@Test
 public void testCreateClientWillUseKeyIfKeyAndKeyPathPresent() throws Exception {
   final String testKey = "MyVeryBigKey";
   final BapSshCommonConfiguration defaultKeyInfo =
       new BapSshCommonConfiguration(
           TEST_PASSPHRASE, testKey, "/this/file/will/not/be/used", false);
   hostConfig = createWithDefaultKeyInfo(mockJSch, defaultKeyInfo);
   getHostConfig().setPassword("Ignore me");
   expect(
           mockJSch.getSession(
               getHostConfig().getUsername(),
               getHostConfig().getHostname(),
               getHostConfig().getPort()))
       .andReturn(mockSession);
   mockJSch.addIdentity(
       isA(String.class),
       aryEq(BapSshUtil.toBytes(testKey)),
       (byte[]) isNull(),
       aryEq(BapSshUtil.toBytes(TEST_PASSPHRASE)));
   mockSession.setConfig((Properties) anyObject());
   mockSession.connect(getHostConfig().getTimeout());
   expect(mockSession.openChannel("sftp")).andReturn(mockSftp);
   mockSftp.connect(getHostConfig().getTimeout());
   testHelper.expectDirectoryCheck(getHostConfig().getRemoteRootDir(), true);
   mockSftp.cd(getHostConfig().getRemoteRootDir());
   assertCreateClient();
 }
 @Test
 public void testCreateClientWithOverrideKeyPath() throws Exception {
   final String testKeyFilename = "myPrivateKey";
   final RandomFile theKey = new RandomFile(jenkinsHome.getRoot(), testKeyFilename);
   hostConfig =
       createWithOverrideUsernameAndPassword(mockJSch, TEST_PASSPHRASE, testKeyFilename, "");
   final BapSshCommonConfiguration commonConfiguration =
       new BapSshCommonConfiguration("Ignore me", null, null, false);
   getHostConfig().setCommonConfig(commonConfiguration);
   expect(
           mockJSch.getSession(
               getHostConfig().getUsername(),
               getHostConfig().getHostname(),
               getHostConfig().getPort()))
       .andReturn(mockSession);
   mockJSch.addIdentity(
       isA(String.class),
       aryEq(theKey.getContents()),
       (byte[]) isNull(),
       aryEq(BapSshUtil.toBytes(TEST_PASSPHRASE)));
   mockSession.setConfig((Properties) anyObject());
   mockSession.connect(getHostConfig().getTimeout());
   expect(mockSession.openChannel("sftp")).andReturn(mockSftp);
   mockSftp.connect(getHostConfig().getTimeout());
   testHelper.expectDirectoryCheck(getHostConfig().getRemoteRootDir(), true);
   mockSftp.cd(getHostConfig().getRemoteRootDir());
   assertCreateClient();
 }
 private BapSshClient assertCreateClientWithDefaultKey(final boolean disableExec)
     throws Exception {
   final String testKey = "MyVeryBigKey";
   final BapSshCommonConfiguration defaultKeyInfo =
       new BapSshCommonConfiguration(TEST_PASSPHRASE, testKey, null, disableExec);
   hostConfig = createWithDefaultKeyInfo(mockJSch, defaultKeyInfo);
   getHostConfig().setPassword("Ignore me");
   expect(
           mockJSch.getSession(
               getHostConfig().getUsername(),
               getHostConfig().getHostname(),
               getHostConfig().getPort()))
       .andReturn(mockSession);
   mockJSch.addIdentity(
       isA(String.class),
       aryEq(BapSshUtil.toBytes(testKey)),
       (byte[]) isNull(),
       aryEq(BapSshUtil.toBytes(defaultKeyInfo.getPassphrase())));
   mockSession.setConfig((Properties) anyObject());
   mockSession.connect(getHostConfig().getTimeout());
   expect(mockSession.openChannel("sftp")).andReturn(mockSftp);
   mockSftp.connect(getHostConfig().getTimeout());
   testHelper.expectDirectoryCheck(getHostConfig().getRemoteRootDir(), true);
   mockSftp.cd(getHostConfig().getRemoteRootDir());
   return assertCreateClient();
 }
Example #4
0
 public void addIdentity(String prvkey, String passphrase) throws JSchException {
   byte[] _passphrase = null;
   if (passphrase != null) {
     _passphrase = Util.str2byte(passphrase);
   }
   addIdentity(prvkey, _passphrase);
   if (_passphrase != null) Util.bzero(_passphrase);
 }
  /**
   * @param userName the name of the account being logged into.
   * @param hostName this should be the host. I found values like <code>foo.com</code> work, where
   *     <code>http://foo.com</code> don't.
   * @param userPassword if you are not using key based authentication, then you are likely being
   *     prompted for a password each time you login. This is that password. It is <em>not</em> the
   *     passphrase for the private key!
   * @param port the default is 22, and if you specify N<0 for this value we'll default it to 22
   * @param knownHostsFile this is the known hosts file. If you don't specify it, jsch does some
   *     magic to work without your specification. If you have it in a non well-known location,
   *     however, this property is for you. An example: <code>/home/user/.ssh/known_hosts</code>
   * @param knownHostsInputStream this is the known hosts file. If you don't specify it, jsch does
   *     some magic to work without your specification. If you have it in a non well-known location,
   *     however, this property is for you. An example: <code>/home/user/.ssh/known_hosts</code>.
   *     Note that you may specify this <em>or</em> the #knownHostsFile - not both!
   * @param privateKey this is usually used when you want passwordless automation (obviously, for
   *     this integration it's useless since this lets you specify a password once, anyway, but
   *     still good to have if required). This file might be ~/.ssh/id_dsa, or a <code>.pem</code>
   *     for your remote server (for example, on EC2)
   * @param pvKeyPassPhrase sometimes, to be extra secure, the private key itself is extra
   *     encrypted. In order to surmount that, we need the private key passphrase. Specify that
   *     here.
   * @throws Exception thrown if any of a myriad of scenarios plays out
   */
  public SftpSession(
      String userName,
      String hostName,
      String userPassword,
      int port,
      String knownHostsFile,
      InputStream knownHostsInputStream,
      String privateKey,
      String pvKeyPassPhrase)
      throws Exception {
    JSch jSch = new JSch();

