Class SshServerContext
- All Implemented Interfaces:
com.sshtools.common.ssh.Context
,com.sshtools.common.ssh.ExecutorServiceProvider
-
Field Summary
Fields inherited from class com.sshtools.synergy.ssh.SshContext
byteBufferPool, CIPHER_AES_GCM_128, CIPHER_AES_GCM_256, CIPHER_AES128_CBC, CIPHER_AES128_CTR, CIPHER_AES192_CBC, CIPHER_AES192_CTR, CIPHER_AES256_CBC, CIPHER_AES256_CTR, CIPHER_ARCFOUR, CIPHER_ARCFOUR_128, CIPHER_ARCFOUR_256, CIPHER_BLOWFISH_CBC, CIPHER_TRIPLEDES_CBC, CIPHER_TRIPLEDES_CTR, ciphersCS, ciphersSC, componentManager, COMPRESSION_NONE, COMPRESSION_ZLIB, compressionLevel, compressionsCS, compressionsSC, daemon, executor, extendedIdentificationSanitization, HMAC_MD5, HMAC_MD5_96, HMAC_MD5_ETM, HMAC_RIPEMD160, HMAC_RIPEMD160_ETM, HMAC_SHA1, HMAC_SHA1_96, HMAC_SHA1_ETM, HMAC_SHA256, HMAC_SHA256_96, HMAC_SHA256_ETM, HMAC_SHA512, HMAC_SHA512_96, HMAC_SHA512_ETM, idleAuthenticationTimeoutSeconds, idleConnectionTimeout, keepAliveDataMaxLength, keepAliveInterval, KEX_DIFFIE_HELLMAN_ECDH_NISTP_256, KEX_DIFFIE_HELLMAN_ECDH_NISTP_384, KEX_DIFFIE_HELLMAN_ECDH_NISTP_521, KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1, KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256, KEX_DIFFIE_HELLMAN_GROUP1_SHA1, KEX_DIFFIE_HELLMAN_GROUP14_SHA1, KEX_DIFFIE_HELLMAN_GROUP14_SHA256, KEX_DIFFIE_HELLMAN_GROUP15_SHA512, KEX_DIFFIE_HELLMAN_GROUP16_SHA512, KEX_DIFFIE_HELLMAN_GROUP17_SHA512, KEX_DIFFIE_HELLMAN_GROUP18_SHA512, KEYBOARD_INTERACTIVE_AUTHENTICATION, keyExchanges, killTunnelsOnRemoteForwardingCancel, locale, macCS, macSC, MAX_NUM_BYTES_BEFORE_REKEY, MAX_NUM_PACKETS_BEFORE_REKEY, maxChannels, maxDHGroupExchangeKeySize, maximumPacketLength, maximumSocketsBacklogPerRemotelyForwardedConnection, minDHGroupExchangeKeySize, PASSWORD_AUTHENTICATION, prefCipherCS, prefCipherSC, prefCompressionCS, prefCompressionSC, preferredDHGroupExchangeKeySize, prefKeyExchange, prefMacCS, prefMacSC, prefPublicKey, PUBLIC_KEY_ECDSA_SHA2_NISPTP_256, PUBLIC_KEY_ECDSA_SHA2_NISPTP_384, PUBLIC_KEY_ECDSA_SHA2_NISPTP_521, PUBLIC_KEY_ED25519, PUBLIC_KEY_RSA_SHA256, PUBLIC_KEY_RSA_SHA512, PUBLIC_KEY_SSHDSS, PUBLIC_KEY_SSHRSA, PUBLICKEY_AUTHENTICATION, publicKeys, sendIgnorePacketOnIdle, signatures, socketConnectionFactory, softwareVersionComments
Fields inherited from class com.sshtools.synergy.nio.ProtocolContext
keepAlive, receiveBufferSize, reuseAddress, sendBufferSize, tcpNoDelay
-
Constructor Summary
ConstructorsConstructorDescriptionSshServerContext
(com.sshtools.synergy.nio.SshEngine engine) SshServerContext
(com.sshtools.synergy.nio.SshEngine engine, com.sshtools.common.ssh.components.ComponentManager componentManager) SshServerContext
(com.sshtools.synergy.nio.SshEngine engine, com.sshtools.common.ssh.components.ComponentManager componentManager, com.sshtools.common.ssh.SecurityLevel securityLevel) SshServerContext
(com.sshtools.synergy.nio.SshEngine engine, com.sshtools.common.ssh.SecurityLevel securityLevel) -
Method Summary
Modifier and TypeMethodDescriptionvoid
addGlobalRequestHandler
(com.sshtools.synergy.ssh.GlobalRequestHandler<SshServerContext> handler) void
addHostKey
(com.sshtools.common.ssh.components.SshKeyPair keyPair) Add a host key to the configuration.void
addHostKeys
(Collection<com.sshtools.common.ssh.components.SshKeyPair> keys) Add a collection of host keys.void
addStateListener
(ServerConnectionStateListener stateListener) protected void
Build the key exchanges available in this context.com.sshtools.synergy.nio.ProtocolEngine
createEngine
