com.sshtools.ssh2

Class Ssh2Context

java.lang.Object

com.sshtools.ssh2.Ssh2Context

All Implemented Interfaces:

SshContext

public final class Ssh2Context
extends Object
implements SshContext

This class implements SshContextto provide SSH2 connection configuration through the SshConnector class.

To configure an authentication banner for SSH2 connections see BannerDisplay.

The preferred message authentication algorithm for each data stream can be set using:

 SshConnector con = SshConnector.getInstance();
 Ssh2Context context = (Ssh2Context) con.getContext(SshConnector.SSH2);
 
 context.setPreferredMacCS(Ssh2Context.HMAC_MD5); // Client->Server data stream
 context.setPreferredMacSC(Ssh2Context.HMAC_MD5); // Server->Client data stream
 

Once further cipher, public key and compression algorithms have been implemented the same process will apply.

Author:

Lee David Painter

Field Summary

Fields

Modifier and Type	Field and Description
static String	CIPHER_AES128_CBC
static String	CIPHER_AES128_CTR
static String	CIPHER_AES192_CBC
static String	CIPHER_AES192_CTR
static String	CIPHER_AES256_CBC
static String	CIPHER_AES256_CTR
static String	CIPHER_ARCFOUR
static String	CIPHER_ARCFOUR_128
static String	CIPHER_ARCFOUR_256
static String	CIPHER_BLOWFISH_CBC
static String	CIPHER_TRIPLEDES_CBC
static String	CIPHER_TRIPLEDES_CTR
static String	COMPRESSION_NONE Compression off
static String	COMPRESSION_ZLIB Optional zlib compression (requires sshtools-zlib.jar in classpath)
static String	HMAC_MD5 MD5 message authentication
static String	HMAC_MD5_96 MD5 96 bit message authentication
static String	HMAC_SHA1 SHA1 message authentication
static String	HMAC_SHA1_96 SHA1 96 bit message authentication
static String	HMAC_SHA256
static String	KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1 Optional key exchange mechanism in which the server maintains a list of acceptable generators and primes
static String	KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256
static String	KEX_DIFFIE_HELLMAN_GROUP1_SHA1 The required key exchange method
static String	KEX_DIFFIE_HELLMAN_GROUP14_SHA1
static String	PUBLIC_KEY_SSHDSS SSH2 DSA Public Key
static String	PUBLIC_KEY_SSHRSA SSH2 RSA Public Key