    if (port <= 0) {
      port = 22;
    }

    this.privateKey = privateKey;
    this.privateKeyPassphrase = pvKeyPassPhrase;

    if (!StringUtils.isEmpty(knownHostsFile)) {
      jSch.setKnownHosts(knownHostsFile);
    } else if (null != knownHostsInputStream) {
      jSch.setKnownHosts(knownHostsInputStream);
    }

    // private key
    if (!StringUtils.isEmpty(this.privateKey)) {
      if (!StringUtils.isEmpty(privateKeyPassphrase)) {
        jSch.addIdentity(this.privateKey, privateKeyPassphrase);
      } else {
        jSch.addIdentity(this.privateKey);
      }
    }

    session = jSch.getSession(userName, hostName, port);

    if (!StringUtils.isEmpty(userPassword)) {
      session.setPassword(userPassword);
    }

    userInfo = new OptimisticUserInfoImpl(userPassword);
    session.setUserInfo(userInfo);
    session.connect();
    channel = (ChannelSftp) session.openChannel("sftp");
  }
Example #6
0
  /**
   * Open an ssh seession.
   *
   * @return the opened session
   * @throws JSchException on error
   */
  protected Session openSession() throws JSchException {
    JSch jsch = new JSch();
    if (null != userInfo.getKeyfile()) {
      jsch.addIdentity(userInfo.getKeyfile());
    }

    if (!userInfo.getTrust() && knownHosts != null) {
      project.log("Using known hosts: " + knownHosts, Project.MSG_DEBUG);
      jsch.setKnownHosts(knownHosts);
    }

    Session session = jsch.getSession(userInfo.getName(), host, port);
    session.setUserInfo(userInfo);
    project.log("Connecting to " + host + ":" + port, Project.MSG_VERBOSE);
    session.connect();
    return session;
  }
Example #7
0
  /**
   * Init Helper Class with connection settings
   *
   * @param serverIP IP address of remote server
   * @param serverPort port of remote server
   * @param userName username of remote server
   * @param privateKeyFilename filename of private key
   * @param passPhrase passphrase
   * @throws KettleJobException
   */
  public SFTPClient(
      InetAddress serverIP,
      int serverPort,
      String userName,
      String privateKeyFilename,
      String passPhrase)
      throws KettleJobException {

    if (serverIP == null || serverPort < 0 || userName == null || userName.equals("")) {
      throw new KettleJobException(
          "For a SFTP connection server name and username must be set and server port must be greater than zero.");
    }

    this.serverIP = serverIP;
    this.serverPort = serverPort;
    this.userName = userName;

    JSch jsch = new JSch();
    try {
      if (!Const.isEmpty(privateKeyFilename)) {
        // We need to use private key authentication
        this.prvkey = privateKeyFilename;
        byte[] passphrasebytes = new byte[0];
        if (!Const.isEmpty(passPhrase)) {
          // Set passphrase
          this.passphrase = passPhrase;
          passphrasebytes = GetPrivateKeyPassPhrase().getBytes();
        }
        jsch.addIdentity(
            getUserName(),
            FileUtil.getContent(KettleVFS.getFileObject(prvkey)), // byte[] privateKey
            null, // byte[] publicKey
            passphrasebytes); // byte[] passPhrase
      }
      s = jsch.getSession(userName, serverIP.getHostAddress(), serverPort);
    } catch (IOException e) {
      throw new KettleJobException(e);
    } catch (KettleFileException e) {
      throw new KettleJobException(e);
    } catch (JSchException e) {
      throw new KettleJobException(e);
    }
  }
Example #8
0
  protected void addUserIDFiles() {
    //
    if (config.userConfigDir == null) {
      logger.debug("addUserIDFiles(): No userConfigDir configured");
      return;
    }
    // Config director is for example" ~/.ssh/
    String configDir = config.userConfigDir;
    FSPath configPath;

    try {
      configPath = FSUtil.getDefault().resolvePath(configDir);
    } catch (IOException e) {
      logger.error(
          "addUserIDFiles():Failed to read/acces config directory:{} => IOException:{}",
          configDir,
          e);
      return;
    }

