public NccCLI(Integer port) {
sshd = SshServer.setUpDefaultServer();
sshd.setPort(port);
sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider("hostkey.ser"));
sshd.setPasswordAuthenticator(new NccPasswordAuthenticator());
sshd.setShellFactory(new NccShellFactory());
}
@Override
public void start() throws ServiceException {
sshd.setPort(port);
try {
sshd.start();
} catch (IOException e) {
throw new ServiceException(e);
}
}
@Override
public void start() {
try {
log.info("Starting Opal SSH Server on port {}", sshd.getPort());
sshd.start();
isRunning = true;
} catch (IOException e) {
throw new RuntimeException(e);
}
}
private void setupUserAuth(PublickeyAuthenticator auth) {
List<NamedFactory<UserAuth>> list = new ArrayList<NamedFactory<UserAuth>>();
if (auth != null) {
list.add(new UserAuthPublicKey.Factory());
sshd.setPublickeyAuthenticator(auth);
} else {
list.add(new UserAuthNone.Factory());
}
sshd.setUserAuthFactories(list);
}
@Override
public void start() throws ServiceException {
sshServer = SshServer.setUpDefaultServer();
sshServer.setPort(port);
sshServer.setHost(bind);
final String basePath = SystemInstance.get().getBase().getDirectory().getAbsolutePath();
if (SecurityUtils.isBouncyCastleRegistered()) {
sshServer.setKeyPairProvider(
new PEMGeneratorHostKeyProvider(new File(basePath, KEY_NAME + ".pem").getPath()));
} else {
sshServer.setKeyPairProvider(
new SimpleGeneratorHostKeyProvider(new File(basePath, KEY_NAME + ".ser").getPath()));
}
final OpenEJBShellFactory sf = new OpenEJBShellFactory(bind, port);
sshServer.setShellFactory(sf);
final JaasPasswordAuthenticator authenticator = new OpenEJBJaasPasswordAuthenticator();
authenticator.setDomain(domain);
sshServer.setPasswordAuthenticator(authenticator);
try {
sshServer.start();
} catch (IOException e) {
// no-op
}
}
/**
* creates a new Config with the ssh hostname and port set to connect to the provided server.
*
* @param sshd the server to configure for
* @param sshKey the public key location to configure
* @param existing the existing configuration
* @return a new Config
* @see Config#Config(IGerritHudsonTriggerConfig)
*/
public static Config getConfigFor(
final SshServer sshd, KeyPairFiles sshKey, IGerritHudsonTriggerConfig existing) {
Config c = new Config(existing);
String host = sshd.getHost();
if (StringUtils.isBlank(host)) {
c.setGerritHostName("localhost");
} else {
c.setGerritHostName(host);
}
c.setGerritSshPort(sshd.getPort());
if (sshKey != null) {
c.setGerritAuthKeyFile(sshKey.getPrivateKey());
}
return c;
}
@Override
public void stop() throws ServiceException {
try {
sshServer.stop();
} catch (Exception e) {
// no-op
}
}
public void start() {
logger.info("Starting CLI on port " + Ncc.cliSshPort);
try {
sshd.start();
} catch (IOException e) {
e.printStackTrace();
}
}
@Override
public void stop() {
try {
isRunning = false;
sshd.stop(true);
} catch (InterruptedException e) {
throw new RuntimeException(e);
}
}
/**
* Starts a ssh server on the provided port.
*
* @param server the server mock to start
* @return the server.
* @throws IOException if so.
*/
public static SshServer startServer(SshdServerMock server) throws IOException {
SshServer sshd = SshServer.setUpDefaultServer();
sshd.setPort(0);
sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider("hostkey.ser"));
List<NamedFactory<UserAuth>> userAuthFactories = new ArrayList<NamedFactory<UserAuth>>();
userAuthFactories.add(new UserAuthNone.Factory());
sshd.setUserAuthFactories(userAuthFactories);
sshd.setCommandFactory(server);
sshd.start();
return sshd;
}
public void stop() {
if (!isRunning()) {
return;
}
try {
sshd.stop(true);
} catch (InterruptedException e) {
// ignore
}
sshd = null;
running = false;
}
public void start() throws IOException {
if (isRunning()) {
return;
}
sshd = SshServer.setUpDefaultServer();
sshd.setPort(RGSParametersCLI.getSSHDServerPort());
sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(HOST_KEY_PROVIDER_FILE));
sshd.setFileSystemFactory(
new CodeOrchestraFileSystemFactory(RGSParametersCLI.getWorkspacePath()));
// sshd.setShellFactory(new ProcessShellFactory(new String[] { "/bin/sh", "-i", "-l" }));
List<NamedFactory<UserAuth>> userAuthFactories = new ArrayList<NamedFactory<UserAuth>>();
userAuthFactories.add(new UserAuthPassword.Factory());
sshd.setUserAuthFactories(userAuthFactories);
sshd.setPasswordAuthenticator(
new PasswordAuthenticator() {
@Override
public boolean authenticate(String user, String password, ServerSession serverSession) {
return user.equals(RGSParametersCLI.getUsername())
&& password.equals(RGSParametersCLI.getPassword());
}
});
