("secureID",
                               SecureIDAuthentication.class);
 

Returns:

AbstractComponentFactory

setAuthenticationProvider

public void setAuthenticationProvider(AuthenticationProvider nativeAuthenticationProvider)

Set the NativeAuthenticationProvider for this SSHD instance.

getAuthenticationProvider

public AuthenticationProvider getAuthenticationProvider()

Get the NativeAuthenticationProvider for this SSHD instance.

Returns:

AuthenticationProvider

setFileSystemProvider

public void setFileSystemProvider(java.lang.Class filesystemProvider)

Set the NativeFileSystemProvider for this SSHD instance.

This uses a class object rather so that the server can manage the creation of instances of this class.

Parameters:

filesystemProvider -

setFileSystemProvider_KeyStore

public void setFileSystemProvider_KeyStore(java.lang.Class filesystemProvider_KeyStore)

Set the NFS for the KeyStore. This method overrides the default setting of using the class passed to setFileSystemProvider.

Parameters:

filesystemProvider_KeyStore -

getFileSystemProvider

public java.lang.Class getFileSystemProvider()

Get the NativeFileSystemProvider for this SSHD instance.

Returns:

Class

getFileSystemProvider_KeyStore

public java.lang.Class getFileSystemProvider_KeyStore()

setSessionProvider

public void setSessionProvider(java.lang.Class sessionProvider)

Set the session provider for this configuration.

Parameters:

sessionProvider -

getDefaultTerminal

public java.lang.String getDefaultTerminal()

Get the default terminal to execute when the user requests to start a shell.

This setting is not used explicitly by the server but is available from the context so that a session implementation can obtain it through the protected ConnectionProtocol instance.

Returns:

String

setDefaultTerminal

public void setDefaultTerminal(java.lang.String defaultTerminal)

Set the default terminal to execute when the user requests to start a shell.

This setting is not used explicitly by the server but is available from the context so that a session implementation can obtain it through the protected ConnectionProtocol instance.

Parameters:

defaultTerminal -

supportedChannels

public ComponentFactory supportedChannels()

Get the supported Channel's for this SSHD instance.

If you have implemented a custom channel you can use the factory object returned by this method to install the channel.

 context.supportedChannels().add("mychannel", MyChannel.class);
 

Returns:

AbstractComponentFactory

supportedSubsystems

public ComponentFactory supportedSubsystems()

Get the supported Subsystem's for this SSHD instance.

If you have implemented a custom subsystem you can use the factory object returned by this method to install the new subsystem.

 context.supportedSubsystems().add("mysubsystem", MySubsystem.class);
 

Returns:

AbstractComponentFactory

setCompressionLevel

public void setCompressionLevel(int compressionLevel)

Set the compression level to use if compression is enabled

Parameters:

compressionLevel - int

getCompressionLevel

public int getCompressionLevel()

Get the current compression level

Returns:

int

setAllowDeniedKEX

public void setAllowDeniedKEX(boolean allowKeyExchangeForDeniedConnection)

setRequiredAuthenticationMethods

public void setRequiredAuthenticationMethods(int authmethods)

getAllowDeniedKEX

public boolean getAllowDeniedKEX()

getMaximumSocketsBacklogPerRemotelyForwardedConnection

public int getMaximumSocketsBacklogPerRemotelyForwardedConnection()

setMaximumSocketsBacklogPerRemotelyForwardedConnection

public void setMaximumSocketsBacklogPerRemotelyForwardedConnection(int maximumSocketsBacklogPerRemotelyForwardedConnection)

getTooManyConnectionsText

public java.lang.String getTooManyConnectionsText()

setTooManyConnectionsText

public void setTooManyConnectionsText(java.lang.String tooManyConnectionsText)

getCiphersSC

public java.lang.String getCiphersSC()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getCiphersCS

public java.lang.String getCiphersCS()

getMacsCS

public java.lang.String getMacsCS()

Get the ciphers for the Client->Server stream.

Returns:

the Client-Server ciphers in order of preference

getMacsSC

public java.lang.String getMacsSC()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getPublicKeys

public java.lang.String getPublicKeys()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getKeyExchanges

public java.lang.String getKeyExchanges()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

setPreferredCipherSC

public void setPreferredCipherSC(int[] order)
                          throws SshException

Set the preferred SC cipher order

Throws:

SshException

setPreferredCipherCS

public void setPreferredCipherCS(int[] order)
                          throws SshException

Set the preferred SC cipher order

Throws:

SshException

setPreferredMacSC

public void setPreferredMacSC(int[] order)
                       throws SshException

Set the preferred SC Mac order

Throws:

SshException