use of org.apache.sshd.common.keyprovider.FileKeyPairProvider in project camel by apache.
the class SftpServerTestSupport method setUpServer.
protected void setUpServer() throws Exception {
canTest = true;
try {
sshd = SshServer.setUpDefaultServer();
sshd.setPort(getPort());
sshd.setKeyPairProvider(new FileKeyPairProvider(new String[] { "src/test/resources/hostkey.pem" }));
sshd.setSubsystemFactories(Arrays.<NamedFactory<Command>>asList(new SftpSubsystem.Factory()));
sshd.setCommandFactory(new ScpCommandFactory());
sshd.setPasswordAuthenticator(new MyPasswordAuthenticator());
PublickeyAuthenticator publickeyAuthenticator = new PublickeyAuthenticator() {
// consider all keys as authorized for all users
@Override
public boolean authenticate(String username, PublicKey key, ServerSession session) {
return true;
}
};
sshd.setPublickeyAuthenticator(publickeyAuthenticator);
sshd.start();
} catch (Exception e) {
// ignore if algorithm is not on the OS
NoSuchAlgorithmException nsae = ObjectHelper.getException(NoSuchAlgorithmException.class, e);
if (nsae != null) {
canTest = false;
String name = System.getProperty("os.name");
String message = nsae.getMessage();
log.warn("SunX509 is not avail on this platform [{}] Testing is skipped! Real cause: {}", name, message);
} else {
// some other error then throw it so the test can fail
throw e;
}
}
}
use of org.apache.sshd.common.keyprovider.FileKeyPairProvider in project camel by apache.
the class SshComponentSecurityTest method createRouteBuilder.
@Override
protected RouteBuilder createRouteBuilder() throws Exception {
return new RouteBuilder() {
@Override
public void configure() {
onException(Exception.class).handled(true).to("mock:error");
SshComponent sshComponent = new SshComponent();
sshComponent.setHost("localhost");
sshComponent.setPort(port);
sshComponent.setUsername("smx");
sshComponent.setKeyPairProvider(new FileKeyPairProvider(new String[] { "src/test/resources/hostkey.pem" }));
sshComponent.setKeyType(KeyPairProvider.SSH_RSA);
getContext().addComponent("ssh-rsa", sshComponent);
from("direct:ssh-rsa").to("ssh-rsa:test").to("mock:rsa");
from("direct:ssh-rsaFile").to("ssh://smx@localhost:" + port + "?certResource=file:src/test/resources/hostkey.pem").to("mock:rsaFile");
}
};
}
use of org.apache.sshd.common.keyprovider.FileKeyPairProvider in project karaf by apache.
the class Main method main.
public static void main(String[] args) throws Exception {
ClientConfig config = new ClientConfig(args);
SimpleLogger.setLevel(config.getLevel());
if (config.getFile() != null) {
StringBuilder sb = new StringBuilder();
sb.setLength(0);
try (Reader reader = new BufferedReader(new InputStreamReader(new FileInputStream(config.getFile())))) {
for (int c = reader.read(); c >= 0; c = reader.read()) {
sb.append((char) c);
}
}
config.setCommand(sb.toString());
} else if (config.isBatch()) {
StringBuilder sb = new StringBuilder();
sb.setLength(0);
Reader reader = new BufferedReader(new InputStreamReader(System.in));
for (int c = reader.read(); c >= 0; c = reader.read()) {
sb.append((char) c);
}
config.setCommand(sb.toString());
}
try (SshClient client = ClientBuilder.builder().build()) {
FilePasswordProvider passwordProvider = null;
final Console console = System.console();
if (console != null) {
passwordProvider = resourceKey -> {
char[] pwd = console.readPassword("Enter password for " + resourceKey + ": ");
return new String(pwd);