Constructor Summary

Constructors

Constructor and Description
Ssh2Context() Contructs a default context

Method Summary

Methods

Modifier and Type	Method and Description
void	disableCompression()
void	enableCompression()
void	enableFIPSMode() Enables FIPS compatible algorithms and disables any other non-compatible algorithms.
BannerDisplay	getBannerDisplay() Get the contexts banner display
int	getChannelLimit() Get the maximum number of channels that are allowed open at any one time.
String	getCiphersCS() Get the ciphers for the Client->Server stream.
String	getCiphersSC() Get the ciphers for the Server->Client stream.
int	getDHGroupExchangeKeySize()
MaverickCallbackHandler	getGssCallback()
HostKeyVerification	getHostKeyVerification() Get the host key verification implementation
int	getIdleConnectionTimeoutSeconds()
int	getKeepAliveMaxDataLength()
String	getKeyExchanges() Get the ciphers for the Server->Client stream.
String	getMacsCS() Get the ciphers for the Client->Server stream.
String	getMacsSC() Get the ciphers for the Server->Client stream.
int	getMaximumPacketLength() Get the maximim packet size supported by the transport layer.
int	getPartialMessageTimeout()
String	getPreferredCipherCS() Get the currently preferred cipher for the Client->Server stream.
String	getPreferredCipherSC() Get the currently preferred cipher for the Server->Client stream.
String	getPreferredCompressionCS() Get the currently preferred compression for the Client->Server stream.
String	getPreferredCompressionSC() Get the currently preferred compression for the Server->Client stream.
String	getPreferredKeyExchange() Get the currently preferred key exchange method.
String	getPreferredMacCS() Get the currently preferred mac for the Client->Server stream.
String	getPreferredMacSC() Get the currently supported mac for the Server-Client stream.
String	getPreferredPublicKey() Get the currently preferred public key algorithm.
String	getPublicKeys() Get the ciphers for the Server->Client stream.
String	getSFTPProvider() Get the path to the SFTP provider.
int	getSocketTimeout()
byte[]	getX11AuthenticationCookie() Get a fake random cookie for X11 authentication
String	getX11Display() Get the currently configured XDisplay setting which will be null if no display is currently set.
byte[]	getX11RealCookie() Get the real X11 authentication cookie, if not cookie has been set the fake cookie will be returned.
ForwardingRequestListener	getX11RequestListener() Get the X11 forwarding request listener.
boolean	isDHGroupExchangeBackwardsCompatible()
boolean	isKeyReExchangeDisabled()
boolean	isSendIgnorePacketOnIdle()
void	setBannerDisplay(BannerDisplay bannerdisplay) Set a banner display for callback of authentication banners
void	setChannelLimit(int maxChannels) Set the maximum number of channels that are allowed open at any one time.
void	setCipherPreferredPositionCS(String name, int position)
void	setCipherPreferredPositionSC(String name, int position)
void	setDHGroupExchangeBackwardsCompatible(boolean dhGroupExchangeBackwardCompatible)
void	setDHGroupExchangeKeySize(int dhGroupExchangeKeySize)
void	setGssCallback(MaverickCallbackHandler gsscall)
void	setHostKeyVerification(HostKeyVerification verify) Set the host key verification implementation
void	setIdleConnectionTimeoutSeconds(int idleConnectionTimeoutSeconds)
void	setKeepAliveMaxDataLength(int keepAliveMaxDataLength)
void	setKeyExchangePreferredPosition(String name, int position)
void	setKeyReExchangeDisabled(boolean keyReExchangeDisabled)
void	setMacPreferredPositionCS(String name, int position)
void	setMacPreferredPositionSC(String name, int position)
void	setMaximumPacketLength(int maxPacketLength) Set the maximum packet size supported by the transport layer.
void	setPartialMessageTimeout(int partialMessageTimeout)
void	setPreferredCipherCS(int[] order) Set the preferred SC cipher order
void	setPreferredCipherCS(String name) Set the preferred cipher for the Client->Server stream.
void	setPreferredCipherSC(int[] order) Set the preferred SC cipher order
void	setPreferredCipherSC(String name) Set the preferred cipher for the Server->Client stream.
void	setPreferredCompressionCS(String name) Set the preferred compression for the Client->Server stream.
void	setPreferredCompressionSC(String name) Set the preferred compression for the Server->Client stream.
void	setPreferredKeyExchange(String name) Set the preferred key exchange method.
void	setPreferredMacCS(int[] order) Set the preferred CS Mac order
void	setPreferredMacCS(String name) Set the preferred mac for the Client->Server stream.
void	setPreferredMacSC(int[] order) Set the preferred SC Mac order
void	setPreferredMacSC(String name) Set the preferred mac for the Server->Client stream.
void	setPreferredPublicKey(String name) Set the preferred public key algorithm.
void	setPublicKeyPreferredPosition(String name, int position)
void	setSendIgnorePacketOnIdle(boolean sendIgnorePacketOnIdle)
void	setSFTPProvider(String sftpProvider) Set the path to the SFTP provider.
void	setSocketTimeout(int socketTimeout)
void	setX11AuthenticationCookie(byte[] x11FakeCookie) Set the fake cookie used for X11 authentication
void	setX11Display(String xDisplay) Set the DISPLAY variable for the SSH connection.
void	setX11RealCookie(byte[] x11RealCookie) Sets the real X11 authentication cookie which can be obtained from the users $HOME/.Xauthority file.
void	setX11RequestListener(ForwardingRequestListener x11Listener) Set the listener to which X11 forwarding requests will be processed.
ComponentFactory	supportedCiphersCS()
ComponentFactory	supportedCiphersSC() Returns this context's supported cipher algorithms.
ComponentFactory	supportedCompressionsCS() Get this context's supported CS compression algorithms.
ComponentFactory	supportedCompressionsSC() Get this context's supported SC compression algorithms.
ComponentFactory	supportedKeyExchanges() Get this context's supported key exchange methods.
ComponentFactory	supportedMacsCS() Get this context's supported message authentication algorithms CS.
ComponentFactory	supportedMacsSC() Get this context's supported message authentication algorithms SC.
ComponentFactory	supportedPublicKeys() Get this context's supported public keys.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CIPHER_TRIPLEDES_CBC