    String keys[] = config.privateKeys;
    if ((keys == null) || (keys.length <= 0)) {
      logger.info("addUserIDFiles():No private keys");
      return;
    }

    for (String key : keys) {
      try {
        FSPath keyFile = configPath.resolvePath(key);
        if (keyFile.exists()) {
          logger.info("addUserIDFiles(): adding existing identity:{}\n", keyFile);
          jsch.addIdentity(keyFile.getPathname());
        } else {
          logger.info("addUserIDFiles(): ignoring missing identity file:{}\n", keyFile);
        }
      } catch (IOException e) {
        logger.error("Got IOException accessing file:{}/{} => IOException:{}", configPath, key, e);
      } catch (JSchException e) {
        logger.error("Got JSchException adding file:{}/{} => JSchException:{}", configPath, key, e);
      }
    }
  }
Example #9
0
 /*
   public void addIdentity(String foo) throws JSchException{
     addIdentity(foo, null);
   }
   public void addIdentity(String foo, String bar) throws JSchException{
 //    Identity identity=new IdentityFile(foo, this);
 //    if(bar!=null) identity.setPassphrase(bar);
 //    identities.addElement(identity);
   }
 */
 public void addIdentity(Identity id) throws JSchException {
   addIdentity(id, null);
 }
Example #10
0
 public void addIdentity(String name, byte[] prvkey, byte[] pubkey, byte[] passphrase)
     throws JSchException {
   Identity identity = IdentityFile.newInstance(name, prvkey, pubkey, this);
   addIdentity(identity, passphrase);
 }
Example #11
0
 public void addIdentity(String prvkey) throws JSchException {
   addIdentity(prvkey, (byte[]) null);
 }
Example #12
0
 @Override
 @OnWebSocketConnect
 public void onConnect(Session session) {
   super.onConnect(session);
   this.session.setIdleTimeout(TimeUnit.MINUTES.toMillis(1));
   Connector con = null;
   try {
     ConnectorFactory cf = ConnectorFactory.getDefault();
     con = cf.createConnector();
   } catch (AgentProxyException e) {
     System.out.println(e);
   }
   IdentityRepository irepo = null;
   if (con != null) {
     RemoteIdentityRepository rrepo = new RemoteIdentityRepository(con);
     if (rrepo.getIdentities() != null && rrepo.getIdentities().size() > 0) {
       irepo = rrepo;
       jsch.setIdentityRepository(irepo);
     }
   }
   if (irepo == null) {
     String home = System.getProperty("user.home");
     String sshDir = home + File.separator + ".ssh" + File.separator;
     String[] defaultKeys =
         new String[] {
           sshDir + "id_ecdsa",
           sshDir + "id_id_ed25519",
           sshDir + "id_rsa",
           sshDir + "id_dsa",
           sshDir + "identity"
         };
     for (String nextKey : defaultKeys) {
       try {
         jsch.addIdentity(nextKey);
         log.fine("Key '" + nextKey + "'  added");
       } catch (JSchException e) {
         log.log(Level.FINE, "Key '" + nextKey + "'  not valid", e);
       }
     }
   }
   Map<String, List<String>> parameterMap = session.getUpgradeRequest().getParameterMap();
   String host = getStringParameter(parameterMap, "host", null);
   String connectHost = hostLookupService.getResolvableHostname(host);
   String user = getStringParameter(parameterMap, "user", null);
   if ("@admin".equals(user)) {
     user = hostLookupService.getAdminUserFor(host);
   }
   Resize resize = new Resize();
   resize.cols = getIntParameter(parameterMap, "cols", 80);
   resize.rows = getIntParameter(parameterMap, "rows", 24);
   try {
     java.util.Properties config = new java.util.Properties();
     config.put("StrictHostKeyChecking", "no");
     jschSession = jsch.getSession(user, connectHost, hostLookupService.getSshPort(host));
     jschSession.setConfig(config);
     jschSession.connect(60000);
     shell = (ChannelShell) jschSession.openChannel("shell");
     shell.setAgentForwarding(true);
     shell.setPtyType("vt102");
     shell.connect();
     shell.setPtySize(resize.cols, resize.rows, resize.getPixelWidth(), resize.getPixelHeight());
   } catch (JSchException e) {
     close(1, "Failed to create ssh session", e);
   }
   Runnable run;
   try {
     run =
         new RawSentOutputTask(
             session, new BufferedInputStream(shell.getInputStream(), BUFFER_LEN));
     Thread thread = new Thread(run);
     thread.start();
   } catch (IOException e) {
     close(2, "IOException while getting data from ssh", e);
   }
   try {
     inputToShell = new PrintStream(shell.getOutputStream(), true, "UTF-8");
   } catch (IOException e) {
     close(3, "IOException while creating write stream to ssh", e);
   }
 }
  public void openConnectionInternal() throws AuthenticationException {
    if (authenticationInfo == null) {
      authenticationInfo = new AuthenticationInfo();
    }

    if (!interactive) {
      uIKeyboardInteractive = null;
      setInteractiveUserInfo(new NullInteractiveUserInfo());
    }

    JSch sch = new JSch();

