public class SshServer extends AbstractFactoryManager implements ServerFactoryManager, Closeable
The SshServer class is the main entry point for the server side of the SSH protocol.
The SshServer has to be configured before being started. Such configuration can be
done either using a dependency injection mechanism (such as the Spring framework)
or programmatically. Basic setup is usually done using the setUpDefaultServer()
method, which will known ciphers, macs, channels, etc...
Besides this basic setup, a few things have to be manually configured such as the
port number, Factory
, the KeyPairProvider
and the PasswordAuthenticator
.
Some properties can also be configured using the PropertyResolverUtils
updateProperty
methods.
start()
method and stopped using the stop()
method.ServerFactoryManager
,
FactoryManager
AbstractCloseable.State
AttributeRepository.AttributeKey<T>
Modifier and Type | Field and Description |
---|---|
protected IoAcceptor |
acceptor |
static List<ServiceFactory> |
DEFAULT_SERVICE_FACTORIES |
static Factory<SshServer> |
DEFAULT_SSH_SERVER_FACTORY |
protected String |
host |
protected int |
port |
agentFactory, channelFactories, channelListenerProxy, channelListeners, executor, fileSystemFactory, forwarderFactory, forwardingFilter, globalRequestHandlers, ioServiceFactory, ioServiceFactoryFactory, randomFactory, serviceFactories, sessionListenerProxy, sessionListeners, sessionTimeoutListener, shutdownExecutor, timeoutListenerFuture, tunnelListenerProxy, tunnelListeners
closeFuture, lock, state
log
COMMAND_EXIT_TIMEOUT, DEFAULT_COMMAND_EXIT_TIMEOUT, MAX_CONCURRENT_SESSIONS, MODULI_URL, SERVER_EXTRA_IDENT_LINES_SEPARATOR, SERVER_EXTRA_IDENTIFICATION_LINES, SERVER_IDENTIFICATION
AGENT_FORWARDING_TYPE, AGENT_FORWARDING_TYPE_IETF, AGENT_FORWARDING_TYPE_OPENSSH, AUTH_TIMEOUT, CHANNEL_CLOSE_TIMEOUT, DEFAULT_AUTH_TIMEOUT, DEFAULT_CHANNEL_CLOSE_TIMEOUT, DEFAULT_DISCONNECT_TIMEOUT, DEFAULT_IDLE_TIMEOUT, DEFAULT_IGNORE_MESSAGE_FREQUENCY, DEFAULT_IGNORE_MESSAGE_SIZE, DEFAULT_IGNORE_MESSAGE_VARIANCE, DEFAULT_LIMIT_PACKET_SIZE, DEFAULT_MAX_IDENTIFICATION_SIZE, DEFAULT_MAX_PACKET_SIZE, DEFAULT_NIO_WORKERS, DEFAULT_NIO2_MIN_WRITE_TIMEOUT, DEFAULT_NIO2_READ_TIMEOUT, DEFAULT_REKEY_BYTES_LIMIT, DEFAULT_REKEY_PACKETS_LIMIT, DEFAULT_REKEY_TIME_LIMIT, DEFAULT_STOP_WAIT_TIME, DEFAULT_VERSION, DEFAULT_WINDOW_SIZE, DEFAULT_WINDOW_TIMEOUT, DISCONNECT_TIMEOUT, IDLE_TIMEOUT, IGNORE_MESSAGE_FREQUENCY, IGNORE_MESSAGE_SIZE, IGNORE_MESSAGE_VARIANCE, LIMIT_PACKET_SIZE, MAX_IDENTIFICATION_SIZE, MAX_PACKET_SIZE, NIO_WORKERS, NIO2_MIN_WRITE_TIMEOUT, NIO2_READ_BUFFER_SIZE, NIO2_READ_TIMEOUT, REKEY_BLOCKS_LIMIT, REKEY_BYTES_LIMIT, REKEY_PACKETS_LIMIT, REKEY_TIME_LIMIT, SOCKET_BACKLOG, SOCKET_KEEPALIVE, SOCKET_LINGER, SOCKET_RCVBUF, SOCKET_REUSEADDR, SOCKET_SNDBUF, STOP_WAIT_TIME, TCP_NODELAY, WINDOW_SIZE, WINDOW_TIMEOUT
NONE
EMPTY
AUTH_METHODS, AUTO_WELCOME_BANNER_VALUE, DEFAULT_BANNER_PHASE, DEFAULT_MAX_AUTH_REQUESTS, DEFAULT_USER_AUTH_GSS_FACTORY, DEFAULT_USER_AUTH_KB_INTERACTIVE_FACTORY, DEFAULT_USER_AUTH_PASSWORD_FACTORY, DEFAULT_USER_AUTH_PUBLIC_KEY_FACTORY, DEFAULT_WELCOME_BANNER_LANGUAGE, MAX_AUTH_REQUESTS, WELCOME_BANNER, WELCOME_BANNER_CHARSET, WELCOME_BANNER_LANGUAGE, WELCOME_BANNER_PHASE
CLOSE_WAIT_TIMEOUT, DEFAULT_CLOSE_WAIT_TIMEOUT
Constructor and Description |
---|
SshServer() |
Modifier and Type | Method and Description |
---|---|
protected void |
checkConfig() |
protected IoAcceptor |
createAcceptor() |
protected SessionFactory |
createSessionFactory() |
List<AbstractSession> |
getActiveSessions()
Obtain the list of active sessions.
