Search in sources :

Example 1 with AbstractGeneratorHostKeyProvider

use of org.apache.sshd.server.keyprovider.AbstractGeneratorHostKeyProvider in project karaf by apache.

the class Activator method createSshServer.

protected SshServer createSshServer(SessionFactory sessionFactory) {
    int sshPort = getInt("sshPort", 8181);
    String sshHost = getString("sshHost", "0.0.0.0");
    long sshIdleTimeout = getLong("sshIdleTimeout", 1800000);
    int nioWorkers = getInt("nio-workers", 2);
    String sshRealm = getString("sshRealm", "karaf");
    String hostKey = getString("hostKey", System.getProperty("karaf.etc") + "/host.key");
    String hostKeyFormat = getString("hostKeyFormat", "simple");
    String[] authMethods = getStringArray("authMethods", "keyboard-interactive,password,publickey");
    int keySize = getInt("keySize", 4096);
    String algorithm = getString("algorithm", "RSA");
    String[] macs = getStringArray("macs", "hmac-sha2-512,hmac-sha2-256,hmac-sha1");
    String[] ciphers = getStringArray("ciphers", "aes128-ctr,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc");
    String[] kexAlgorithms = getStringArray("kexAlgorithms", "diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1");
    String welcomeBanner = getString("welcomeBanner", null);
    String moduliUrl = getString("moduli-url", null);
    AbstractGeneratorHostKeyProvider keyPairProvider;
    if ("simple".equalsIgnoreCase(hostKeyFormat)) {
        keyPairProvider = new SimpleGeneratorHostKeyProvider();
    } else if ("PEM".equalsIgnoreCase(hostKeyFormat)) {
        keyPairProvider = new OpenSSHGeneratorFileKeyProvider();
    } else {
        LOGGER.error("Invalid host key format " + hostKeyFormat);
        return null;
    }
    keyPairProvider.setPath(Paths.get(hostKey));
    if (new File(hostKey).exists()) {
        // do not trash key file if there's something wrong with it.
        keyPairProvider.setOverwriteAllowed(false);
    } else {
        keyPairProvider.setKeySize(keySize);
        keyPairProvider.setAlgorithm(algorithm);
    }
    KarafJaasAuthenticator authenticator = new KarafJaasAuthenticator(sshRealm);
    UserAuthFactoriesFactory authFactoriesFactory = new UserAuthFactoriesFactory();
    authFactoriesFactory.setAuthMethods(authMethods);
    SshServer server = SshServer.setUpDefaultServer();
    server.setPort(sshPort);
    server.setHost(sshHost);
    server.setMacFactories(SshUtils.buildMacs(macs));
    server.setCipherFactories(SshUtils.buildCiphers(ciphers));
    server.setKeyExchangeFactories(SshUtils.buildKexAlgorithms(kexAlgorithms));
    server.setShellFactory(new ShellFactoryImpl(sessionFactory));
    server.setCommandFactory(new ScpCommandFactory.Builder().withDelegate(cmd -> new ShellCommand(sessionFactory, cmd)).build());
    server.setSubsystemFactories(Collections.singletonList(new SftpSubsystemFactory()));
    server.setKeyPairProvider(keyPairProvider);
    server.setPasswordAuthenticator(authenticator);
    server.setPublickeyAuthenticator(authenticator);
    server.setFileSystemFactory(new VirtualFileSystemFactory(Paths.get(System.getProperty("karaf.base"))));
    server.setUserAuthFactories(authFactoriesFactory.getFactories());
    server.setAgentFactory(KarafAgentFactory.getInstance());
    server.setTcpipForwardingFilter(AcceptAllForwardingFilter.INSTANCE);
    server.getProperties().put(SshServer.IDLE_TIMEOUT, Long.toString(sshIdleTimeout));
    server.getProperties().put(SshServer.NIO_WORKERS, Integer.toString(nioWorkers));
    if (moduliUrl != null) {
        server.getProperties().put(SshServer.MODULI_URL, moduliUrl);
    }
    if (welcomeBanner != null) {
        server.getProperties().put(SshServer.WELCOME_BANNER, welcomeBanner);
    }
    return server;
}
Also used : SimpleGeneratorHostKeyProvider(org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider) VirtualFileSystemFactory(org.apache.sshd.common.file.virtualfs.VirtualFileSystemFactory) SshServer(org.apache.sshd.server.SshServer) ScpCommandFactory(org.apache.sshd.server.scp.ScpCommandFactory) SftpSubsystemFactory(org.apache.sshd.server.subsystem.sftp.SftpSubsystemFactory) AbstractGeneratorHostKeyProvider(org.apache.sshd.server.keyprovider.AbstractGeneratorHostKeyProvider) File(java.io.File)

Aggregations

File (java.io.File)1 VirtualFileSystemFactory (org.apache.sshd.common.file.virtualfs.VirtualFileSystemFactory)1 SshServer (org.apache.sshd.server.SshServer)1 AbstractGeneratorHostKeyProvider (org.apache.sshd.server.keyprovider.AbstractGeneratorHostKeyProvider)1 SimpleGeneratorHostKeyProvider (org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider)1 ScpCommandFactory (org.apache.sshd.server.scp.ScpCommandFactory)1 SftpSubsystemFactory (org.apache.sshd.server.subsystem.sftp.SftpSubsystemFactory)1