com.maverick.ssh2

Class Ssh2Context

java.lang.Object

com.maverick.ssh2.Ssh2Context

All Implemented Interfaces:

ExecutorServiceProvider, SshContext

public class Ssh2Context
extends Object
implements SshContext

This class implements SshContextto provide SSH2 connection configuration through the SshConnector class.

To configure an authentication banner for SSH2 connections see BannerDisplay.

The preferred message authentication algorithm for each data stream can be set using:

 SshConnector con = SshConnector.getInstance();
 Ssh2Context context = (Ssh2Context) con.getContext(SshConnector.SSH2);
 
 context.setPreferredMacCS(Ssh2Context.HMAC_MD5); // Client->Server data stream
 context.setPreferredMacSC(Ssh2Context.HMAC_MD5); // Server->Client data stream
 

Once further cipher, public key and compression algorithms have been implemented the same process will apply.

Author:

Lee David Painter

Field Summary

Fields

Modifier and Type	Field and Description
static String	CIPHER_AES_GCM_128
static String	CIPHER_AES_GCM_256
static String	CIPHER_AES128_CBC
static String	CIPHER_AES128_CTR
static String	CIPHER_AES192_CBC
static String	CIPHER_AES192_CTR
static String	CIPHER_AES256_CBC
static String	CIPHER_AES256_CTR
static String	CIPHER_ARCFOUR
static String	CIPHER_ARCFOUR_128
static String	CIPHER_ARCFOUR_256
static String	CIPHER_BLOWFISH_CBC
static String	CIPHER_CHACHA20_POLY1305
static String	CIPHER_TRIPLEDES_CBC
static String	CIPHER_TRIPLEDES_CTR
static String	COMPRESSION_NONE Compression off
static String	COMPRESSION_ZLIB
static String	COMPRESSION_ZLIB_OPENSSH
static String	HMAC_MD5 MD5 message authentication
static String	HMAC_MD5_96 MD5 96 bit message authentication
static String	HMAC_MD5_ETM
static String	HMAC_RIPEMD160
static String	HMAC_RIPEMD160_ETM
static String	HMAC_SHA1 SHA1 message authentication
static String	HMAC_SHA1_96 SHA1 96 bit message authentication
static String	HMAC_SHA1_ETM
static String	HMAC_SHA256
static String	HMAC_SHA256_96
static String	HMAC_SHA256_ETM
static String	HMAC_SHA512
static String	HMAC_SHA512_96
static String	HMAC_SHA512_ETM
static String	KEX_CURVE_25519_SHA256
static String	KEX_CURVE_25519_SHA256_LIBSSH_ORG
static String	KEX_DIFFIE_HELLMAN_ECDH_NISTP_256
static String	KEX_DIFFIE_HELLMAN_ECDH_NISTP_384
static String	KEX_DIFFIE_HELLMAN_ECDH_NISTP_521
static String	KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1 Optional key exchange mechanism in which the server maintains a list of acceptable generators and primes
static String	KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256
static String	KEX_DIFFIE_HELLMAN_GROUP1_SHA1 The required key exchange method
static String	KEX_DIFFIE_HELLMAN_GROUP14_SHA1
static String	KEX_DIFFIE_HELLMAN_GROUP14_SHA256 Constant for the algorithm name "diffie-hellman-group14-sha256".
static String	KEX_DIFFIE_HELLMAN_GROUP15_SHA512 Constant for the algorithm name "diffie-hellman-group15-sha512".
static String	KEX_DIFFIE_HELLMAN_GROUP16_SHA512 Constant for the algorithm name "diffie-hellman-group16-sha512".
static String	KEX_DIFFIE_HELLMAN_GROUP17_SHA512 Constant for the algorithm name "diffie-hellman-group17-sha512".
static String	KEX_DIFFIE_HELLMAN_GROUP18_SHA512 Constant for the algorithm name "diffie-hellman-group18-sha512".
static String	KEX_RSA_1024_SHA1
static String	KEX_RSA_2048_SHA256
static String	PUBLIC_KEY_ECDSA_256
static String	PUBLIC_KEY_ECDSA_384
static String	PUBLIC_KEY_ECDSA_521
static String	PUBLIC_KEY_ED25519
static String	PUBLIC_KEY_RSA_SHA256
static String	PUBLIC_KEY_RSA_SHA512
static String	PUBLIC_KEY_SSHDSS SSH2 DSA Public Key
static String	PUBLIC_KEY_SSHRSA SSH2 RSA Public Key
static String	PUBLIC_KEY_X509_SIGN_DSA
static String	PUBLIC_KEY_X509_SIGN_RSA
static String	PUBLIC_KEY_X509_SIGN_RSA_SHA1