public static final String CIPHER_TRIPLEDES_CBC

See Also:

Constant Field Values

CIPHER_TRIPLEDES_CTR

public static final String CIPHER_TRIPLEDES_CTR

See Also:

Constant Field Values

CIPHER_BLOWFISH_CBC

public static final String CIPHER_BLOWFISH_CBC

See Also:

Constant Field Values

CIPHER_AES128_CBC

public static final String CIPHER_AES128_CBC

See Also:

Constant Field Values

CIPHER_AES192_CBC

public static final String CIPHER_AES192_CBC

See Also:

Constant Field Values

CIPHER_AES256_CBC

public static final String CIPHER_AES256_CBC

See Also:

Constant Field Values

CIPHER_AES128_CTR

public static final String CIPHER_AES128_CTR

See Also:

Constant Field Values

CIPHER_AES192_CTR

public static final String CIPHER_AES192_CTR

See Also:

Constant Field Values

CIPHER_AES256_CTR

public static final String CIPHER_AES256_CTR

See Also:

Constant Field Values

CIPHER_ARCFOUR

public static final String CIPHER_ARCFOUR

See Also:

Constant Field Values

CIPHER_ARCFOUR_128

public static final String CIPHER_ARCFOUR_128

See Also:

Constant Field Values

CIPHER_ARCFOUR_256

public static final String CIPHER_ARCFOUR_256

See Also:

Constant Field Values

HMAC_SHA1

public static final String HMAC_SHA1

SHA1 message authentication

See Also:

Constant Field Values

HMAC_SHA1_96

public static final String HMAC_SHA1_96

SHA1 96 bit message authentication

See Also:

Constant Field Values

HMAC_MD5

public static final String HMAC_MD5

MD5 message authentication

See Also:

Constant Field Values

HMAC_MD5_96

public static final String HMAC_MD5_96

MD5 96 bit message authentication

See Also:

Constant Field Values

HMAC_SHA256

public static final String HMAC_SHA256

See Also:

Constant Field Values

COMPRESSION_NONE

public static final String COMPRESSION_NONE

Compression off

See Also:

Constant Field Values

COMPRESSION_ZLIB

public static final String COMPRESSION_ZLIB

Optional zlib compression (requires sshtools-zlib.jar in classpath)

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP1_SHA1

public static final String KEX_DIFFIE_HELLMAN_GROUP1_SHA1

The required key exchange method

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP14_SHA1

public static final String KEX_DIFFIE_HELLMAN_GROUP14_SHA1

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1

public static final String KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1

Optional key exchange mechanism in which the server maintains a list of acceptable generators and primes

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256

public static final String KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256

See Also:

Constant Field Values

PUBLIC_KEY_SSHDSS

public static final String PUBLIC_KEY_SSHDSS

SSH2 DSA Public Key

See Also:

Constant Field Values

PUBLIC_KEY_SSHRSA

public static final String PUBLIC_KEY_SSHRSA

SSH2 RSA Public Key

See Also:

Constant Field Values

Constructor Detail

Ssh2Context

public Ssh2Context()
            throws SshException

Contructs a default context

Throws:

SshException

Method Detail

getMaximumPacketLength

public int getMaximumPacketLength()

Get the maximim packet size supported by the transport layer.