(com.sshtools.synergy.nio.ConnectRequestFuture connectFuture) static com.sshtools.common.ssh.components.SshKeyPair
generateKey
(String type, int bitLength) Generate a key pair.static com.sshtools.common.ssh.components.SshKeyPair
generateKeyFiles
(File keyFilename, String type, int bitlength, int publicKeyFormat) Generate a public and private key pair, save them to keyFilename and keyFilename.pub, return the key pairvoid
generateTemporaryHostKey
(String algorithm, int bitlength) com.sshtools.common.auth.AuthenticationMechanismFactory<SshServerContext>
Get theAuthenticationMechanismFactory
for this context.com.sshtools.synergy.ssh.ChannelFactory<SshServerContext>
com.sshtools.synergy.ssh.ConnectionManager<SshServerContext>
com.sshtools.synergy.ssh.ForwardingManager<SshServerContext>
com.sshtools.synergy.ssh.GlobalRequestHandler<SshServerContext>
com.sshtools.common.ssh.components.SshKeyPair
getHostKey
(String algorithm) Get the host key for a given algorithm.com.sshtools.common.ssh.components.SshKeyPair[]
Get all the hosts keys.int
Get the maximum group size supported indiffie-hellman-group-exchange
key exchange methods.Get the currently preferred public key algorithm.Returns a comma delimited string containing installed public key types.boolean
hasPublicKey
(String algorithm) Determine if the server has a host key configured.boolean
If a problem occurs, or a connection is denied, for example if maximum connections threshold has been reached, this setting determines if the connection is allowed to proceed through key exchange so that the user is returned a suitable error.boolean
Is the server wanting to control key exchange#setServerControllerKeyExchange()
void
Load a host key from an InputStream.void
loadHostKey
(InputStream in, String passPhrase) Load a host key from an InputStream.com.sshtools.common.ssh.components.SshKeyPair
Load a key pair from a Filecom.sshtools.common.ssh.components.SshKeyPair
loadKey
(InputStream in, String passphrase) Load a key pair from an InputStream.com.sshtools.common.ssh.components.SshKeyPair
loadOrGenerateHostKey
(File key, String type, int bitlength) Load a host key from file, if the file does not exist then generate the key.com.sshtools.common.ssh.components.SshKeyPair
loadOrGenerateHostKey
(File key, String type, int bitlength, int publicKeyFormat, String passPhrase) Load a host key from file, if the file does not exist then generate the key.com.sshtools.common.ssh.components.SshKeyPair
loadOrGenerateHostKey
(File key, String type, int bitlength, String passPhrase) Load a host key from a file, if it does not exist, generate it.void
loadSshCertificate
(com.sshtools.common.ssh.components.SshCertificate cert) void
loadSshCertificate
(File keyFile, String passphrase, File certFile) This method loads an OpenSSH certificate file for use as a host key.void
setAuthenicationMechanismFactory
(com.sshtools.common.auth.AuthenticationMechanismFactory<SshServerContext> authFactory) Set theAuthenticationMechanismFactory
for this context.void
setChannelFactory
(com.sshtools.synergy.ssh.ChannelFactory<SshServerContext> channelFactory) void
setConnectionManager
(com.sshtools.synergy.ssh.ConnectionManager<SshServerContext> connectionManager) void
setEnsureGracefulDisconnect
(boolean ensureGracefulDisconnect) If a problem occurs, or a connection is denied, for example if maximum connections threshold has been reached, this setting determines if the connection is allowed to proceed through key exchange so that the user is returned a suitable error.void
setForceServerPreferences
(boolean serverControlledKeyExchange) Whentrue