Constructor Summary

Constructors

Constructor and Description
Ssh2Context() Contructs a default context
Ssh2Context(SecurityPolicy securityPolicy)

Method Summary

Modifier and Type	Method and Description
boolean	allowHostKeyUpdates() Accept host key updates from remote server.
void	configureSecurityLevel(SecurityLevel securityLevel)
void	disableCompression()
void	disableETM()
void	disableNonStandardAlgorithms()
void	enableCompression()
void	enableETM()
void	enableFIPSMode() Deprecated. This method is out-of-date. Use JCEProvider.initializeDefaultProvider("BCFIPS") passing a FIPS approved JCE provider in approved mode to restrict algorithms to only those supported by the approved FIPS environment.
void	enableNonStandardAlgorithms()
BannerDisplay	getBannerDisplay() Get the contexts banner display
int	getChannelLimit() Get the maximum number of channels that are allowed open at any one time.
String	getCiphersCS() Get the ciphers for the Client->Server stream.
String	getCiphersSC() Get the ciphers for the Server->Client stream.
int	getDHGroupExchangeKeySize()
ExecutorService	getExecutorService()
MaverickCallbackHandler	getGssCallback()
HostKeyVerification	getHostKeyVerification() Get the host key verification implementation
int	getIdleAuthenticationTimeoutSeconds()
int	getIdleConnectionTimeoutSeconds()
int	getKeepAliveMaxDataLength()
String	getKeyExchanges() Get the ciphers for the Server->Client stream.
String	getMacsCS() Get the ciphers for the Client->Server stream.
String	getMacsSC() Get the ciphers for the Server->Client stream.
int	getMaxDHGroupSize()
int	getMaximumPacketLength() Get the maximim packet size supported by the transport layer.
int	getMaxNumBytesBeforeReKey()
int	getMaxNumPacketsBeforeReKey()
int	getMessageTimeout()
int	getMinDHGroupSize()
int	getPartialMessageTimeout() Deprecated. No longer used. Use getSocketTimeout instead.
String	getPreferredCipherCS() Get the currently preferred cipher for the Client->Server stream.
String	getPreferredCipherSC() Get the currently preferred cipher for the Server->Client stream.
String	getPreferredCompressionCS() Get the currently preferred compression for the Client->Server stream.
String	getPreferredCompressionSC() Get the currently preferred compression for the Server->Client stream.
String	getPreferredKeyExchange() Get the currently preferred key exchange method.
String	getPreferredMacCS() Get the currently preferred mac for the Client->Server stream.
String	getPreferredMacSC() Get the currently supported mac for the Server-Client stream.
String	getPreferredPublicKey() Get the currently preferred public key algorithm.
String	getPublicKeys() Get the ciphers for the Server->Client stream.
SecurityPolicy	getSecurityPolicy()
int	getSessionMaxPacketSize()
int	getSessionMaxWindowSpace()
int	getSftpMaxPacketSize()
int	getSftpMaxWindowSpace()
String	getSFTPProvider() Get the path to the SFTP provider.
int	getSocketTimeout()
boolean	getTemporaryValue(String name, boolean defaultValue)
String	getTemporaryValue(String name, String defaultValue)
byte[]	getX11AuthenticationCookie() Get a fake random cookie for X11 authentication
String	getX11Display() Get the currently configured XDisplay setting which will be null if no display is currently set.
byte[]	getX11RealCookie() Get the real X11 authentication cookie, if not cookie has been set the fake cookie will be returned.
ForwardingRequestListener	getX11RequestListener() Get the X11 forwarding request listener.
boolean	isDHGroupExchangeBackwardsCompatible()
boolean	isEnableETM()
boolean	isKeyReExchangeDisabled()
boolean	isLimitPublicKeysToKnownHosts()
boolean	isNonStandardAlgorithmsEnabled()
boolean	isPreferKeyboardInteractiveOverPassword()
boolean	isSendIgnorePacketOnIdle()
boolean	isSHA1SignaturesSupported() Option to disable SHA1 signatures on RSA keys.
boolean	isTreatIdleConnectionAsError()
boolean	isTriedBackwardsCompatibility() Deprecated.
boolean	isTriedMinimalKeyExchangePacket() Deprecated.
void	setAllowHostKeyUpdates(boolean value) Tell the client to accept host key updates from the server
void	setBannerDisplay(BannerDisplay bannerdisplay) Set a banner display for callback of authentication banners
void	setChannelLimit(int maxChannels) Set the maximum number of channels that are allowed open at any one time.
void	setCipherPreferredPositionCS(String name, int position)
void	setCipherPreferredPositionSC(String name, int position)
void	setDHGroupExchangeBackwardsCompatible(boolean dhGroupExchangeBackwardCompatible)
void	setDHGroupExchangeKeySize(int dhGroupExchangeKeySize)