|
Set<SocketAddress> |
getBoundAddresses() |
CommandFactory |
getCommandFactory()
Retrieve the
CommandFactory to be used to process commands requests. |
GSSAuthenticator |
getGSSAuthenticator()
Retrieve the
GSSAuthenticator to be used by the SSH server. |
String |
getHost() |
HostBasedAuthenticator |
getHostBasedAuthenticator()
Retrieve the
HostBasedAuthenticator to be used by the SSH server. |
protected Closeable |
getInnerCloseable() |
KeyboardInteractiveAuthenticator |
getKeyboardInteractiveAuthenticator()
Retrieve the
KeyboardInteractiveAuthenticator to be used by
the SSH server. |
KeyPairProvider |
getKeyPairProvider()
Retrieve the
KeyPairProvider that will be used to find
the host key to use on the server side or the user key on the client side. |
PasswordAuthenticator |
getPasswordAuthenticator()
Retrieve the
PasswordAuthenticator to be used by the SSH server. |
int |
getPort() |
PublickeyAuthenticator |
getPublickeyAuthenticator()
Retrieve the
PublickeyAuthenticator to be used by SSH server. |
ServerProxyAcceptor |
getServerProxyAcceptor() |
SessionFactory |
getSessionFactory() |
Factory<Command> |
getShellFactory()
Retrieve the
ShellFactory object to be used to create shells. |
List<NamedFactory<Command>> |
getSubsystemFactories()
Retrieve the list of named factories for
CommandFactory.Command to
be used to create subsystems. |
List<NamedFactory<UserAuth>> |
getUserAuthFactories()
Retrieve the list of named factories for
UserAuth objects. |
boolean |
isStarted() |
void |
open() |
void |
setCommandFactory(CommandFactory commandFactory) |
void |
setGSSAuthenticator(GSSAuthenticator gssAuthenticator) |
void |
setHost(String host) |
void |
setHostBasedAuthenticator(HostBasedAuthenticator hostBasedAuthenticator) |
void |
setKeyboardInteractiveAuthenticator(KeyboardInteractiveAuthenticator interactiveAuthenticator) |
void |
setKeyPairProvider(KeyPairProvider keyPairProvider) |
void |
setPasswordAuthenticator(PasswordAuthenticator passwordAuthenticator) |
void |
setPort(int port)
Configure the port number to use for this SSH server.
|
void |
setPublickeyAuthenticator(PublickeyAuthenticator publickeyAuthenticator) |
void |
setServerProxyAcceptor(ServerProxyAcceptor proxyAcceptor) |
void |
setSessionFactory(SessionFactory sessionFactory) |
void |
setShellFactory(Factory<Command> shellFactory) |
void |
setSubsystemFactories(List<NamedFactory<Command>> subsystemFactories) |
static SshServer |
setUpDefaultServer()
Setup a default server
|
void |
setUserAuthFactories(List<NamedFactory<UserAuth>> userAuthFactories) |
void |
start()
Start the SSH server and accept incoming exceptions on the configured port.
|
void |
stop()
Stop the SSH server.