the server will delay it's key exchange initialisation until it has received the client's initialisation packet.void
setForwardingManager
(com.sshtools.synergy.ssh.ForwardingManager<SshServerContext> forwardingManager) void
setMaxDHGroupExchangeSize
(int maxDHGroupSize) Set the maximum group size supported indiffie-hellman-group-exchange
key exchange methods.void
setPreferredPublicKey
(String name) Set the preferred public key algorithm.Methods inherited from class com.sshtools.synergy.ssh.SshContext
addOperationListener, enableFIPSMode, getByteBufferPool, getChannelLimit, getCiphersCS, getCiphersSC, getComponentManager, getCompressionLevel, getDaemonContext, getEngine, getExecutorListeners, getExecutorService, getForwardingPolicy, getHttpRedirectUrl, getIdleAuthenticationTimeoutSeconds, getIdleConnectionTimeoutSeconds, getKeepAliveDataMaxLength, getKeepAliveInterval, getKeyExchangePacketLimit, getKeyExchanges, getKeyExchangeTransferLimit, getLocale, getMacsCS, getMacsSC, getMaximumPacketLength, getMaximumSocketsBacklogPerRemotelyForwardedConnection, getMinDHGroupExchangeKeySize, getPolicy, getPolicy, getPreferredCipherCS, getPreferredCipherSC, getPreferredCompressionCS, getPreferredCompressionSC, getPreferredDHGroupExchangeKeySize, getPreferredKeyExchange, getPreferredMacCS, getPreferredMacSC, getPublicKeys, getRemoteForwardingCancelKillsTunnels, getSocketConnectionFactory, getSoftwareVersionComments, getSupportedSignatures, hasPolicy, init, isExtendedIdentificationSanitization, isHttpRedirect, isSendIgnorePacketOnIdle, isSHA1SignaturesSupported, listPublicKeys, removeOperationListener, setChannelLimit, setCipherPreferredPositionCS, setCipherPreferredPositionSC, setCompressionLevel, setExtendedIdentificationSanitization, setHttpRedirect, setHttpRedirectUrl, setIdleAuthenticationTimeoutSeconds, setIdleConnectionTimeoutSeconds, setKeepAliveDataMaxLength, setKeepAliveInterval, setKeyExchangePacketLimit, setKeyExchangePreferredPosition, setKeyExchangeTransferLimit, setLocale, setMacPreferredPositionCS, setMacPreferredPositionSC, setMaxDHGroupExchangeKeySize, setMaximumPacketLength, setMaximumSocketsBacklogPerRemotelyForwardedConnection, setMinDHGroupExchangeKeySize, setPolicy, setPreferredCipherCS, setPreferredCipherCS, setPreferredCipherCS, setPreferredCipherSC, setPreferredCipherSC, setPreferredCipherSC, setPreferredCompressionCS, setPreferredCompressionSC, setPreferredDHGroupExchangeKeySize, setPreferredKeyExchange, setPreferredKeyExchange, setPreferredMacCS, setPreferredMacCS, setPreferredMacCS, setPreferredMacSC, setPreferredMacSC, setPreferredMacSC, setPublicKeyPreferredPosition, setRemoteForwardingCancelKillsTunnels, setSendIgnorePacketOnIdle, setSHA1SignaturesSupported, setSocketConnectionFactory, setSoftwareVersionComments, shutdown, supportedCiphersCS, supportedCiphersSC, supportedCompressionsCS, supportedCompressionsSC, supportedKeyExchanges, supportedMacsCS, supportedMacsSC, supportedPublicKeys
Methods inherited from class com.sshtools.synergy.nio.ProtocolContext
enableHTTPProxy, enableHTTPProxy, enableHTTPProxy, enableHTTPProxy, enableSocks4Proxy, enableSocks5Proxy, getOptionalHeaders, getProxyHostname, getProxyPassword, getProxyPort, getProxyType, getProxyUsername, getReceiveBufferSize, getSendBufferSize, getSocketOptionKeepAlive, getSocketOptionReuseAddress, getSocketOptionTcpNoDelay, getUserAgent, isProxyEnabled, isResolveLocally, setReceiveBufferSize, setSendBufferSize, setSocketOptionKeepAlive, setSocketOptionReuseAddress, setSocketOptionTcpNoDelay
-
Constructor Details
-
SshServerContext