};
client.setFilePasswordProvider(passwordProvider);
client.setUserInteraction(new UserInteraction() {
@Override
public void welcome(ClientSession s, String banner, String lang) {
System.out.println(banner);
}
@Override
public String[] interactive(ClientSession s, String name, String instruction, String lang, String[] prompt, boolean[] echo) {
String[] answers = new String[prompt.length];
try {
for (int i = 0; i < prompt.length; i++) {
if (echo[i]) {
answers[i] = console.readLine(prompt[i] + " ");
} else {
answers[i] = new String(console.readPassword(prompt[i] + " "));
}
if (answers[i] == null) {
return null;
}
}
return answers;
} catch (IOError e) {
return null;
}
}
@Override
public boolean isInteractionAllowed(ClientSession session) {
return true;
}
@Override
public void serverVersionInfo(ClientSession session, List<String> lines) {
}
@Override
public String getUpdatedPassword(ClientSession session, String prompt, String lang) {
return null;
}
});
}
setupAgent(config.getUser(), config.getKeyFile(), client, passwordProvider);
client.getProperties().put(FactoryManager.IDLE_TIMEOUT, String.valueOf(config.getIdleTimeout()));
// TODO: remove the line below when SSHD-732 is fixed
client.setKeyPairProvider(new FileKeyPairProvider());
client.start();
if (console != null) {
console.printf("Logging in as %s\n", config.getUser());
}
ClientSession session = connectWithRetries(client, config);
if (config.getPassword() != null) {
session.addPasswordIdentity(config.getPassword());
}
session.auth().verify();
int exitStatus = 0;
try (Terminal terminal = TerminalBuilder.terminal()) {
Attributes attributes = terminal.enterRawMode();
try {
ClientChannel channel;
if (config.getCommand().length() > 0) {
ChannelExec exec = session.createExecChannel(config.getCommand() + "\n");
channel = exec;
channel.setIn(new ByteArrayInputStream(new byte[0]));
exec.setAgentForwarding(true);
} else {
ChannelShell shell = session.createShellChannel();
channel = shell;
channel.setIn(new NoCloseInputStream(terminal.input()));
Map<PtyMode, Integer> modes = new HashMap<>();
// Control chars
modes.put(PtyMode.VINTR, attributes.getControlChar(ControlChar.VINTR));
modes.put(PtyMode.VQUIT, attributes.getControlChar(ControlChar.VQUIT));
modes.put(PtyMode.VERASE, attributes.getControlChar(ControlChar.VERASE));
modes.put(PtyMode.VKILL, attributes.getControlChar(ControlChar.VKILL));
modes.put(PtyMode.VEOF, attributes.getControlChar(ControlChar.VEOF));
modes.put(PtyMode.VEOL, attributes.getControlChar(ControlChar.VEOL));
modes.put(PtyMode.VEOL2, attributes.getControlChar(ControlChar.VEOL2));
modes.put(PtyMode.VSTART, attributes.getControlChar(ControlChar.VSTART));
modes.put(PtyMode.VSTOP, attributes.getControlChar(ControlChar.VSTOP));
modes.put(PtyMode.VSUSP, attributes.getControlChar(ControlChar.VSUSP));
modes.put(PtyMode.VDSUSP, attributes.getControlChar(ControlChar.VDSUSP));
modes.put(PtyMode.VREPRINT, attributes.getControlChar(ControlChar.VREPRINT));
modes.put(PtyMode.VWERASE, attributes.getControlChar(ControlChar.VWERASE));
modes.put(PtyMode.VLNEXT, attributes.getControlChar(ControlChar.VLNEXT));
modes.put(PtyMode.VSTATUS, attributes.getControlChar(ControlChar.VSTATUS));
modes.put(PtyMode.VDISCARD, attributes.getControlChar(ControlChar.VDISCARD));
// Input flags
modes.put(PtyMode.IGNPAR, getFlag(attributes, InputFlag.IGNPAR));
modes.put(PtyMode.PARMRK, getFlag(attributes, InputFlag.PARMRK));