|
void |
stop(boolean immediately) |
String |
toString() |
addChannelListener, addPortForwardingEventListener, addSessionListener, attributeKeys, clearAttributes, computeAttributeIfAbsent, createSessionTimeoutListener, getAgentFactory, getAttribute, getAttributesCount, getChannelFactories, getChannelListenerProxy, getChannelStreamPacketWriterResolver, getFileSystemFactory, getForwarderFactory, getForwardingFilter, getGlobalRequestHandlers, getIoServiceEventListener, getIoServiceFactory, getIoServiceFactoryFactory, getNioWorkers, getParentPropertyResolver, getPortForwardingEventListenerProxy, getProperties, getRandomFactory, getReservedSessionMessagesHandler, getScheduledExecutorService, getServiceFactories, getSessionListenerProxy, getUnknownChannelReferenceHandler, getVersion, removeAttribute, removeChannelListener, removePortForwardingEventListener, removeSessionListener, removeSessionTimeout, resolveUnknownChannelReferenceHandler, setAgentFactory, setAttribute, setChannelFactories, setChannelStreamPacketWriterResolver, setFileSystemFactory, setForwarderFactory, setForwardingFilter, setGlobalRequestHandlers, setIoServiceEventListener, setIoServiceFactoryFactory, setNioWorkers, setParentPropertyResolver, setRandomFactory, setReservedSessionMessagesHandler, setScheduledExecutorService, setScheduledExecutorService, setServiceFactories, setUnknownChannelReferenceHandler, setupSessionTimeout, stopSessionTimeoutListener
getCipherFactories, getCompressionFactories, getDelegate, getKeyExchangeFactories, getMacFactories, getSignatureFactories, resolveEffectiveFactories, resolveEffectiveProvider, setCipherFactories, setCompressionFactories, setKeyExchangeFactories, setMacFactories, setSignatureFactories
doCloseGracefully, doCloseImmediately
addCloseFutureListener, builder, close, isClosed, isClosing, preClose, removeCloseFutureListener
getSimplifiedLogger
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
getAgentFactory, getAgentForwardingFilter, getChannelFactories, getFileSystemFactory, getForwarderFactory, getForwardingFilter, getGlobalRequestHandlers, getIoServiceFactory, getRandomFactory, getScheduledExecutorService, getServiceFactories, getTcpForwardingFilter, getVersion, getX11ForwardingFilter, resolveAttribute, resolveAttribute
getCipherFactories, getCipherFactoriesNameList, getCipherFactoriesNames, getCompressionFactories, getCompressionFactoriesNameList, getCompressionFactoriesNames, getKeyExchangeFactories, getMacFactories, getMacFactoriesNameList, getMacFactoriesNames, setCipherFactories, setCipherFactoriesNameList, setCipherFactoriesNames, setCipherFactoriesNames, setCompressionFactories, setCompressionFactoriesNameList, setCompressionFactoriesNames, setCompressionFactoriesNames, setKeyExchangeFactories, setMacFactories, setMacFactoriesNameList, setMacFactoriesNames, setMacFactoriesNames
getSignatureFactories, getSignatureFactories, getSignatureFactoriesNameList, getSignatureFactoriesNames, resolveSignatureFactories, setSignatureFactories, setSignatureFactoriesNameList, setSignatureFactoriesNames, setSignatureFactoriesNames
addSessionListener, getSessionListenerProxy, removeSessionListener
getReservedSessionMessagesHandler, setReservedSessionMessagesHandler
addChannelListener, getChannelListenerProxy, removeChannelListener
getChannelStreamPacketWriterResolver, resolveChannelStreamPacketWriter, resolveChannelStreamPacketWriterResolver, setChannelStreamPacketWriterResolver
getUnknownChannelReferenceHandler, resolveUnknownChannelReferenceHandler, setUnknownChannelReferenceHandler
addPortForwardingEventListener, getPortForwardingEventListenerProxy, removePortForwardingEventListener
getIoServiceEventListener, setIoServiceEventListener
clearAttributes, computeAttributeIfAbsent, removeAttribute, setAttribute
attributeKeys, getAttribute, getAttributesCount, ofAttributesMap, ofKeyValuePair
getBoolean, getBooleanProperty, getInteger, getIntProperty, getLong, getLongProperty, getObject, getParentPropertyResolver, getProperties, getString, getStringProperty
getUserAuthFactoriesNameList, getUserAuthFactoriesNames, resolveUserAuthFactories, resolveUserAuthFactories, setUserAuthFactoriesNameList, setUserAuthFactoriesNames, setUserAuthFactoriesNames
addCloseFutureListener, close, close, close, getMaxCloseWaitTime, isClosed, isClosing, isOpen, removeCloseFutureListener
public static final List<ServiceFactory> DEFAULT_SERVICE_FACTORIES
protected IoAcceptor acceptor
protected String host
protected int port
public String getHost()
public void setHost(String host)
public int getPort()
public void setPort(int port)
port
- the port number for this SSH serverpublic Set<SocketAddress> getBoundAddresses()
public List<NamedFactory<UserAuth>> getUserAuthFactories()
ServerAuthenticationManager
UserAuth
objects.getUserAuthFactories
in interface ServerAuthenticationManager
UserAuth
factories, never null
/emptypublic void setUserAuthFactories(List<NamedFactory<UserAuth>> userAuthFactories)
setUserAuthFactories
in interface ServerAuthenticationManager
public Factory<Command> getShellFactory()
ServerFactoryManager
ShellFactory
object to be used to create shells.getShellFactory
in interface ServerFactoryManager
ShellFactory
object or null
if shells
are not supported on this serverpublic SessionFactory getSessionFactory()
public void setSessionFactory(SessionFactory sessionFactory)
public ServerProxyAcceptor getServerProxyAcceptor()
getServerProxyAcceptor
in interface ServerProxyAcceptorHolder
public void setServerProxyAcceptor(ServerProxyAcceptor proxyAcceptor)
setServerProxyAcceptor
in interface ServerProxyAcceptorHolder
public CommandFactory getCommandFactory()
ServerFactoryManager
CommandFactory
to be used to process commands requests.getCommandFactory
in interface ServerFactoryManager
CommandFactory
object or null
if commands
are not supported on this serverpublic void setCommandFactory(CommandFactory commandFactory)
public List<NamedFactory<Command>> getSubsystemFactories()
ServerFactoryManager
CommandFactory.Command
to
be used to create subsystems.getSubsystemFactories
in interface ServerFactoryManager
CommandFactory.Command
factories
or null
if subsystems are not supported on this serverpublic void setSubsystemFactories(List<NamedFactory<Command>> subsystemFactories)
public PasswordAuthenticator getPasswordAuthenticator()
ServerAuthenticationManager
PasswordAuthenticator
to be used by the SSH server.