public SshServerContext(com.sshtools.synergy.nio.SshEngine engine) throws IOException, com.sshtools.common.ssh.SshException - Throws:
IOException
com.sshtools.common.ssh.SshException
-
SshServerContext
public SshServerContext(com.sshtools.synergy.nio.SshEngine engine, com.sshtools.common.ssh.components.ComponentManager componentManager) throws IOException, com.sshtools.common.ssh.SshException - Throws:
IOException
com.sshtools.common.ssh.SshException
-
SshServerContext
public SshServerContext(com.sshtools.synergy.nio.SshEngine engine, com.sshtools.common.ssh.components.ComponentManager componentManager, com.sshtools.common.ssh.SecurityLevel securityLevel) throws IOException, com.sshtools.common.ssh.SshException - Throws:
IOException
com.sshtools.common.ssh.SshException
-
SshServerContext
public SshServerContext(com.sshtools.synergy.nio.SshEngine engine, com.sshtools.common.ssh.SecurityLevel securityLevel) throws IOException, com.sshtools.common.ssh.SshException - Throws:
IOException
com.sshtools.common.ssh.SshException
-
-
Method Details
-
getConnectionManager
- Specified by:
getConnectionManager
in classcom.sshtools.synergy.ssh.SshContext
-
setConnectionManager
public void setConnectionManager(com.sshtools.synergy.ssh.ConnectionManager<SshServerContext> connectionManager) -
createEngine
public com.sshtools.synergy.nio.ProtocolEngine createEngine(com.sshtools.synergy.nio.ConnectRequestFuture connectFuture) throws IOException - Specified by:
createEngine
in classcom.sshtools.synergy.ssh.SshContext
- Throws:
IOException
-
addStateListener
-
getStateListeners
-
addGlobalRequestHandler
public void addGlobalRequestHandler(com.sshtools.synergy.ssh.GlobalRequestHandler<SshServerContext> handler) -
getGlobalRequestHandler
public com.sshtools.synergy.ssh.GlobalRequestHandler<SshServerContext> getGlobalRequestHandler(String name) - Specified by:
getGlobalRequestHandler
in classcom.sshtools.synergy.ssh.SshContext
-
getPreferredPublicKey
Get the currently preferred public key algorithm.- Specified by:
getPreferredPublicKey
in classcom.sshtools.synergy.ssh.SshContext
- Returns:
- the preferred public key
-
getSupportedPublicKeys
Returns a comma delimited string containing installed public key types.- Specified by:
getSupportedPublicKeys
in classcom.sshtools.synergy.ssh.SshContext
- Returns:
- String
-
setPreferredPublicKey
public void setPreferredPublicKey(String name) throws IOException, com.sshtools.common.ssh.SshException Set the preferred public key algorithm.
This value must be one of the installed public key algorithm names. You will be able to obtain these from the public keys that you installed using ?????? and an example of how to do this is provided in the
ConfigurationContext#addHostKey(SshKeyPair)
method description.- Parameters:
name
-- Throws:
IOException
com.sshtools.common.ssh.SshException
-
getHostKeys
public com.sshtools.common.ssh.components.SshKeyPair[] getHostKeys()Get all the hosts keys.- Returns:
- SshPublicKey[]
-
getHostKey
public com.sshtools.common.ssh.components.SshKeyPair getHostKey(String algorithm) throws IOException Get the host key for a given algorithm.- Parameters:
algorithm
-- Returns:
- SshKeyPair
- Throws:
IOException
-
addHostKey
Add a host key to the configuration.
A host key provides a mechanism for a client to authenticate the server. If the client knows the public key of the server it can validate the signature that the server generated using its private key with the known public key of the server. In order for your server to operate you need to generate and install at least one host key.