Returns:

int

setGssCallback

public void setGssCallback(MaverickCallbackHandler gsscall)

getGssCallback

public MaverickCallbackHandler getGssCallback()

setMaximumPacketLength

public void setMaximumPacketLength(int maxPacketLength)

Set the maximum packet size supported by the transport layer. This would not normally require changing but some servers may support larger packets. The default and minimum size is 35,000 bytes.

Parameters:

maxPacketLength - int

setChannelLimit

public void setChannelLimit(int maxChannels)

Description copied from interface: SshContext

Set the maximum number of channels that are allowed open at any one time.

Specified by:

setChannelLimit in interface SshContext

getChannelLimit

public int getChannelLimit()

Description copied from interface: SshContext

Get the maximum number of channels that are allowed open at any one time.

Specified by:

getChannelLimit in interface SshContext

Returns:

the maximum number of channels

setX11Display

public void setX11Display(String xDisplay)

Description copied from interface: SshContext

Set the DISPLAY variable for the SSH connection. If this is set the SSH sessions will have their DISPLAY variable set and X sessions will be forwarded over the SSH connection to the display specified.

Specified by:

setX11Display in interface SshContext

Parameters:

xDisplay - the display in the form localhost:1

getX11Display

public String getX11Display()

Description copied from interface: SshContext

Get the currently configured XDisplay setting which will be null if no display is currently set.

Specified by:

getX11Display in interface SshContext

Returns:

String

getX11AuthenticationCookie

public byte[] getX11AuthenticationCookie()
                                  throws SshException

Description copied from interface: SshContext

Get a fake random cookie for X11 authentication

Specified by:

getX11AuthenticationCookie in interface SshContext

Returns:

byte[]

Throws:

SshException

setX11AuthenticationCookie

public void setX11AuthenticationCookie(byte[] x11FakeCookie)

Description copied from interface: SshContext

Set the fake cookie used for X11 authentication

Specified by:

setX11AuthenticationCookie in interface SshContext

setX11RealCookie

public void setX11RealCookie(byte[] x11RealCookie)

Description copied from interface: SshContext

Sets the real X11 authentication cookie which can be obtained from the users $HOME/.Xauthority file.

Specified by:

setX11RealCookie in interface SshContext

getX11RealCookie

public byte[] getX11RealCookie()
                        throws SshException

Description copied from interface: SshContext

Get the real X11 authentication cookie, if not cookie has been set the fake cookie will be returned.

Specified by:

getX11RealCookie in interface SshContext

Returns:

byte[]

Throws:

SshException

setX11RequestListener

public void setX11RequestListener(ForwardingRequestListener x11Listener)

Description copied from interface: SshContext

Set the listener to which X11 forwarding requests will be processed.

Specified by:

setX11RequestListener in interface SshContext

getX11RequestListener

public ForwardingRequestListener getX11RequestListener()

Description copied from interface: SshContext

Get the X11 forwarding request listener.

Specified by:

getX11RequestListener in interface SshContext

Returns:

ForwardingRequestListener

getBannerDisplay

public BannerDisplay getBannerDisplay()

Get the contexts banner display

Returns:

the banner display, may be null

setBannerDisplay

public void setBannerDisplay(BannerDisplay bannerdisplay)

Set a banner display for callback of authentication banners

Parameters:

bannerdisplay - the banner display, may be null

supportedCiphersSC

public ComponentFactory supportedCiphersSC()

Returns this context's supported cipher algorithms.

Returns:

the component factory

supportedCiphersCS

public ComponentFactory supportedCiphersCS()

getPreferredCipherCS

public String getPreferredCipherCS()

Get the currently preferred cipher for the Client->Server stream.

Returns:

the preferred Client-Server cipher

setPreferredCipherCS

public void setPreferredCipherCS(String name)
                          throws SshException

Set the preferred cipher for the Client->Server stream.

Parameters:

name -

Throws:

SshException

getPreferredCipherSC

public String getPreferredCipherSC()

Get the currently preferred cipher for the Server->Client stream.

Returns:

the preferred Server-Client cipher

getCiphersCS

public String getCiphersCS()

Get the ciphers for the Client->Server stream.