void	setExecutorService(ExecutorService executor)
void	setGssCallback(MaverickCallbackHandler gsscall)
void	setHostKeyVerification(HostKeyVerification verify) Set the host key verification implementation
void	setIdleAuthenticationTimeoutSeconds(int idleAuthenticationTimeoutSeconds)
void	setIdleConnectionTimeoutSeconds(int idleConnectionTimeoutSeconds)
void	setKeepAliveMaxDataLength(int keepAliveMaxDataLength)
void	setKeyExchangePreferredPosition(String name, int position)
void	setKeyReExchangeDisabled(boolean keyReExchangeDisabled)
void	setLimitPublicKeysToKnownHosts(boolean limitPublicKeysToKnownHosts)
void	setMacPreferredPositionCS(String name, int position)
void	setMacPreferredPositionSC(String name, int position)
void	setMaxDHGroupSize(int maxDHGroupSize)
void	setMaximumPacketLength(int maxPacketLength) Set the maximum packet size supported by the transport layer.
void	setMaxNumBytesBeforeReKey(int maxNumBytesBeforeReKey)
void	setMaxNumPacketsBeforeReKey(int maxNumPacketsBeforeReKey)
void	setMessageTimeout(int messageTimeout)
void	setMinDHGroupSize(int minDHGroupSize)
void	setPartialMessageTimeout(int partialMessageTimeout) Deprecated. No longer used. Use setSocketTimeout.
void	setPreferKeyboardInteractiveOverPassword(boolean preferKeyboardInteractiveOverPassword)
void	setPreferredCipherCS(int[] order) Set the preferred SC cipher order
void	setPreferredCipherCS(String name) Set the preferred cipher for the Client->Server stream.
void	setPreferredCipherSC(int[] order) Set the preferred SC cipher order
void	setPreferredCipherSC(String name) Set the preferred cipher for the Server->Client stream.
void	setPreferredCompressionCS(String name) Set the preferred compression for the Client->Server stream.
void	setPreferredCompressionSC(String name) Set the preferred compression for the Server->Client stream.
void	setPreferredKeyExchange(String name) Set the preferred key exchange method.
void	setPreferredMacCS(int[] order) Set the preferred CS Mac order
void	setPreferredMacCS(String name) Set the preferred mac for the Client->Server stream.
void	setPreferredMacSC(int[] order) Set the preferred SC Mac order
void	setPreferredMacSC(String name) Set the preferred mac for the Server->Client stream.
void	setPreferredPublicKey(String name) Set the preferred public key algorithm.
void	setPublicKeyPreferredPosition(String name, int position)
void	setSendIgnorePacketOnIdle(boolean sendIgnorePacketOnIdle)
void	setSessionMaxPacketSize(int sessionMaxPacketSize)
void	setSessionMaxWindowSpace(int sessionMaxWindowSpace)
void	setSftpMaxPacketSize(int sftpMaxPacketSize)
void	setSftpMaxWindowSpace(int sftpMaxWindowSpace)
void	setSFTPProvider(String sftpProvider) Set the path to the SFTP provider.
void	setSHA1SignaturesSupported(boolean supportSHA1Signatures) Option to disable SHA1 signatures on RSA keys.
void	setSocketTimeout(int socketTimeout)
void	setTemporaryValue(String name, boolean value)
void	setTemporaryValue(String name, String value)
void	setTreatIdleConnectionAsError(boolean treatIdleConnectionAsError)
void	setTriedBackwardsCompatibility(boolean triedBackwardsCompatibility) Deprecated.
void	setTriedMinimalKeyExchangePacket(boolean triedMinimalKeyExchangePacket) Deprecated.
void	setX11AuthenticationCookie(byte[] x11FakeCookie) Set the fake cookie used for X11 authentication
void	setX11Display(String xDisplay) Set the DISPLAY variable for the SSH connection.
void	setX11RealCookie(byte[] x11RealCookie) Sets the real X11 authentication cookie which can be obtained from the users $HOME/.Xauthority file.
void	setX11RequestListener(ForwardingRequestListener x11Listener) Set the listener to which X11 forwarding requests will be processed.
ComponentFactory<SshCipher>	supportedCiphersCS()
ComponentFactory<SshCipher>	supportedCiphersSC() Returns this context's supported cipher algorithms.
ComponentFactory<SshCompression>	supportedCompressionsCS() Get this context's supported CS compression algorithms.
ComponentFactory<SshCompression>	supportedCompressionsSC() Get this context's supported SC compression algorithms.
ComponentFactory<SshKeyExchange>	supportedKeyExchanges() Get this context's supported key exchange methods.
ComponentFactory<SshHmac>	supportedMacsCS() Get this context's supported message authentication algorithms CS.
ComponentFactory<SshHmac>	supportedMacsSC() Get this context's supported message authentication algorithms SC.
ComponentFactory<SshPublicKey>	supportedPublicKeys() Get this context's supported public keys.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CIPHER_TRIPLEDES_CBC

