use of com.jcraft.jsch.Session in project camel by apache.
the class SftpOperations method createSession.
protected Session createSession(final RemoteFileConfiguration configuration) throws JSchException {
final JSch jsch = new JSch();
JSch.setLogger(new JSchLogger(endpoint.getConfiguration().getJschLoggingLevel()));
SftpConfiguration sftpConfig = (SftpConfiguration) configuration;
if (isNotEmpty(sftpConfig.getCiphers())) {
LOG.debug("Using ciphers: {}", sftpConfig.getCiphers());
Hashtable<String, String> ciphers = new Hashtable<String, String>();
ciphers.put("cipher.s2c", sftpConfig.getCiphers());
ciphers.put("cipher.c2s", sftpConfig.getCiphers());
JSch.setConfig(ciphers);
}
if (isNotEmpty(sftpConfig.getPrivateKeyFile())) {
LOG.debug("Using private keyfile: {}", sftpConfig.getPrivateKeyFile());
if (isNotEmpty(sftpConfig.getPrivateKeyPassphrase())) {
jsch.addIdentity(sftpConfig.getPrivateKeyFile(), sftpConfig.getPrivateKeyPassphrase());
} else {
jsch.addIdentity(sftpConfig.getPrivateKeyFile());
}
}
if (sftpConfig.getPrivateKey() != null) {
LOG.debug("Using private key information from byte array");
byte[] passphrase = null;
if (isNotEmpty(sftpConfig.getPrivateKeyPassphrase())) {
try {
passphrase = sftpConfig.getPrivateKeyPassphrase().getBytes("UTF-8");
} catch (UnsupportedEncodingException e) {
throw new JSchException("Cannot transform passphrase to byte[]", e);
}
}
jsch.addIdentity("ID", sftpConfig.getPrivateKey(), null, passphrase);
}
if (sftpConfig.getPrivateKeyUri() != null) {
LOG.debug("Using private key uri : {}", sftpConfig.getPrivateKeyUri());
byte[] passphrase = null;
if (isNotEmpty(sftpConfig.getPrivateKeyPassphrase())) {
try {
passphrase = sftpConfig.getPrivateKeyPassphrase().getBytes("UTF-8");
} catch (UnsupportedEncodingException e) {
throw new JSchException("Cannot transform passphrase to byte[]", e);
}
}
try {
InputStream is = ResourceHelper.resolveMandatoryResourceAsInputStream(endpoint.getCamelContext(), sftpConfig.getPrivateKeyUri());
ByteArrayOutputStream bos = new ByteArrayOutputStream();
IOHelper.copyAndCloseInput(is, bos);
jsch.addIdentity("ID", bos.toByteArray(), null, passphrase);
} catch (IOException e) {
throw new JSchException("Cannot read resource: " + sftpConfig.getPrivateKeyUri(), e);
}
}
if (sftpConfig.getKeyPair() != null) {
LOG.debug("Using private key information from key pair");
KeyPair keyPair = sftpConfig.getKeyPair();
if (keyPair.getPrivate() != null && keyPair.getPublic() != null) {
if (keyPair.getPrivate() instanceof RSAPrivateKey && keyPair.getPublic() instanceof RSAPublicKey) {
jsch.addIdentity(new RSAKeyPairIdentity("ID", keyPair), null);
} else if (keyPair.getPrivate() instanceof DSAPrivateKey && keyPair.getPublic() instanceof DSAPublicKey) {
jsch.addIdentity(new DSAKeyPairIdentity("ID", keyPair), null);
} else {
LOG.warn("Only RSA and DSA key pairs are supported");
}
} else {
LOG.warn("PrivateKey and PublicKey in the KeyPair must be filled");
}
}
if (isNotEmpty(sftpConfig.getKnownHostsFile())) {
LOG.debug("Using knownhosts file: {}", sftpConfig.getKnownHostsFile());
jsch.setKnownHosts(sftpConfig.getKnownHostsFile());
}
if (isNotEmpty(sftpConfig.getKnownHostsUri())) {
LOG.debug("Using known hosts uri: {}", sftpConfig.getKnownHostsUri());
try {
InputStream is = ResourceHelper.resolveMandatoryResourceAsInputStream(endpoint.getCamelContext(), sftpConfig.getKnownHostsUri());
jsch.setKnownHosts(is);
} catch (IOException e) {
throw new JSchException("Cannot read resource: " + sftpConfig.getKnownHostsUri(), e);
}
}