If no authenticator has been configured (i.e. this method returns
null
), then client authentication requests based on passwords
will be rejected.getPasswordAuthenticator
in interface ServerAuthenticationManager
PasswordAuthenticator
or null
public void setPasswordAuthenticator(PasswordAuthenticator passwordAuthenticator)
setPasswordAuthenticator
in interface ServerAuthenticationManager
public PublickeyAuthenticator getPublickeyAuthenticator()
ServerAuthenticationManager
PublickeyAuthenticator
to be used by SSH server.
If no authenticator has been configured (i.e. this method returns
null
), then client authentication requests based on keys will be
rejected.getPublickeyAuthenticator
in interface ServerAuthenticationManager
PublickeyAuthenticator
or null
public void setPublickeyAuthenticator(PublickeyAuthenticator publickeyAuthenticator)
setPublickeyAuthenticator
in interface ServerAuthenticationManager
public KeyboardInteractiveAuthenticator getKeyboardInteractiveAuthenticator()
ServerAuthenticationManager
KeyboardInteractiveAuthenticator
to be used by
the SSH server. If no authenticator has been configured (i.e. this method returns
null
), then client authentication requests based on this method
will be rejected.getKeyboardInteractiveAuthenticator
in interface ServerAuthenticationManager
KeyboardInteractiveAuthenticator
or null
public void setKeyboardInteractiveAuthenticator(KeyboardInteractiveAuthenticator interactiveAuthenticator)
setKeyboardInteractiveAuthenticator
in interface ServerAuthenticationManager
public GSSAuthenticator getGSSAuthenticator()
ServerAuthenticationManager
GSSAuthenticator
to be used by the SSH server.
If no authenticator has been configured (i.e. this method returns
null
), then client authentication requests based on gssapi
will be rejected.getGSSAuthenticator
in interface ServerAuthenticationManager
GSSAuthenticator
or null
public void setGSSAuthenticator(GSSAuthenticator gssAuthenticator)
setGSSAuthenticator
in interface ServerAuthenticationManager
public HostBasedAuthenticator getHostBasedAuthenticator()
ServerAuthenticationManager
HostBasedAuthenticator
to be used by the SSH server. If
no authenticator has been configured (i.e. this method returns null
),
then client authentication requests based on this method will be rejected.getHostBasedAuthenticator
in interface ServerAuthenticationManager
HostBasedAuthenticator
or null
public void setHostBasedAuthenticator(HostBasedAuthenticator hostBasedAuthenticator)
setHostBasedAuthenticator
in interface ServerAuthenticationManager
public KeyPairProvider getKeyPairProvider()
KeyPairProviderHolder
KeyPairProvider
that will be used to find
the host key to use on the server side or the user key on the client side.getKeyPairProvider
in interface KeyPairProviderHolder
KeyPairProvider
, never null
public void setKeyPairProvider(KeyPairProvider keyPairProvider)
setKeyPairProvider
in interface KeyPairProviderHolder
protected void checkConfig()
checkConfig
in class AbstractFactoryManager
public boolean isStarted()
public void start() throws IOException
started
IOException
- If failed to startpublic void stop() throws IOException
IOException
- if stopping failed somehowpublic void stop(boolean immediately) throws IOException
IOException
public void open() throws IOException
IOException
protected Closeable getInnerCloseable()
getInnerCloseable
in class AbstractInnerCloseable
public List<AbstractSession> getActiveSessions()
List
of the currently active sessionprotected IoAcceptor createAcceptor()
protected SessionFactory createSessionFactory()
Copyright © 2008–2022 The Apache Software Foundation. All rights reserved.