modes.put(PtyMode.INPCK, getFlag(attributes, InputFlag.INPCK));
modes.put(PtyMode.ISTRIP, getFlag(attributes, InputFlag.ISTRIP));
modes.put(PtyMode.INLCR, getFlag(attributes, InputFlag.INLCR));
modes.put(PtyMode.IGNCR, getFlag(attributes, InputFlag.IGNCR));
modes.put(PtyMode.ICRNL, getFlag(attributes, InputFlag.ICRNL));
modes.put(PtyMode.IXON, getFlag(attributes, InputFlag.IXON));
modes.put(PtyMode.IXANY, getFlag(attributes, InputFlag.IXANY));
modes.put(PtyMode.IXOFF, getFlag(attributes, InputFlag.IXOFF));
// Local flags
modes.put(PtyMode.ISIG, getFlag(attributes, LocalFlag.ISIG));
modes.put(PtyMode.ICANON, getFlag(attributes, LocalFlag.ICANON));
modes.put(PtyMode.ECHO, getFlag(attributes, LocalFlag.ECHO));
modes.put(PtyMode.ECHOE, getFlag(attributes, LocalFlag.ECHOE));
modes.put(PtyMode.ECHOK, getFlag(attributes, LocalFlag.ECHOK));
modes.put(PtyMode.ECHONL, getFlag(attributes, LocalFlag.ECHONL));
modes.put(PtyMode.NOFLSH, getFlag(attributes, LocalFlag.NOFLSH));
modes.put(PtyMode.TOSTOP, getFlag(attributes, LocalFlag.TOSTOP));
modes.put(PtyMode.IEXTEN, getFlag(attributes, LocalFlag.IEXTEN));
// Output flags
modes.put(PtyMode.OPOST, getFlag(attributes, OutputFlag.OPOST));
modes.put(PtyMode.ONLCR, getFlag(attributes, OutputFlag.ONLCR));
modes.put(PtyMode.OCRNL, getFlag(attributes, OutputFlag.OCRNL));
modes.put(PtyMode.ONOCR, getFlag(attributes, OutputFlag.ONOCR));
modes.put(PtyMode.ONLRET, getFlag(attributes, OutputFlag.ONLRET));
shell.setPtyModes(modes);
shell.setPtyColumns(terminal.getWidth());
shell.setPtyLines(terminal.getHeight());
shell.setAgentForwarding(true);
String ctype = System.getenv("LC_CTYPE");
if (ctype == null) {
ctype = Locale.getDefault().toString() + "." + System.getProperty("input.encoding", Charset.defaultCharset().name());
}
shell.setEnv("LC_CTYPE", ctype);
}
channel.setOut(terminal.output());
channel.setErr(terminal.output());
channel.open().verify();
if (channel instanceof PtyCapableChannelSession) {
registerSignalHandler(terminal, (PtyCapableChannelSession) channel);
}
channel.waitFor(EnumSet.of(ClientChannelEvent.CLOSED), 0);
if (channel.getExitStatus() != null) {
exitStatus = channel.getExitStatus();
}
} finally {
terminal.setAttributes(attributes);
}
}
System.exit(exitStatus);
} catch (Throwable t) {
if (config.getLevel() > SimpleLogger.WARN) {
t.printStackTrace();
} else {
System.err.println(t.getMessage());
}
System.exit(1);
}
}
use of org.apache.sshd.common.keyprovider.FileKeyPairProvider in project karaf by apache.
the class Main method startAgent.
private static SshAgent startAgent(String user, URL privateKeyUrl, String keyFile, FilePasswordProvider passwordProvider) {
InputStream is = null;
try {
SshAgent agent = new AgentImpl();
is = privateKeyUrl.openStream();
ObjectInputStream r = new ObjectInputStream(is);
KeyPair keyPair = (KeyPair) r.readObject();
is.close();
agent.addIdentity(keyPair, user);
if (keyFile != null) {
FileKeyPairProvider fileKeyPairProvider = new FileKeyPairProvider(Paths.get(keyFile));
fileKeyPairProvider.setPasswordFinder(passwordProvider);
for (KeyPair key : fileKeyPairProvider.loadKeys()) {
agent.addIdentity(key, user);
}
}
return agent;
} catch (Throwable e) {
close(is);
System.err.println("Error starting ssh agent for: " + e.getMessage());
return null;
}
}
use of org.apache.sshd.common.keyprovider.FileKeyPairProvider in project karaf by apache.
the class SshAction method execute.