    File privateKey;
    try {
      privateKey = ScpHelper.getPrivateKey(authenticationInfo);
    } catch (FileNotFoundException e) {
      throw new AuthenticationException(e.getMessage());
    }

    try {
      Connector connector = ConnectorFactory.getDefault().createConnector();
      if (connector != null) {
        IdentityRepository repo = new RemoteIdentityRepository(connector);
        sch.setIdentityRepository(repo);
      }
    } catch (AgentProxyException e) {
      fireSessionDebug("Unable to connect to agent: " + e.toString());
    }

    if (privateKey != null && privateKey.exists()) {
      fireSessionDebug("Using private key: " + privateKey);
      try {
        sch.addIdentity(privateKey.getAbsolutePath(), authenticationInfo.getPassphrase());
      } catch (JSchException e) {
        throw new AuthenticationException("Cannot connect. Reason: " + e.getMessage(), e);
      }
    }

    String host = getRepository().getHost();
    int port =
        repository.getPort() == WagonConstants.UNKNOWN_PORT
            ? ScpHelper.DEFAULT_SSH_PORT
            : repository.getPort();
    try {
      String userName = authenticationInfo.getUserName();
      if (userName == null) {
        userName = System.getProperty("user.name");
      }
      session = sch.getSession(userName, host, port);
      session.setTimeout(getTimeout());
    } catch (JSchException e) {
      throw new AuthenticationException("Cannot connect. Reason: " + e.getMessage(), e);
    }

    Proxy proxy = null;
    ProxyInfo proxyInfo = getProxyInfo(ProxyInfo.PROXY_SOCKS5, getRepository().getHost());
    if (proxyInfo != null && proxyInfo.getHost() != null) {
      proxy = new ProxySOCKS5(proxyInfo.getHost(), proxyInfo.getPort());
      ((ProxySOCKS5) proxy).setUserPasswd(proxyInfo.getUserName(), proxyInfo.getPassword());
    } else {
      proxyInfo = getProxyInfo(ProxyInfo.PROXY_HTTP, getRepository().getHost());
      if (proxyInfo != null && proxyInfo.getHost() != null) {
        proxy = new ProxyHTTP(proxyInfo.getHost(), proxyInfo.getPort());
        ((ProxyHTTP) proxy).setUserPasswd(proxyInfo.getUserName(), proxyInfo.getPassword());
      } else {
        // Backwards compatibility
        proxyInfo = getProxyInfo(getRepository().getProtocol(), getRepository().getHost());
        if (proxyInfo != null && proxyInfo.getHost() != null) {
          // if port == 1080 we will use SOCKS5 Proxy, otherwise will use HTTP Proxy
          if (proxyInfo.getPort() == SOCKS5_PROXY_PORT) {
            proxy = new ProxySOCKS5(proxyInfo.getHost(), proxyInfo.getPort());
            ((ProxySOCKS5) proxy).setUserPasswd(proxyInfo.getUserName(), proxyInfo.getPassword());
          } else {
            proxy = new ProxyHTTP(proxyInfo.getHost(), proxyInfo.getPort());
            ((ProxyHTTP) proxy).setUserPasswd(proxyInfo.getUserName(), proxyInfo.getPassword());
          }
        }
      }
    }
    session.setProxy(proxy);

    // username and password will be given via UserInfo interface.
    UserInfo ui = new WagonUserInfo(authenticationInfo, getInteractiveUserInfo());

    if (uIKeyboardInteractive != null) {
      ui = new UserInfoUIKeyboardInteractiveProxy(ui, uIKeyboardInteractive);
    }

    Properties config = new Properties();
    if (getKnownHostsProvider() != null) {
      try {
        String contents = getKnownHostsProvider().getContents();
        if (contents != null) {
          sch.setKnownHosts(new StringInputStream(contents));
        }
      } catch (JSchException e) {
        // continue without known_hosts
      }
      config.setProperty("StrictHostKeyChecking", getKnownHostsProvider().getHostKeyChecking());
    }

    if (authenticationInfo.getPassword() != null) {
      config.setProperty(
          "PreferredAuthentications", "gssapi-with-mic,publickey,password,keyboard-interactive");
    }

    config.setProperty("BatchMode", interactive ? "no" : "yes");

    session.setConfig(config);

    session.setUserInfo(ui);

    StringWriter stringWriter = new StringWriter();
    try {
      session.connect();

      if (getKnownHostsProvider() != null) {
        PrintWriter w = new PrintWriter(stringWriter);

        HostKeyRepository hkr = sch.getHostKeyRepository();
        HostKey[] keys = hkr.getHostKey();

        for (int i = 0; keys != null && i < keys.length; i++) {
          HostKey key = keys[i];
          w.println(key.getHost() + " " + key.getType() + " " + key.getKey());
        }
      }
    } catch (JSchException e) {
      if (e.getMessage().startsWith("UnknownHostKey:")
          || e.getMessage().startsWith("reject HostKey:")) {
        throw new UnknownHostException(host, e);
      } else if (e.getMessage().contains("HostKey has been changed")) {
        throw new KnownHostChangedException(host, e);
      } else {
        throw new AuthenticationException("Cannot connect. Reason: " + e.getMessage(), e);
      }
    }

    try {
      getKnownHostsProvider().storeKnownHosts(stringWriter.toString());
    } catch (IOException e) {
      closeConnection();

      throw new AuthenticationException(
          "Connection aborted - failed to write to known_hosts. Reason: " + e.getMessage(), e);
    }
  }
Example #14
0
  protected Session createSession(final RemoteFileConfiguration configuration)
      throws JSchException {
    final JSch jsch = new JSch();
    JSch.setLogger(new JSchLogger());

