Search in sources :

Example 1 with ApplicationKey

use of io.bastillion.manage.model.ApplicationKey in project KeyBox by skavanagh.

the class SSHUtil method authAndAddPubKey.

/**
 * distributes authorized keys for host system
 *
 * @param hostSystem      object contains host system information
 * @param passphrase      ssh key passphrase
 * @param password        password to host system if needed
 * @return status of key distribution
 */
public static HostSystem authAndAddPubKey(HostSystem hostSystem, String passphrase, String password) {
    JSch jsch = new JSch();
    Session session = null;
    hostSystem.setStatusCd(HostSystem.SUCCESS_STATUS);
    try {
        ApplicationKey appKey = PrivateKeyDB.getApplicationKey();
        // check to see if passphrase has been provided
        if (passphrase == null || passphrase.trim().equals("")) {
            passphrase = appKey.getPassphrase();
            // check for null inorder to use key without passphrase
            if (passphrase == null) {
                passphrase = "";
            }
        }
        // add private key
        jsch.addIdentity(appKey.getId().toString(), appKey.getPrivateKey().trim().getBytes(), appKey.getPublicKey().getBytes(), passphrase.getBytes());
        // create session
        session = jsch.getSession(hostSystem.getUser(), hostSystem.getHost(), hostSystem.getPort());
        // set password if passed in
        if (password != null && !password.equals("")) {
            session.setPassword(password);
        }
        session.setConfig("StrictHostKeyChecking", "no");
        session.setConfig("PreferredAuthentications", "publickey,keyboard-interactive,password");
        session.setServerAliveInterval(SERVER_ALIVE_INTERVAL);
        session.connect(SESSION_TIMEOUT);
        addPubKey(hostSystem, session, appKey.getPublicKey());
    } catch (JSchException | SQLException | GeneralSecurityException ex) {
        log.info(ex.toString(), ex);
        hostSystem.setErrorMsg(ex.getMessage());
        if (ex.getMessage().toLowerCase().contains("userauth fail")) {
            hostSystem.setStatusCd(HostSystem.PUBLIC_KEY_FAIL_STATUS);
        } else if (ex.getMessage().toLowerCase().contains("auth fail") || ex.getMessage().toLowerCase().contains("auth cancel")) {
            hostSystem.setStatusCd(HostSystem.AUTH_FAIL_STATUS);
        } else if (ex.getMessage().toLowerCase().contains("unknownhostexception")) {
            hostSystem.setErrorMsg("DNS Lookup Failed");
            hostSystem.setStatusCd(HostSystem.HOST_FAIL_STATUS);
        } else {
            hostSystem.setStatusCd(HostSystem.GENERIC_FAIL_STATUS);
        }
    }
    if (session != null) {
        session.disconnect();
    }
    return hostSystem;
}
Also used : JSchException(com.jcraft.jsch.JSchException) ApplicationKey(io.bastillion.manage.model.ApplicationKey) SQLException(java.sql.SQLException) GeneralSecurityException(java.security.GeneralSecurityException) JSch(com.jcraft.jsch.JSch) SchSession(io.bastillion.manage.model.SchSession) Session(com.jcraft.jsch.Session)

Example 2 with ApplicationKey

use of io.bastillion.manage.model.ApplicationKey in project KeyBox by skavanagh.

the class PrivateKeyDB method getApplicationKey.

/**
 * returns public private key for application
 *
 * @return app key values
 */
public static ApplicationKey getApplicationKey() throws SQLException, GeneralSecurityException {
    ApplicationKey appKey = null;
    Connection con = DBUtils.getConn();
    PreparedStatement stmt = con.prepareStatement("select * from  application_key");
    ResultSet rs = stmt.executeQuery();
    while (rs.next()) {
        appKey = new ApplicationKey();
        appKey.setId(rs.getLong("id"));
        appKey.setPassphrase(EncryptionUtil.decrypt(rs.getString("passphrase")));
        appKey.setPrivateKey(EncryptionUtil.decrypt(rs.getString("private_key")));
        appKey.setPublicKey(rs.getString("public_key"));
    }
    DBUtils.closeRs(rs);
    DBUtils.closeStmt(stmt);
    DBUtils.closeConn(con);
    return appKey;
}
Also used : ApplicationKey(io.bastillion.manage.model.ApplicationKey) Connection(java.sql.Connection) ResultSet(java.sql.ResultSet) PreparedStatement(java.sql.PreparedStatement)

Example 3 with ApplicationKey

use of io.bastillion.manage.model.ApplicationKey in project KeyBox by skavanagh.

the class SSHUtil method openSSHTermOnSystem.