Returns:

the Client-Server ciphers in order of preference

getCiphersSC

public String getCiphersSC()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getMacsCS

public String getMacsCS()

Get the ciphers for the Client->Server stream.

Returns:

the Client-Server ciphers in order of preference

getMacsSC

public String getMacsSC()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getPublicKeys

public String getPublicKeys()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getKeyExchanges

public String getKeyExchanges()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

setPreferredCipherSC

public void setPreferredCipherSC(int[] order)
                          throws SshException

Set the preferred SC cipher order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setPreferredCipherCS

public void setPreferredCipherCS(int[] order)
                          throws SshException

Set the preferred SC cipher order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setCipherPreferredPositionCS

public void setCipherPreferredPositionCS(String name,
                                int position)
                                  throws SshException

Throws:

SshException

setCipherPreferredPositionSC

public void setCipherPreferredPositionSC(String name,
                                int position)
                                  throws SshException

Throws:

SshException

setMacPreferredPositionSC

public void setMacPreferredPositionSC(String name,
                             int position)
                               throws SshException

Throws:

SshException

setMacPreferredPositionCS

public void setMacPreferredPositionCS(String name,
                             int position)
                               throws SshException

Throws:

SshException

setPreferredMacSC

public void setPreferredMacSC(int[] order)
                       throws SshException

Set the preferred SC Mac order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setPreferredMacCS

public void setPreferredMacCS(int[] order)
                       throws SshException

Set the preferred CS Mac order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setPreferredCipherSC

public void setPreferredCipherSC(String name)
                          throws SshException

Set the preferred cipher for the Server->Client stream.

Parameters:

name -

Throws:

SshException

supportedMacsSC

public ComponentFactory supportedMacsSC()

Get this context's supported message authentication algorithms SC.

Returns:

the component factory

supportedMacsCS

public ComponentFactory supportedMacsCS()

Get this context's supported message authentication algorithms CS.

Returns:

the component factory

getPreferredMacCS

public String getPreferredMacCS()

Get the currently preferred mac for the Client->Server stream.

Returns:

the preferred Client-Server mac

setPreferredMacCS

public void setPreferredMacCS(String name)
                       throws SshException

Set the preferred mac for the Client->Server stream.

Parameters:

name -

Throws:

SshException

getPreferredMacSC

public String getPreferredMacSC()

Get the currently supported mac for the Server-Client stream.

Returns:

the preferred Server-Client mac

setPreferredMacSC

public void setPreferredMacSC(String name)
                       throws SshException

Set the preferred mac for the Server->Client stream.

Parameters:

name -

Throws:

SshException

supportedCompressionsSC

public ComponentFactory supportedCompressionsSC()

Get this context's supported SC compression algorithms.

Returns:

the component factory

supportedCompressionsCS

public ComponentFactory supportedCompressionsCS()

Get this context's supported CS compression algorithms.

Returns:

the component factory

getPreferredCompressionCS

public String getPreferredCompressionCS()

Get the currently preferred compression for the Client->Server stream.

Returns:

the preferred Client-Server compression

setPreferredCompressionCS

public void setPreferredCompressionCS(String name)
                               throws SshException

Set the preferred compression for the Client->Server stream.

Parameters:

name -

Throws:

SshException

getPreferredCompressionSC

public String getPreferredCompressionSC()

Get the currently preferred compression for the Server->Client stream.

Returns:

the preferred Server->Client compression

setPreferredCompressionSC

public void setPreferredCompressionSC(String name)
                               throws SshException

Set the preferred compression for the Server->Client stream.

Parameters:

name -

Throws:

SshException

enableCompression

public void enableCompression()
                       throws SshException

Throws:

SshException

disableCompression

public void disableCompression()
                        throws SshException

Throws:

SshException

supportedKeyExchanges

public ComponentFactory supportedKeyExchanges()

Get this context's supported key exchange methods.

Returns:

the component factory

getPreferredKeyExchange

public String getPreferredKeyExchange()

Get the currently preferred key exchange method.