@Override
public Object execute() throws Exception {
if (hostname.indexOf('@') >= 0) {
if (username == null) {
username = hostname.substring(0, hostname.indexOf('@'));
}
hostname = hostname.substring(hostname.indexOf('@') + 1, hostname.length());
}
System.out.println("Connecting to host " + hostname + " on port " + port);
// If not specified, assume the current user name
if (username == null) {
username = (String) this.session.get("USER");
}
// If the username was not configured via cli, then prompt the user for the values
if (username == null) {
log.debug("Prompting user for login");
if (username == null) {
username = session.readLine("Login: ", null);
}
}
SshClient client = SshClient.setUpDefaultClient();
if (this.session.get(SshAgent.SSH_AUTHSOCKET_ENV_NAME) != null) {
client.setAgentFactory(KarafAgentFactory.getInstance());
String agentSocket = this.session.get(SshAgent.SSH_AUTHSOCKET_ENV_NAME).toString();
client.getProperties().put(SshAgent.SSH_AUTHSOCKET_ENV_NAME, agentSocket);
}
KnownHostsManager knownHostsManager = new KnownHostsManager(new File(System.getProperty("user.home"), ".sshkaraf/known_hosts"));
ServerKeyVerifier serverKeyVerifier = new ServerKeyVerifierImpl(knownHostsManager, quiet);
client.setServerKeyVerifier(serverKeyVerifier);
client.setKeyPairProvider(new FileKeyPairProvider());
log.debug("Created client: {}", client);
client.setUserInteraction(new UserInteraction() {
@Override
public void welcome(ClientSession session, String banner, String lang) {
System.out.println(banner);
}
@Override
public String[] interactive(ClientSession s, String name, String instruction, String lang, String[] prompt, boolean[] echo) {
String[] answers = new String[prompt.length];
try {
for (int i = 0; i < prompt.length; i++) {
answers[i] = session.readLine(prompt[i] + " ", echo[i] ? null : '*');
}
} catch (IOException e) {
}
return answers;
}
@Override
public boolean isInteractionAllowed(ClientSession session) {
return true;
}
@Override
public void serverVersionInfo(ClientSession session, List<String> lines) {
}
@Override
public String getUpdatedPassword(ClientSession session, String prompt, String lang) {
return null;
}
});
client.start();
try {
ClientSession sshSession = connectWithRetries(client, username, hostname, port, retries);
Object oldIgnoreInterrupts = this.session.get(Session.IGNORE_INTERRUPTS);
try {
if (password != null) {
sshSession.addPasswordIdentity(password);
}
sshSession.auth().verify();
System.out.println("Connected");
this.session.put(Session.IGNORE_INTERRUPTS, Boolean.TRUE);
StringBuilder sb = new StringBuilder();
if (command != null) {
for (String cmd : command) {
if (sb.length() > 0) {
sb.append(' ');
}
sb.append(cmd);
}
}
if (sb.length() > 0) {
ClientChannel channel = sshSession.createChannel("exec", sb.append("\n").toString());
channel.setIn(new ByteArrayInputStream(new byte[0]));
channel.setOut(new NoCloseOutputStream(System.out));
channel.setErr(new NoCloseOutputStream(System.err));
channel.open().verify();
channel.waitFor(EnumSet.of(ClientChannelEvent.CLOSED), 0);
} else if (session.getTerminal() != null) {
final ChannelShell channel = sshSession.createShellChannel();
final org.jline.terminal.Terminal jlineTerminal = (org.jline.terminal.Terminal) session.get(".jline.terminal");
Attributes attributes = jlineTerminal.enterRawMode();
try {
Map<PtyMode, Integer> modes = new HashMap<>();
// Control chars
modes.put(PtyMode.VINTR, attributes.getControlChar(ControlChar.VINTR));
modes.put(PtyMode.VQUIT, attributes.getControlChar(ControlChar.VQUIT));
modes.put(PtyMode.VERASE, attributes.getControlChar(ControlChar.VERASE));
modes.put(PtyMode.VKILL, attributes.getControlChar(ControlChar.VKILL));