if (sftpConfig.getKnownHosts() != null) {
LOG.debug("Using known hosts information from byte array");
jsch.setKnownHosts(new ByteArrayInputStream(sftpConfig.getKnownHosts()));
}
String knownHostsFile = sftpConfig.getKnownHostsFile();
if (knownHostsFile == null && sftpConfig.isUseUserKnownHostsFile()) {
knownHostsFile = System.getProperty("user.home") + "/.ssh/known_hosts";
LOG.info("Known host file not configured, using user known host file: {}", knownHostsFile);
}
if (ObjectHelper.isNotEmpty(knownHostsFile)) {
LOG.debug("Using known hosts information from file: {}", knownHostsFile);
jsch.setKnownHosts(knownHostsFile);
}
final Session session = jsch.getSession(configuration.getUsername(), configuration.getHost(), configuration.getPort());
if (isNotEmpty(sftpConfig.getStrictHostKeyChecking())) {
LOG.debug("Using StrickHostKeyChecking: {}", sftpConfig.getStrictHostKeyChecking());
session.setConfig("StrictHostKeyChecking", sftpConfig.getStrictHostKeyChecking());
}
session.setServerAliveInterval(sftpConfig.getServerAliveInterval());
session.setServerAliveCountMax(sftpConfig.getServerAliveCountMax());
// compression
if (sftpConfig.getCompression() > 0) {
LOG.debug("Using compression: {}", sftpConfig.getCompression());
session.setConfig("compression.s2c", "zlib@openssh.com,zlib,none");
session.setConfig("compression.c2s", "zlib@openssh.com,zlib,none");
session.setConfig("compression_level", Integer.toString(sftpConfig.getCompression()));
}
// set the PreferredAuthentications
if (sftpConfig.getPreferredAuthentications() != null) {
LOG.debug("Using PreferredAuthentications: {}", sftpConfig.getPreferredAuthentications());
session.setConfig("PreferredAuthentications", sftpConfig.getPreferredAuthentications());
}
// set user information
session.setUserInfo(new ExtendedUserInfo() {
public String getPassphrase() {
return null;
}
public String getPassword() {
return configuration.getPassword();
}
public boolean promptPassword(String s) {
return true;
}
public boolean promptPassphrase(String s) {
return true;
}
public boolean promptYesNo(String s) {
LOG.warn("Server asks for confirmation (yes|no): " + s + ". Camel will answer no.");
// Return 'false' indicating modification of the hosts file is disabled.
return false;
}
public void showMessage(String s) {
LOG.trace("Message received from Server: " + s);
}
public String[] promptKeyboardInteractive(String destination, String name, String instruction, String[] prompt, boolean[] echo) {
// must return an empty array if password is null
if (configuration.getPassword() == null) {
return new String[0];
} else {
return new String[] { configuration.getPassword() };
}
}
});
// set the SO_TIMEOUT for the time after the connect phase
if (configuration.getSoTimeout() > 0) {
session.setTimeout(configuration.getSoTimeout());
}
// set proxy if configured
if (proxy != null) {
session.setProxy(proxy);
}
return session;
}
use of com.jcraft.jsch.Session in project camel by apache.
the class ScpServerTestSupport method setupKnownHosts.
protected void setupKnownHosts() {
knownHostsFile = SCP_ROOT_DIR + "/" + KNOWN_HOSTS;
if (!acceptLocalhostConnections) {
return;
}
// For security reasons (avoiding man in the middle attacks),
// camel-jsch will only connect to known hosts. For unit testing
// we use a known key, but since the port is dynamic, the
// known_hosts file will be generated by the following code and
// should contain a line like below (if
// "HashKnownHosts"=="yes" the hostname:port part will be
// hashed and look a bit more complicated).