It is now recommended to use the
SshDaemon#loadOrGenerateHostKey(File, String, int, ConfigurationContext)
method for generating and loading a host key.- Parameters:
keyPair
-- Throws:
IOException
-
addHostKeys
public void addHostKeys(Collection<com.sshtools.common.ssh.components.SshKeyPair> keys) throws IOException Add a collection of host keys.- Parameters:
keys
-- Throws:
IOException
-
generateTemporaryHostKey
public void generateTemporaryHostKey(String algorithm, int bitlength) throws IOException, com.sshtools.common.ssh.SshException - Throws:
IOException
com.sshtools.common.ssh.SshException
-
getChannelFactory
- Specified by:
getChannelFactory
in classcom.sshtools.synergy.ssh.SshContext
-
setChannelFactory
public void setChannelFactory(com.sshtools.synergy.ssh.ChannelFactory<SshServerContext> channelFactory) -
getForwardingManager
- Specified by:
getForwardingManager
in classcom.sshtools.synergy.ssh.SshContext
-
setForwardingManager
public void setForwardingManager(com.sshtools.synergy.ssh.ForwardingManager<SshServerContext> forwardingManager) -
hasPublicKey
Determine if the server has a host key configured.- Parameters:
algorithm
-- Returns:
- boolean
-
loadOrGenerateHostKey
public com.sshtools.common.ssh.components.SshKeyPair loadOrGenerateHostKey(File key, String type, int bitlength) throws IOException, com.sshtools.common.publickey.InvalidPassphraseException, com.sshtools.common.ssh.SshException Load a host key from file, if the file does not exist then generate the key.- Parameters:
key
-type
-bitlength
-- Returns:
- Throws:
IOException
com.sshtools.common.publickey.InvalidPassphraseException
com.sshtools.common.ssh.SshException
-
loadOrGenerateHostKey
public com.sshtools.common.ssh.components.SshKeyPair loadOrGenerateHostKey(File key, String type, int bitlength, String passPhrase) throws IOException, com.sshtools.common.publickey.InvalidPassphraseException, com.sshtools.common.ssh.SshException Load a host key from a file, if it does not exist, generate it.- Parameters:
key
-type
-bitlength
-passPhrase
-- Returns:
- Throws:
IOException
com.sshtools.common.publickey.InvalidPassphraseException
com.sshtools.common.ssh.SshException
-
loadHostKey
public void loadHostKey(InputStream in) throws IOException, com.sshtools.common.publickey.InvalidPassphraseException, com.sshtools.common.ssh.SshException Load a host key from an InputStream.- Parameters:
in
-type
-bitlength
-- Throws:
IOException
com.sshtools.common.publickey.InvalidPassphraseException
com.sshtools.common.ssh.SshException
-
loadOrGenerateHostKey
public com.sshtools.common.ssh.components.SshKeyPair loadOrGenerateHostKey(File key, String type, int bitlength, int publicKeyFormat, String passPhrase) throws IOException, com.sshtools.common.publickey.InvalidPassphraseException, com.sshtools.common.ssh.SshException Load a host key from file, if the file does not exist then generate the key.- Parameters:
key
-type
-bitlength
-publicKeyFormat
-passPhrase
-- Returns:
- Throws:
IOException
com.sshtools.common.publickey.InvalidPassphraseException
com.sshtools.common.ssh.SshException
-
loadHostKey
public void loadHostKey(InputStream in, String passPhrase) throws IOException, com.sshtools.common.publickey.InvalidPassphraseException, com.sshtools.common.ssh.SshException Load a host key from an InputStream.- Parameters:
in
-type
-bitlength
-privateKeyFormat
-publicKeyFormat
-passPhrase
-- Throws:
IOException
com.sshtools.common.publickey.InvalidPassphraseException
com.sshtools.common.ssh.SshException
-
loadKey
public com.sshtools.common.ssh.components.SshKeyPair loadKey(File key, String passphrase) throws IOException, com.sshtools.common.publickey.InvalidPassphraseException Load a key pair from a File- Parameters:
key
-passphrase
-- Returns:
- Throws:
IOException
com.sshtools.common.publickey.InvalidPassphraseException
-
loadKey
public com.sshtools.common.ssh.components.SshKeyPair loadKey(InputStream in, String passphrase) throws IOException, com.sshtools.common.publickey.InvalidPassphraseException Load a key pair from an InputStream.- Parameters:
in
-passphrase
-- Returns:
- Throws:
IOException
com.sshtools.common.publickey.InvalidPassphraseException
-
generateKeyFiles
public static com.sshtools.common.ssh.components.SshKeyPair generateKeyFiles(File keyFilename, String type, int bitlength, int publicKeyFormat) throws IOException, com.sshtools.common.ssh.SshException Generate a public and private key pair, save them to keyFilename and keyFilename.pub, return the key pair- Parameters:
keyFilename
-type
-bitlength
-privateKeyFormat
-publicKeyFormat
-- Returns:
- SshKeyPair generated.
