public void start() throws IOException {
if (isRunning()) {
return;
}
sshd = SshServer.setUpDefaultServer();
sshd.setPort(RGSParametersCLI.getSSHDServerPort());
sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(HOST_KEY_PROVIDER_FILE));
sshd.setFileSystemFactory(
new CodeOrchestraFileSystemFactory(RGSParametersCLI.getWorkspacePath()));
// sshd.setShellFactory(new ProcessShellFactory(new String[] { "/bin/sh", "-i", "-l" }));
List<NamedFactory<UserAuth>> userAuthFactories = new ArrayList<NamedFactory<UserAuth>>();
userAuthFactories.add(new UserAuthPassword.Factory());
sshd.setUserAuthFactories(userAuthFactories);
sshd.setPasswordAuthenticator(
new PasswordAuthenticator() {
@Override
public boolean authenticate(String user, String password, ServerSession serverSession) {
return user.equals(RGSParametersCLI.getUsername())
&& password.equals(RGSParametersCLI.getPassword());
}
});
sshd.setCommandFactory(new ScpCommandFactory());
List<NamedFactory<Command>> namedFactoryList = new ArrayList<NamedFactory<Command>>();
namedFactoryList.add(new SftpSubsystem.Factory());
sshd.setSubsystemFactories(namedFactoryList);
sshd.start();
running = true;
}
@Autowired
public OpalSshServer(
@Qualifier("ssh") CommandRegistry commandRegistry,
OpalShellFactory shellFactory,
OpalShellHolder opalShellHolder,
@Value("${org.obiba.opal.ssh.port}") Integer port) {
this.commandRegistry = commandRegistry;
this.shellFactory = shellFactory;
this.opalShellHolder = opalShellHolder;
sshd = SshServer.setUpDefaultServer();
sshd.setPort(port);
sshd.setKeyPairProvider(
new PEMGeneratorHostKeyProvider(
System.getProperty("OPAL_HOME") + "/conf/sshd.pem", "RSA", 2048));
sshd.setShellFactory(
new Factory<Command>() {
@Override
public Command create() {
return new OpalShellCommand();
}
});
sshd.setPasswordAuthenticator(
new PasswordAuthenticator() {
@Override
public boolean authenticate(String username, String password, ServerSession session) {
try {
Subject subject = SecurityUtils.getSubject();
subject.login(
new UsernamePasswordToken(
username,
password.toCharArray(),
session.getIoSession().getRemoteAddress().toString()));
ensureProfile(subject);
// Sessions don't expire automatically
SecurityUtils.getSubject().getSession().setTimeout(-1);
} catch (AuthenticationException ae) {
return false;
}
return SecurityUtils.getSubject().isAuthenticated();
}
private void ensureProfile(Subject subject) {
Object principal = subject.getPrincipal();
if (!subjectProfileService.supportProfile(principal)) {
return;
}
subjectProfileService.ensureProfile(subject.getPrincipals());
}
});
sshd.setFileSystemFactory(
new FileSystemFactory() {
@Override
public FileSystemView createFileSystemView(Session session) throws IOException {
return new OpalFileSystemView(opalRuntime, session.getUsername());
}
});
sshd.setSubsystemFactories(
ImmutableList.<NamedFactory<Command>>of(new SftpSubsystem.Factory()));
}