public void start() throws IOException {
    if (isRunning()) {
      return;
    }

    sshd = SshServer.setUpDefaultServer();

    sshd.setPort(RGSParametersCLI.getSSHDServerPort());
    sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(HOST_KEY_PROVIDER_FILE));
    sshd.setFileSystemFactory(
        new CodeOrchestraFileSystemFactory(RGSParametersCLI.getWorkspacePath()));

    // sshd.setShellFactory(new ProcessShellFactory(new String[] { "/bin/sh", "-i", "-l" }));

    List<NamedFactory<UserAuth>> userAuthFactories = new ArrayList<NamedFactory<UserAuth>>();
    userAuthFactories.add(new UserAuthPassword.Factory());
    sshd.setUserAuthFactories(userAuthFactories);
    sshd.setPasswordAuthenticator(
        new PasswordAuthenticator() {
          @Override
          public boolean authenticate(String user, String password, ServerSession serverSession) {
            return user.equals(RGSParametersCLI.getUsername())
                && password.equals(RGSParametersCLI.getPassword());
          }
        });

    sshd.setCommandFactory(new ScpCommandFactory());

    List<NamedFactory<Command>> namedFactoryList = new ArrayList<NamedFactory<Command>>();
    namedFactoryList.add(new SftpSubsystem.Factory());
    sshd.setSubsystemFactories(namedFactoryList);

    sshd.start();

    running = true;
  }
예제 #2
0
  @Autowired
  public OpalSshServer(
      @Qualifier("ssh") CommandRegistry commandRegistry,
      OpalShellFactory shellFactory,
      OpalShellHolder opalShellHolder,
      @Value("${org.obiba.opal.ssh.port}") Integer port) {
    this.commandRegistry = commandRegistry;
    this.shellFactory = shellFactory;
    this.opalShellHolder = opalShellHolder;

    sshd = SshServer.setUpDefaultServer();
    sshd.setPort(port);
    sshd.setKeyPairProvider(
        new PEMGeneratorHostKeyProvider(
            System.getProperty("OPAL_HOME") + "/conf/sshd.pem", "RSA", 2048));
    sshd.setShellFactory(
        new Factory<Command>() {

          @Override
          public Command create() {
            return new OpalShellCommand();
          }
        });
    sshd.setPasswordAuthenticator(
        new PasswordAuthenticator() {

          @Override
          public boolean authenticate(String username, String password, ServerSession session) {
            try {
              Subject subject = SecurityUtils.getSubject();
              subject.login(
                  new UsernamePasswordToken(
                      username,
                      password.toCharArray(),
                      session.getIoSession().getRemoteAddress().toString()));
              ensureProfile(subject);
              // Sessions don't expire automatically
              SecurityUtils.getSubject().getSession().setTimeout(-1);
            } catch (AuthenticationException ae) {
              return false;
            }
            return SecurityUtils.getSubject().isAuthenticated();
          }

          private void ensureProfile(Subject subject) {
            Object principal = subject.getPrincipal();

            if (!subjectProfileService.supportProfile(principal)) {
              return;
            }
            subjectProfileService.ensureProfile(subject.getPrincipals());
          }
        });
    sshd.setFileSystemFactory(
        new FileSystemFactory() {

          @Override
          public FileSystemView createFileSystemView(Session session) throws IOException {
            return new OpalFileSystemView(opalRuntime, session.getUsername());
          }
        });
    sshd.setSubsystemFactories(
        ImmutableList.<NamedFactory<Command>>of(new SftpSubsystem.Factory()));
  }