//
// [localhost]:21000 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDd \
// fIWeSV4o68dRrKSzFd/Bk51E65UTmmSrmW0O1ohtzi6HzsDPjXgCtlTt3F \
// qTcfFfI92IlTr4JWqC9UK1QT1ZTeng0MkPQmv68hDANHbt5CpETZHjW5q4 \
// OOgWhVvj5IyOC2NZHtKlJBkdsMAa15ouOOJLzBvAvbqOR/yUROsEiQ==
JSch jsch = new JSch();
try {
LOG.debug("Using '{}' for known hosts.", knownHostsFile);
jsch.setKnownHosts(knownHostsFile);
Session s = jsch.getSession("admin", "localhost", getPort());
s.setConfig("StrictHostKeyChecking", "ask");
// TODO: by the current jsch (0.1.51) setting "HashKnownHosts" to "no" is a workaround
// to make the tests run green, see also http://sourceforge.net/p/jsch/bugs/63/
s.setConfig("HashKnownHosts", "no");
s.setUserInfo(new UserInfo() {
@Override
public String getPassphrase() {
return null;
}
@Override
public String getPassword() {
return "admin";
}
@Override
public boolean promptPassword(String message) {
return true;
}
@Override
public boolean promptPassphrase(String message) {
return false;
}
@Override
public boolean promptYesNo(String message) {
// accept host authenticity
return true;
}
@Override
public void showMessage(String message) {
}
});
// in the process of connecting, "[localhost]:<port>" is added to the knownHostsFile
s.connect();
s.disconnect();
} catch (JSchException e) {
LOG.info("Could not add [localhost] to known hosts", e);
}
}
use of com.jcraft.jsch.Session in project hadoop by apache.
the class SFTPConnectionPool method connect.
public ChannelSftp connect(String host, int port, String user, String password, String keyFile) throws IOException {
// get connection from pool
ConnectionInfo info = new ConnectionInfo(host, port, user);
ChannelSftp channel = getFromPool(info);
if (channel != null) {
if (channel.isConnected()) {
return channel;
} else {
channel = null;
synchronized (this) {
--liveConnectionCount;
con2infoMap.remove(channel);
}
}
}
// create a new connection and add to pool
JSch jsch = new JSch();
Session session = null;
try {
if (user == null || user.length() == 0) {
user = System.getProperty("user.name");
}
if (password == null) {
password = "";
}
if (keyFile != null && keyFile.length() > 0) {
jsch.addIdentity(keyFile);
}
if (port <= 0) {
session = jsch.getSession(user, host);
} else {
session = jsch.getSession(user, host, port);
}
session.setPassword(password);
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
session.setConfig(config);
session.connect();
channel = (ChannelSftp) session.openChannel("sftp");
channel.connect();
synchronized (this) {
con2infoMap.put(channel, info);
liveConnectionCount++;
}
return channel;
} catch (JSchException e) {
throw new IOException(StringUtils.stringifyException(e));
}
}
use of com.jcraft.jsch.Session in project hadoop by apache.
the class SshFenceByTcpPort method createSession.
private Session createSession(String host, Args args) throws JSchException {
JSch jsch = new JSch();
for (String keyFile : getKeyFiles()) {
jsch.addIdentity(keyFile);
}
JSch.setLogger(new LogAdapter());
Session session = jsch.getSession(args.user, host, args.sshPort);
session.setConfig("StrictHostKeyChecking", "no");
return session;
}
use of com.jcraft.jsch.Session in project hadoop by apache.
the class SFTPInputStream method close.
public synchronized void close() throws IOException {
if (closed) {
return;
}
super.close();
closed = true;
if (!channel.isConnected()) {
throw new IOException(E_CLIENT_NOTCONNECTED);
}
try {
Session session = channel.getSession();
channel.disconnect();
session.disconnect();
} catch (JSchException e) {
throw new IOException(StringUtils.stringifyException(e));
}
}
Aggregations