    SftpConfiguration sftpConfig = (SftpConfiguration) configuration;

    if (isNotEmpty(sftpConfig.getCiphers())) {
      LOG.debug("Using ciphers: {}", sftpConfig.getCiphers());
      Hashtable<String, String> ciphers = new Hashtable<String, String>();
      ciphers.put("cipher.s2c", sftpConfig.getCiphers());
      ciphers.put("cipher.c2s", sftpConfig.getCiphers());
      JSch.setConfig(ciphers);
    }

    if (isNotEmpty(sftpConfig.getPrivateKeyFile())) {
      LOG.debug("Using private keyfile: {}", sftpConfig.getPrivateKeyFile());
      if (isNotEmpty(sftpConfig.getPrivateKeyPassphrase())) {
        jsch.addIdentity(sftpConfig.getPrivateKeyFile(), sftpConfig.getPrivateKeyPassphrase());
      } else {
        jsch.addIdentity(sftpConfig.getPrivateKeyFile());
      }
    }

    if (sftpConfig.getPrivateKey() != null) {
      LOG.debug("Using private key information from byte array");
      byte[] passphrase = null;
      if (isNotEmpty(sftpConfig.getPrivateKeyPassphrase())) {
        try {
          passphrase = sftpConfig.getPrivateKeyPassphrase().getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
          throw new JSchException("Cannot transform passphrase to byte[]", e);
        }
      }
      jsch.addIdentity("ID", sftpConfig.getPrivateKey(), null, passphrase);
    }

    if (sftpConfig.getPrivateKeyUri() != null) {
      LOG.debug("Using private key uri : {}", sftpConfig.getPrivateKeyUri());
      byte[] passphrase = null;
      if (isNotEmpty(sftpConfig.getPrivateKeyPassphrase())) {
        try {
          passphrase = sftpConfig.getPrivateKeyPassphrase().getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
          throw new JSchException("Cannot transform passphrase to byte[]", e);
        }
      }
      try {
        InputStream is =
            ResourceHelper.resolveMandatoryResourceAsInputStream(
                endpoint.getCamelContext().getClassResolver(), sftpConfig.getPrivateKeyUri());
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        IOHelper.copyAndCloseInput(is, bos);
        jsch.addIdentity("ID", bos.toByteArray(), null, passphrase);
      } catch (IOException e) {
        throw new JSchException("Cannot read resource: " + sftpConfig.getPrivateKeyUri(), e);
      }
    }

    if (sftpConfig.getKeyPair() != null) {
      LOG.debug("Using private key information from key pair");
      KeyPair keyPair = sftpConfig.getKeyPair();
      if (keyPair.getPrivate() != null && keyPair.getPublic() != null) {
        if (keyPair.getPrivate() instanceof RSAPrivateKey
            && keyPair.getPublic() instanceof RSAPublicKey) {
          jsch.addIdentity(new RSAKeyPairIdentity("ID", keyPair), null);
        } else if (keyPair.getPrivate() instanceof DSAPrivateKey
            && keyPair.getPublic() instanceof DSAPublicKey) {
          jsch.addIdentity(new DSAKeyPairIdentity("ID", keyPair), null);
        } else {
          LOG.warn("Only RSA and DSA key pairs are supported");
        }
      } else {
        LOG.warn("PrivateKey and PublicKey in the KeyPair must be filled");
      }
    }

    if (isNotEmpty(sftpConfig.getKnownHostsFile())) {
      LOG.debug("Using knownhosts file: {}", sftpConfig.getKnownHostsFile());
      jsch.setKnownHosts(sftpConfig.getKnownHostsFile());
    }

    if (isNotEmpty(sftpConfig.getKnownHostsUri())) {
      LOG.debug("Using knownhosts uri: {}", sftpConfig.getKnownHostsUri());
      try {
        InputStream is =
            ResourceHelper.resolveMandatoryResourceAsInputStream(
                endpoint.getCamelContext().getClassResolver(), sftpConfig.getKnownHostsUri());
        jsch.setKnownHosts(is);
      } catch (IOException e) {
        throw new JSchException("Cannot read resource: " + sftpConfig.getKnownHostsUri(), e);
      }
    }

    if (sftpConfig.getKnownHosts() != null) {
      LOG.debug("Using knownhosts information from byte array");
      jsch.setKnownHosts(new ByteArrayInputStream(sftpConfig.getKnownHosts()));
    }

    final Session session =
        jsch.getSession(
            configuration.getUsername(), configuration.getHost(), configuration.getPort());

    if (isNotEmpty(sftpConfig.getStrictHostKeyChecking())) {
      LOG.debug("Using StrickHostKeyChecking: {}", sftpConfig.getStrictHostKeyChecking());
      session.setConfig("StrictHostKeyChecking", sftpConfig.getStrictHostKeyChecking());
    }

    session.setServerAliveInterval(sftpConfig.getServerAliveInterval());
    session.setServerAliveCountMax(sftpConfig.getServerAliveCountMax());