modes.put(PtyMode.VEOF, attributes.getControlChar(ControlChar.VEOF));
modes.put(PtyMode.VEOL, attributes.getControlChar(ControlChar.VEOL));
modes.put(PtyMode.VEOL2, attributes.getControlChar(ControlChar.VEOL2));
modes.put(PtyMode.VSTART, attributes.getControlChar(ControlChar.VSTART));
modes.put(PtyMode.VSTOP, attributes.getControlChar(ControlChar.VSTOP));
modes.put(PtyMode.VSUSP, attributes.getControlChar(ControlChar.VSUSP));
modes.put(PtyMode.VDSUSP, attributes.getControlChar(ControlChar.VDSUSP));
modes.put(PtyMode.VREPRINT, attributes.getControlChar(ControlChar.VREPRINT));
modes.put(PtyMode.VWERASE, attributes.getControlChar(ControlChar.VWERASE));
modes.put(PtyMode.VLNEXT, attributes.getControlChar(ControlChar.VLNEXT));
modes.put(PtyMode.VSTATUS, attributes.getControlChar(ControlChar.VSTATUS));
modes.put(PtyMode.VDISCARD, attributes.getControlChar(ControlChar.VDISCARD));
// Input flags
modes.put(PtyMode.IGNPAR, getFlag(attributes, InputFlag.IGNPAR));
modes.put(PtyMode.PARMRK, getFlag(attributes, InputFlag.PARMRK));
modes.put(PtyMode.INPCK, getFlag(attributes, InputFlag.INPCK));
modes.put(PtyMode.ISTRIP, getFlag(attributes, InputFlag.ISTRIP));
modes.put(PtyMode.INLCR, getFlag(attributes, InputFlag.INLCR));
modes.put(PtyMode.IGNCR, getFlag(attributes, InputFlag.IGNCR));
modes.put(PtyMode.ICRNL, getFlag(attributes, InputFlag.ICRNL));
modes.put(PtyMode.IXON, getFlag(attributes, InputFlag.IXON));
modes.put(PtyMode.IXANY, getFlag(attributes, InputFlag.IXANY));
modes.put(PtyMode.IXOFF, getFlag(attributes, InputFlag.IXOFF));
// Local flags
modes.put(PtyMode.ISIG, getFlag(attributes, LocalFlag.ISIG));
modes.put(PtyMode.ICANON, getFlag(attributes, LocalFlag.ICANON));
modes.put(PtyMode.ECHO, getFlag(attributes, LocalFlag.ECHO));
modes.put(PtyMode.ECHOE, getFlag(attributes, LocalFlag.ECHOE));
modes.put(PtyMode.ECHOK, getFlag(attributes, LocalFlag.ECHOK));
modes.put(PtyMode.ECHONL, getFlag(attributes, LocalFlag.ECHONL));
modes.put(PtyMode.NOFLSH, getFlag(attributes, LocalFlag.NOFLSH));
modes.put(PtyMode.TOSTOP, getFlag(attributes, LocalFlag.TOSTOP));
modes.put(PtyMode.IEXTEN, getFlag(attributes, LocalFlag.IEXTEN));
// Output flags
modes.put(PtyMode.OPOST, getFlag(attributes, OutputFlag.OPOST));
modes.put(PtyMode.ONLCR, getFlag(attributes, OutputFlag.ONLCR));
modes.put(PtyMode.OCRNL, getFlag(attributes, OutputFlag.OCRNL));
modes.put(PtyMode.ONOCR, getFlag(attributes, OutputFlag.ONOCR));
modes.put(PtyMode.ONLRET, getFlag(attributes, OutputFlag.ONLRET));
channel.setPtyModes(modes);
channel.setPtyColumns(getTermWidth());
channel.setPtyLines(getTermHeight());
channel.setAgentForwarding(true);
channel.setEnv("TERM", session.getTerminal().getType());
Object ctype = session.get("LC_CTYPE");
if (ctype != null) {
channel.setEnv("LC_CTYPE", ctype.toString());
}
channel.setIn(new NoCloseInputStream(jlineTerminal.input()));
channel.setOut(new NoCloseOutputStream(jlineTerminal.output()));
channel.setErr(new NoCloseOutputStream(jlineTerminal.output()));
channel.open().verify();
SignalListener signalListener = signal -> {
try {
Size size = jlineTerminal.getSize();
channel.sendWindowChange(size.getColumns(), size.getRows());
} catch (IOException e) {
}
};
session.getTerminal().addSignalListener(signalListener, Signal.WINCH);
try {
channel.waitFor(EnumSet.of(ClientChannelEvent.CLOSED), 0);
} finally {
session.getTerminal().removeSignalListener(signalListener);
}
} finally {
jlineTerminal.setAttributes(attributes);
}
} else {
throw new IllegalStateException("No terminal for interactive ssh session");
}
} finally {
session.put(Session.IGNORE_INTERRUPTS, oldIgnoreInterrupts);
sshSession.close(false);
}
} finally {
client.stop();
}
return null;
}
Aggregations