Returns:

the preferred key exhcange

setPreferredKeyExchange

public void setPreferredKeyExchange(String name)
                             throws SshException

Set the preferred key exchange method.

Parameters:

name -

Throws:

SshException

supportedPublicKeys

public ComponentFactory supportedPublicKeys()

Get this context's supported public keys.

Returns:

the component factory

getPreferredPublicKey

public String getPreferredPublicKey()

Get the currently preferred public key algorithm.

Returns:

the preferred public key

setPreferredPublicKey

public void setPreferredPublicKey(String name)
                           throws SshException

Set the preferred public key algorithm.

Parameters:

name -

Throws:

SshException

setHostKeyVerification

public void setHostKeyVerification(HostKeyVerification verify)

Set the host key verification implementation

Specified by:

setHostKeyVerification in interface SshContext

Parameters:

verify -

getHostKeyVerification

public HostKeyVerification getHostKeyVerification()

Get the host key verification implementation

Specified by:

getHostKeyVerification in interface SshContext

Returns:

HostKeyVerification

setSFTPProvider

public void setSFTPProvider(String sftpProvider)

Description copied from interface: SshContext

Set the path to the SFTP provider. For SSH1 connections an attempt to execute this provider will be made as SSH1 does not support subsystems. For SSH2 connections an attempt will be made to execute this provider if the subsystem cannot be started.

Specified by:

setSFTPProvider in interface SshContext

getSFTPProvider

public String getSFTPProvider()

Description copied from interface: SshContext

Get the path to the SFTP provider. For SSH1 connections an attempt to execute this provider will be made as SSH1 does not support subsystems. For SSH2 connections an attempt will be made to execute this provider if the subsystem cannot be started. The default is '/usr/libexec/sftp-server'

Specified by:

getSFTPProvider in interface SshContext

Returns:

String

setPartialMessageTimeout

public void setPartialMessageTimeout(int partialMessageTimeout)

getPartialMessageTimeout

public int getPartialMessageTimeout()

isKeyReExchangeDisabled

public boolean isKeyReExchangeDisabled()

setKeyReExchangeDisabled

public void setKeyReExchangeDisabled(boolean keyReExchangeDisabled)

setPublicKeyPreferredPosition

public void setPublicKeyPreferredPosition(String name,
                                 int position)
                                   throws SshException

Throws:

SshException

setKeyExchangePreferredPosition

public void setKeyExchangePreferredPosition(String name,
                                   int position)
                                     throws SshException

Throws:

SshException

getIdleConnectionTimeoutSeconds

public int getIdleConnectionTimeoutSeconds()

setIdleConnectionTimeoutSeconds

public void setIdleConnectionTimeoutSeconds(int idleConnectionTimeoutSeconds)

isDHGroupExchangeBackwardsCompatible

public boolean isDHGroupExchangeBackwardsCompatible()

getDHGroupExchangeKeySize

public int getDHGroupExchangeKeySize()

setDHGroupExchangeKeySize

public void setDHGroupExchangeKeySize(int dhGroupExchangeKeySize)

setDHGroupExchangeBackwardsCompatible

public void setDHGroupExchangeBackwardsCompatible(boolean dhGroupExchangeBackwardCompatible)

isSendIgnorePacketOnIdle

public boolean isSendIgnorePacketOnIdle()

setSendIgnorePacketOnIdle

public void setSendIgnorePacketOnIdle(boolean sendIgnorePacketOnIdle)

getKeepAliveMaxDataLength

public int getKeepAliveMaxDataLength()

setKeepAliveMaxDataLength

public void setKeepAliveMaxDataLength(int keepAliveMaxDataLength)

getSocketTimeout

public int getSocketTimeout()

setSocketTimeout

public void setSocketTimeout(int socketTimeout)

enableFIPSMode

public void enableFIPSMode()
                    throws SshException

Description copied from interface: SshContext

Enables FIPS compatible algorithms and disables any other non-compatible algorithms.

Specified by:

enableFIPSMode in interface SshContext

Throws:

SshException