    // compression
    if (sftpConfig.getCompression() > 0) {
      LOG.debug("Using compression: {}", sftpConfig.getCompression());
      session.setConfig("compression.s2c", "[email protected],zlib,none");
      session.setConfig("compression.c2s", "[email protected],zlib,none");
      session.setConfig("compression_level", Integer.toString(sftpConfig.getCompression()));
    }

    // set the PreferredAuthentications
    if (sftpConfig.getPreferredAuthentications() != null) {
      LOG.debug("Using PreferredAuthentications: {}", sftpConfig.getPreferredAuthentications());
      session.setConfig("PreferredAuthentications", sftpConfig.getPreferredAuthentications());
    }

    // set user information
    session.setUserInfo(
        new ExtendedUserInfo() {
          public String getPassphrase() {
            return null;
          }

          public String getPassword() {
            return configuration.getPassword();
          }

          public boolean promptPassword(String s) {
            return true;
          }

          public boolean promptPassphrase(String s) {
            return true;
          }

          public boolean promptYesNo(String s) {
            LOG.warn("Server asks for confirmation (yes|no): " + s + ". Camel will answer no.");
            // Return 'false' indicating modification of the hosts file is disabled.
            return false;
          }

          public void showMessage(String s) {
            LOG.trace("Message received from Server: " + s);
          }

          public String[] promptKeyboardInteractive(
              String destination,
              String name,
              String instruction,
              String[] prompt,
              boolean[] echo) {
            // must return an empty array if password is null
            if (configuration.getPassword() == null) {
              return new String[0];
            } else {
              return new String[] {configuration.getPassword()};
            }
          }
        });

    // set the SO_TIMEOUT for the time after the connect phase
    if (configuration.getSoTimeout() > 0) {
      session.setTimeout(configuration.getSoTimeout());
    }

    // set proxy if configured
    if (proxy != null) {
      session.setProxy(proxy);
    }

    return session;
  }
  /** {@inheritDoc} */
  @Override
  public ClusterStartNodeResult call() {
    JSch ssh = new JSch();

    Session ses = null;

    try {
      if (spec.key() != null) ssh.addIdentity(spec.key().getAbsolutePath());

      ses = ssh.getSession(spec.username(), spec.host(), spec.port());

      if (spec.password() != null) ses.setPassword(spec.password());

      ses.setConfig("StrictHostKeyChecking", "no");

      ses.connect(timeout);

      boolean win = isWindows(ses);

      char separator = win ? '\\' : '/';

      spec.fixPaths(separator);

      String igniteHome = spec.igniteHome();

      if (igniteHome == null) igniteHome = win ? DFLT_IGNITE_HOME_WIN : DFLT_IGNITE_HOME_LINUX;

      String script = spec.script();

      if (script == null) script = DFLT_SCRIPT_LINUX;

      String cfg = spec.configuration();

      if (cfg == null) cfg = "";

      String startNodeCmd;
      String scriptOutputFileName =
          FILE_NAME_DATE_FORMAT.format(new Date())
              + '-'
              + UUID.randomUUID().toString().substring(0, 8)
              + ".log";

      if (win)
        throw new UnsupportedOperationException(
            "Apache Ignite cannot be auto-started on Windows from IgniteCluster.startNodes(…) API.");
      else { // Assume Unix.
        int spaceIdx = script.indexOf(' ');

        String scriptPath = spaceIdx > -1 ? script.substring(0, spaceIdx) : script;
        String scriptArgs = spaceIdx > -1 ? script.substring(spaceIdx + 1) : "";
        String rmtLogArgs = buildRemoteLogArguments(spec.username(), spec.host());
        String tmpDir = env(ses, "$TMPDIR", "/tmp/");
        String scriptOutputDir = tmpDir + "ignite-startNodes";

        shell(ses, "mkdir " + scriptOutputDir);

        // Mac os don't support ~ in double quotes. Trying get home path from remote system.
        if (igniteHome.startsWith("~")) {
          String homeDir = env(ses, "$HOME", "~");

          igniteHome = igniteHome.replaceFirst("~", homeDir);
        }

        startNodeCmd =
            new SB()
                .
                // Console output is consumed, started nodes must use Ignite file appenders for log.
                a("nohup ")
                .a("\"")
                .a(igniteHome)
                .a('/')
                .a(scriptPath)
                .a("\"")
                .a(" ")
                .a(scriptArgs)
                .a(!cfg.isEmpty() ? " \"" : "")
                .a(cfg)
                .a(!cfg.isEmpty() ? "\"" : "")
                .a(rmtLogArgs)
                .a(" > ")
                .a(scriptOutputDir)
                .a("/")
                .a(scriptOutputFileName)
                .a(" 2>& 1 &")
                .toString();
      }

      info("Starting remote node with SSH command: " + startNodeCmd, spec.logger(), log);

      shell(ses, startNodeCmd);