sshd.setCommandFactory(new ScpCommandFactory());
List<NamedFactory<Command>> namedFactoryList = new ArrayList<NamedFactory<Command>>();
namedFactoryList.add(new SftpSubsystem.Factory());
sshd.setSubsystemFactories(namedFactoryList);
sshd.start();
running = true;
}
@Before
public void setup() throws Exception {
int port = AvailablePortFinder.getNextAvailable(10000);
// Write port number to configuration file in target
String basedir = System.getProperty("basedir");
if (basedir == null) {
basedir = new File(".").getCanonicalPath();
}
// Read in camel configuration file and substitute in the correct port
File f = new File(basedir + "/src/test/resources/camel-scp.xml");
FileInputStream inputStream = new FileInputStream(f);
String content = IOUtils.toString(inputStream, "UTF-8");
inputStream.close();
content = content.replaceAll("portno", "" + port);
File f2 = new File(basedir + "/target/test-classes/camel-scp.xml");
FileOutputStream outputStream = new FileOutputStream(f2);
IOUtils.write(content, outputStream, "UTF-8");
outputStream.close();
sshServer = SshServer.setUpDefaultServer();
sshServer.setPort(port);
// Generate a key
sshServer.setKeyPairProvider(new SimpleGeneratorHostKeyProvider("target/generatedkey.pem"));
sshServer.setCommandFactory(new ScpCommandFactory());
sshServer.setPasswordAuthenticator(new CamelPasswordAuthenticator());
sshServer.start();
setupKnownHosts(port);
// Create "storage" directory (delete it first if it exists)
File storageDirectory = new File(basedir + "/target/storage");
if (storageDirectory.exists()) {
storageDirectory.delete();
}
storageDirectory.mkdir();
}
@Inject
public Server(final Context ctx, CommandFactory factory) {
port = ctx.configuration().getSshPort();
sshd = SshServer.setUpDefaultServer();
if (SecurityUtils.isBouncyCastleRegistered()) {
sshd.setKeyPairProvider(new PEMGeneratorHostKeyProvider("key.pem"));
} else {
sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider("key.ser"));
}
PublickeyAuthenticator auth = null;
if (ctx.configuration().getAuthentication() == Configuration.Authentication.SSH_PUBLIC_KEYS) {
auth = ctx.getInjector().getInstance(PublickeyAuthenticator.class);
}
setupUserAuth(auth);
sshd.setCommandFactory(factory);
if (!ctx.configuration().isRemoteAllowed()) {
sshd.setSessionFactory(new LocalOnlySessionFactory());
}
sshd.setForwardingFilter(
new ForwardingFilter() {
public boolean canForwardAgent(ServerSession session) {
return false;
}
public boolean canForwardX11(ServerSession session) {
return false;
}
public boolean canListen(InetSocketAddress address, ServerSession session) {
return false;
}
public boolean canConnect(InetSocketAddress address, ServerSession session) {
return false;
}
});
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
sshd.stop(true);
sshd = null;
}
@Autowired
public OpalSshServer(
@Qualifier("ssh") CommandRegistry commandRegistry,
OpalShellFactory shellFactory,
OpalShellHolder opalShellHolder,
@Value("${org.obiba.opal.ssh.port}") Integer port) {
this.commandRegistry = commandRegistry;
this.shellFactory = shellFactory;
this.opalShellHolder = opalShellHolder;
sshd = SshServer.setUpDefaultServer();
sshd.setPort(port);
sshd.setKeyPairProvider(
new PEMGeneratorHostKeyProvider(
System.getProperty("OPAL_HOME") + "/conf/sshd.pem", "RSA", 2048));
sshd.setShellFactory(
new Factory<Command>() {
@Override
public Command create() {
return new OpalShellCommand();
}
});
sshd.setPasswordAuthenticator(
new PasswordAuthenticator() {
@Override
public boolean authenticate(String username, String password, ServerSession session) {
try {
Subject subject = SecurityUtils.getSubject();
subject.login(
new UsernamePasswordToken(
username,
password.toCharArray(),
session.getIoSession().getRemoteAddress().toString()));
ensureProfile(subject);
// Sessions don't expire automatically
SecurityUtils.getSubject().getSession().setTimeout(-1);
} catch (AuthenticationException ae) {
return false;
}
return SecurityUtils.getSubject().isAuthenticated();
}
private void ensureProfile(Subject subject) {
Object principal = subject.getPrincipal();
if (!subjectProfileService.supportProfile(principal)) {
return;
}
subjectProfileService.ensureProfile(subject.getPrincipals());
}
});
sshd.setFileSystemFactory(
new FileSystemFactory() {
@Override
public FileSystemView createFileSystemView(Session session) throws IOException {
return new OpalFileSystemView(opalRuntime, session.getUsername());
}
});
sshd.setSubsystemFactories(
ImmutableList.<NamedFactory<Command>>of(new SftpSubsystem.Factory()));
}
@After
public void cleanup() throws Exception {
if (sshServer != null) {
sshServer.stop(true);
}
}