- Throws:
IOException
com.sshtools.common.ssh.SshException
-
generateKey
public static com.sshtools.common.ssh.components.SshKeyPair generateKey(String type, int bitLength) throws IOException, com.sshtools.common.ssh.SshException Generate a key pair.- Parameters:
type
-bitLength
-- Returns:
- Throws:
IOException
com.sshtools.common.ssh.SshException
-
loadSshCertificate
public void loadSshCertificate(File keyFile, String passphrase, File certFile) throws IOException, com.sshtools.common.publickey.InvalidPassphraseException This method loads an OpenSSH certificate file for use as a host key.- Parameters:
keyFile
-passphrase
-certFile
-- Throws:
IOException
com.sshtools.common.publickey.InvalidPassphraseException
-
loadSshCertificate
public void loadSshCertificate(com.sshtools.common.ssh.components.SshCertificate cert) throws IOException, com.sshtools.common.publickey.InvalidPassphraseException - Throws:
IOException
com.sshtools.common.publickey.InvalidPassphraseException
-
setAuthenicationMechanismFactory
public void setAuthenicationMechanismFactory(com.sshtools.common.auth.AuthenticationMechanismFactory<SshServerContext> authFactory) Set theAuthenticationMechanismFactory
for this context.- Parameters:
authFactory
-
-
getAuthenticationMechanismFactory
public com.sshtools.common.auth.AuthenticationMechanismFactory<SshServerContext> getAuthenticationMechanismFactory()Get theAuthenticationMechanismFactory
for this context.- Returns:
-
isEnsureGracefulDisconnect
public boolean isEnsureGracefulDisconnect()If a problem occurs, or a connection is denied, for example if maximum connections threshold has been reached, this setting determines if the connection is allowed to proceed through key exchange so that the user is returned a suitable error. If connections are terminated before key exchange completes its not always possible to send the correct error.- Returns:
-
setEnsureGracefulDisconnect
public void setEnsureGracefulDisconnect(boolean ensureGracefulDisconnect) If a problem occurs, or a connection is denied, for example if maximum connections threshold has been reached, this setting determines if the connection is allowed to proceed through key exchange so that the user is returned a suitable error. If connections are terminated before key exchange completes its not always possible to send the correct error.- Parameters:
ensureGracefulDisconnect
-
-
configureKeyExchanges
protected void configureKeyExchanges()Build the key exchanges available in this context. This method caches validated key exchanges to prevent the need to test on every new context instance.- Specified by:
configureKeyExchanges
in classcom.sshtools.synergy.ssh.SshContext
-
setMaxDHGroupExchangeSize
public void setMaxDHGroupExchangeSize(int maxDHGroupSize) Set the maximum group size supported indiffie-hellman-group-exchange
key exchange methods. -
getMaxDHGroupExchangeKeySize
public int getMaxDHGroupExchangeKeySize()Get the maximum group size supported indiffie-hellman-group-exchange
key exchange methods.- Overrides:
getMaxDHGroupExchangeKeySize
in classcom.sshtools.synergy.ssh.SshContext
-
isForceServerPreferences
public boolean isForceServerPreferences()Is the server wanting to control key exchange#setServerControllerKeyExchange()
-
setForceServerPreferences
public void setForceServerPreferences(boolean serverControlledKeyExchange) Whentrue
the server will delay it's key exchange initialisation until it has received the client's initialisation packet. This allows the server to control what algorithms are selected during key exchange by limiting its own set of algorithms to only those it wants to support. In effect, allowing the server to control the output of key exchange.- Parameters:
serverControlledKeyExchange
-
-