      return new ClusterStartNodeResultImpl(spec.host(), true, null);
    } catch (IgniteInterruptedCheckedException e) {
      return new ClusterStartNodeResultImpl(spec.host(), false, e.getMessage());
    } catch (Exception e) {
      return new ClusterStartNodeResultImpl(spec.host(), false, X.getFullStackTrace(e));
    } finally {
      if (ses != null && ses.isConnected()) ses.disconnect();
    }
  }
  /**
   * Creates a SSH Session with a remote machine and tries to login according to the details
   * specified by Contact An appropriate message is shown to the end user in case the login fails
   *
   * @param sshContact ID of SSH Contact
   * @throws JSchException if a JSch is unable to create a SSH Session with the remote machine
   * @throws InterruptedException if the thread is interrupted before session connected or is timed
   *     out
   * @throws OperationFailedException if not of above reasons :-)
   */
  public void createSSHSessionAndLogin(ContactSSH sshContact)
      throws JSchException, OperationFailedException, InterruptedException {
    logger.info("Creating a new SSH Session to " + sshContact.getHostName());

    // creating a new JSch Stack identifier for contact
    JSch jsch = new JSch();

    String knownHosts = (String) accountID.getAccountProperties().get("KNOWN_HOSTS_FILE");

    if (!knownHosts.equals("Optional")) jsch.setKnownHosts(knownHosts);

    String identitiyKey = (String) accountID.getAccountProperties().get("IDENTITY_FILE");

    String userName = sshContact.getUserName();

    // use the name of system user if the contact has not supplied SSH
    // details
    if (userName.equals("")) userName = System.getProperty("user.name");

    if (!identitiyKey.equals("Optional")) jsch.addIdentity(identitiyKey);

    // creating a new session for the contact
    Session session =
        jsch.getSession(
            userName, sshContact.getHostName(), sshContact.getSSHConfigurationForm().getPort());

    /**
     * Creating and associating User Info with the session User Info passes authentication from
     * sshContact to SSH Stack
     */
    SSHUserInfo sshUserInfo = new SSHUserInfo(sshContact);

    session.setUserInfo(sshUserInfo);

    /** initializing the session */
    session.connect(connectionTimeout);

    int count = 0;

    // wait for session to get connected
    while (!session.isConnected() && count <= 30000) {
      Thread.sleep(1000);
      count += 1000;
      logger.trace("SSH:" + sshContact.getHostName() + ": Sleep zzz .. ");
    }

    // if timeout have exceeded
    if (count > 30000) {
      sshContact.setSSHSession(null);
      JOptionPane.showMessageDialog(
          null, "SSH Connection attempt to " + sshContact.getHostName() + " timed out");

      // error codes are not defined yet
      throw new OperationFailedException(
          "SSH Connection attempt to " + sshContact.getHostName() + " timed out", 2);
    }

    sshContact.setJSch(jsch);
    sshContact.setSSHSession(session);

    logger.info("A new SSH Session to " + sshContact.getHostName() + " Created");
  }
Example #17
-1
 @Override
 public Session create() throws Exception {
   JSch jsch = new JSch();
   session =
       jsch.getSession(
           loginCredentials.getUser(),
           hostAndPort.getHostText(),
           hostAndPort.getPortOrDefault(22));
   if (sessionTimeout != 0) session.setTimeout(sessionTimeout);
   if (loginCredentials.getPrivateKey() == null) {
     session.setPassword(loginCredentials.getPassword());
   } else {
     byte[] privateKey = loginCredentials.getPrivateKey().getBytes();
     if (CredentialUtils.isPrivateKeyEncrypted(privateKey)) {
       throw new IllegalArgumentException(
           "JschSshClientModule does not support private keys that require a passphrase");
     }
     jsch.addIdentity(
         loginCredentials.getUser(),
         Arrays.copyOf(privateKey, privateKey.length),
         null,
         emptyPassPhrase);
   }
   java.util.Properties config = new java.util.Properties();
   config.put("StrictHostKeyChecking", "no");
   session.setConfig(config);
   session.connect(connectTimeout);
   return session;
 }
 private Session connectToInstance(String publicDNS) throws Exception {
   JSch jsch = new JSch();
   jsch.addIdentity("rtp.pem");
   Session session = jsch.getSession("ubuntu", publicDNS);
   Properties config = new Properties();
   config.put("StrictHostKeyChecking", "no");
   session.setConfig(config);
   session.connect();
   return session;
 }
Example #19
-1
 public void openSshConnection() throws JSchException {
   JSch jSch = new JSch();
   if (privateKeyLocation != null) {
     session = jSch.getSession(username, destinationHost, connectionPort);
     jSch.addIdentity(privateKeyLocation);
   } else {
     session = jSch.getSession(username, destinationHost, connectionPort);
     session.setPassword(password);
   }
   session.setConfig("StrictHostKeyChecking", "no");
   session.setConfig(
       "PreferredAuthentications",
       "publickey,keyboard-interactive,password"); // Skipping kerberos authentication
   session.connect(SLEEP_MILLISECONDS);
 }
 /**
  * method for establishing connection while authentication
  *
  * @param username
  * @param namenodeIP
  * @param nnpwd
  * @param privateKeyPath
  * @return
  * @throws JSchException
  * @throws IOException
  * @throws InterruptedException
  */
 public static Session establishConnection(
     String username, String namenodeIP, String nnpwd, String privateKeyPath)
     throws JSchException, IOException, InterruptedException {
   JSch jsch = new JSch();
   Session session = jsch.getSession(username, namenodeIP, Constants.TWENTY_TWO);
   session.setPassword(nnpwd);
   UserInfo info = new JumbuneUserInfo();
   jsch.addIdentity(privateKeyPath, nnpwd);
   session.setUserInfo(info);
   java.util.Properties config = new java.util.Properties();
   config.put("StrictHostKeyChecking", "no");
   session.setConfig(config);
   session.connect();
   return session;
 }
Example #21
-1
  public static void main(String[] arg) {
    try {
      JSch jsch = new JSch();