/**
 * open new ssh session on host system
 *
 * @param passphrase     key passphrase for instance
 * @param password       password for instance
 * @param userId         user id
 * @param sessionId      session id
 * @param hostSystem     host system
 * @param userSessionMap user session map
 * @return status of systems
 */
public static HostSystem openSSHTermOnSystem(String passphrase, String password, Long userId, Long sessionId, HostSystem hostSystem, Map<Long, UserSchSessions> userSessionMap) throws SQLException, GeneralSecurityException {
    JSch jsch = new JSch();
    int instanceId = getNextInstanceId(sessionId, userSessionMap);
    hostSystem.setStatusCd(HostSystem.SUCCESS_STATUS);
    hostSystem.setInstanceId(instanceId);
    SchSession schSession = null;
    try {
        ApplicationKey appKey = PrivateKeyDB.getApplicationKey();
        // check to see if passphrase has been provided
        if (passphrase == null || passphrase.trim().equals("")) {
            passphrase = appKey.getPassphrase();
            // check for null inorder to use key without passphrase
            if (passphrase == null) {
                passphrase = "";
            }
        }
        // add private key
        jsch.addIdentity(appKey.getId().toString(), appKey.getPrivateKey().trim().getBytes(), appKey.getPublicKey().getBytes(), passphrase.getBytes());
        // create session
        Session session = jsch.getSession(hostSystem.getUser(), hostSystem.getHost(), hostSystem.getPort());
        // set password if it exists
        if (password != null && !password.trim().equals("")) {
            session.setPassword(password);
        }
        session.setConfig("StrictHostKeyChecking", "no");
        session.setConfig("PreferredAuthentications", "publickey,keyboard-interactive,password");
        session.setServerAliveInterval(SERVER_ALIVE_INTERVAL);
        session.connect(SESSION_TIMEOUT);
        Channel channel = session.openChannel("shell");
        if ("true".equals(AppConfig.getProperty("agentForwarding"))) {
            ((ChannelShell) channel).setAgentForwarding(true);
        }
        ((ChannelShell) channel).setPtyType("xterm");
        InputStream outFromChannel = channel.getInputStream();
        // new session output
        SessionOutput sessionOutput = new SessionOutput(sessionId, hostSystem);
        Runnable run = new SecureShellTask(sessionOutput, outFromChannel);
        Thread thread = new Thread(run);
        thread.start();
        OutputStream inputToChannel = channel.getOutputStream();
        PrintStream commander = new PrintStream(inputToChannel, true);
        channel.connect();
        schSession = new SchSession();
        schSession.setUserId(userId);
        schSession.setSession(session);
        schSession.setChannel(channel);
        schSession.setCommander(commander);
        schSession.setInputToChannel(inputToChannel);
        schSession.setOutFromChannel(outFromChannel);
        schSession.setHostSystem(hostSystem);
        // refresh keys for session
        addPubKey(hostSystem, session, appKey.getPublicKey());
    } catch (JSchException | IOException | GeneralSecurityException ex) {
        log.info(ex.toString(), ex);
        hostSystem.setErrorMsg(ex.getMessage());
        if (ex.getMessage().toLowerCase().contains("userauth fail")) {
            hostSystem.setStatusCd(HostSystem.PUBLIC_KEY_FAIL_STATUS);
        } else if (ex.getMessage().toLowerCase().contains("auth fail") || ex.getMessage().toLowerCase().contains("auth cancel")) {
            hostSystem.setStatusCd(HostSystem.AUTH_FAIL_STATUS);
        } else if (ex.getMessage().toLowerCase().contains("unknownhostexception")) {
            hostSystem.setErrorMsg("DNS Lookup Failed");
            hostSystem.setStatusCd(HostSystem.HOST_FAIL_STATUS);
        } else {
            hostSystem.setStatusCd(HostSystem.GENERIC_FAIL_STATUS);
        }
    }
    // add session to map
    if (hostSystem.getStatusCd().equals(HostSystem.SUCCESS_STATUS)) {
        // get the server maps for user
        UserSchSessions userSchSessions = userSessionMap.get(sessionId);
        // if no user session create a new one
        if (userSchSessions == null) {
            userSchSessions = new UserSchSessions();
        }
        Map<Integer, SchSession> schSessionMap = userSchSessions.getSchSessionMap();
        // add server information
        schSessionMap.put(instanceId, schSession);
        userSchSessions.setSchSessionMap(schSessionMap);
        // add back to map
        userSessionMap.put(sessionId, userSchSessions);
    }
    SystemStatusDB.updateSystemStatus(hostSystem, userId);
    SystemDB.updateSystem(hostSystem);
    return hostSystem;
}
Also used : JSchException(com.jcraft.jsch.JSchException) ApplicationKey(io.bastillion.manage.model.ApplicationKey) PrintStream(java.io.PrintStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) Channel(com.jcraft.jsch.Channel) OutputStream(java.io.OutputStream) GeneralSecurityException(java.security.GeneralSecurityException) ChannelShell(com.jcraft.jsch.ChannelShell) SecureShellTask(io.bastillion.manage.task.SecureShellTask) IOException(java.io.IOException) JSch(com.jcraft.jsch.JSch) SessionOutput(io.bastillion.manage.model.SessionOutput) SchSession(io.bastillion.manage.model.SchSession) UserSchSessions(io.bastillion.manage.model.UserSchSessions) SchSession(io.bastillion.manage.model.SchSession) Session(com.jcraft.jsch.Session)

Aggregations

ApplicationKey (io.bastillion.manage.model.ApplicationKey)3 JSch (com.jcraft.jsch.JSch)2 JSchException (com.jcraft.jsch.JSchException)2 Session (com.jcraft.jsch.Session)2 SchSession (io.bastillion.manage.model.SchSession)2 GeneralSecurityException (java.security.GeneralSecurityException)2 Channel (com.jcraft.jsch.Channel)1 ChannelShell (com.jcraft.jsch.ChannelShell)1 SessionOutput (io.bastillion.manage.model.SessionOutput)1 UserSchSessions (io.bastillion.manage.model.UserSchSessions)1 SecureShellTask (io.bastillion.manage.task.SecureShellTask)1 FileInputStream (java.io.FileInputStream)1 IOException (java.io.IOException)1 InputStream (java.io.InputStream)1 OutputStream (java.io.OutputStream)1 PrintStream (java.io.PrintStream)1 Connection (java.sql.Connection)1 PreparedStatement (java.sql.PreparedStatement)1 ResultSet (java.sql.ResultSet)1 SQLException (java.sql.SQLException)1