      String user = "******";
      String host = "hddev-c01-edge-01";
      int port = 22;
      String privateKey = "src/main/resources/id_rsa";

      jsch.addIdentity(privateKey);

      System.out.println("identity added ");

      Session session = jsch.getSession(user, host, port);
      System.out.println("session created.");

      // disabling StrictHostKeyChecking may help to make connection but makes it insecure
      // see
      // http://stackoverflow.com/questions/30178936/jsch-sftp-security-with-session-setconfigstricthostkeychecking-no
      //
      java.util.Properties config = new java.util.Properties();
      config.put("StrictHostKeyChecking", "no");
      session.setConfig(config);

      session.connect();
      System.out.println("session connected.....");

      Channel channel = session.openChannel("sftp");
      channel.setInputStream(System.in);
      channel.setOutputStream(System.out);
      channel.connect();
      System.out.println("shell channel connected....");

      ChannelSftp c = (ChannelSftp) channel;

      String fileName = "src/main/resources/test.txt";
      c.put(fileName, "./in/");
      c.exit();
      System.out.println("done");

    } catch (Exception e) {
      System.err.println(e);
    }
  }
Example #22
-1
  /**
   * Retrieves the session for the specified Job.
   *
   * @param job
   * @return
   * @throws PortalServiceException
   */
  public Session getSession(CloudFileOwner job) throws PortalServiceException {
    try {
      JSch jsch = new JSch();
      String prvkey = job.getProperty(NCIDetails.PROPERTY_NCI_KEY);
      jsch.addIdentity(new IdentityString(jsch, prvkey), null);
      String userName = job.getProperty(NCIDetails.PROPERTY_NCI_USER);
      Session session = jsch.getSession(userName, endPoint, 22);
      session.setConfig("StrictHostKeyChecking", "no");
      if (!session.isConnected()) {
        session.connect();
      }

      return session;
    } catch (JSchException ex) {
      logger.error("Unable to retrieve SSH session for job " + job.getId() + ":" + ex.getMessage());
      logger.debug("Exception:", ex);
      throw new PortalServiceException("Unable to retrieve SSH session for job " + job.getId(), ex);
    }
  }
Example #23
-1
 // @checkstyle ProtectedMethodInFinalClassCheck (10 lines)
 @Override
 @RetryOnFailure(
     attempts = Tv.SEVEN,
     delay = 1,
     unit = TimeUnit.MINUTES,
     verbose = false,
     randomize = true,
     types = IOException.class)
 protected Session session() throws IOException {
   try {
     JSch.setConfig("StrictHostKeyChecking", "no");
     JSch.setLogger(new JschLogger());
     final JSch jsch = new JSch();
     final File file = File.createTempFile("jcabi-ssh", ".key");
     FileUtils.forceDeleteOnExit(file);
     FileUtils.write(
         file,
         this.key.replaceAll("\r", "").replaceAll("\n\\s+|\n{2,}", "\n").trim(),
         CharEncoding.UTF_8);
     jsch.setHostKeyRepository(new EasyRepo());
     jsch.addIdentity(file.getAbsolutePath());
     Logger.debug(
         this,
         "Opening SSH session to %s@%s:%s (%d bytes in RSA key)...",
         this.getLogin(),
         this.getAddr(),
         this.getPort(),
         file.length());
     final Session session = jsch.getSession(this.getLogin(), this.getAddr(), this.getPort());
     session.setServerAliveInterval((int) TimeUnit.SECONDS.toMillis(Tv.TEN));
     session.setServerAliveCountMax(Tv.MILLION);
     session.connect();
     FileUtils.deleteQuietly(file);
     return session;
   } catch (final JSchException ex) {
     throw new IOException(ex);
   }
 }
Example #24
-1
 private void newSession() throws JSchException {
   JSch jsch = new JSch();
   session = null;
   try {
     session = jsch.getSession(username, host, port);
     if (timeout != 0) session.setTimeout(timeout);
     logger.debug("%s@%s:%d: Session created.", username, host, port);
     if (password != null) {
       session.setPassword(password);
     } else {
       // jsch wipes out your private key
       jsch.addIdentity(
           username, Arrays.copyOf(privateKey, privateKey.length), null, emptyPassPhrase);
     }
   } catch (JSchException e) {
     throw new SshException(
         String.format("%s@%s:%d: Error creating session.", username, host, port), e);
   }
   java.util.Properties config = new java.util.Properties();
   config.put("StrictHostKeyChecking", "no");
   session.setConfig(config);
   session.connect();
   logger.debug("%s@%s:%d: Session connected.", username, host, port);
 }