public static final String CIPHER_TRIPLEDES_CBC

See Also:

Constant Field Values

CIPHER_TRIPLEDES_CTR

public static final String CIPHER_TRIPLEDES_CTR

See Also:

Constant Field Values

CIPHER_BLOWFISH_CBC

public static final String CIPHER_BLOWFISH_CBC

See Also:

Constant Field Values

CIPHER_AES128_CBC

public static final String CIPHER_AES128_CBC

See Also:

Constant Field Values

CIPHER_AES192_CBC

public static final String CIPHER_AES192_CBC

See Also:

Constant Field Values

CIPHER_AES256_CBC

public static final String CIPHER_AES256_CBC

See Also:

Constant Field Values

CIPHER_AES128_CTR

public static final String CIPHER_AES128_CTR

See Also:

Constant Field Values

CIPHER_AES192_CTR

public static final String CIPHER_AES192_CTR

See Also:

Constant Field Values

CIPHER_AES256_CTR

public static final String CIPHER_AES256_CTR

See Also:

Constant Field Values

CIPHER_ARCFOUR

public static final String CIPHER_ARCFOUR

See Also:

Constant Field Values

CIPHER_ARCFOUR_128

public static final String CIPHER_ARCFOUR_128

See Also:

Constant Field Values

CIPHER_ARCFOUR_256

public static final String CIPHER_ARCFOUR_256

See Also:

Constant Field Values

CIPHER_AES_GCM_128

public static final String CIPHER_AES_GCM_128

See Also:

Constant Field Values

CIPHER_AES_GCM_256

public static final String CIPHER_AES_GCM_256

See Also:

Constant Field Values

CIPHER_CHACHA20_POLY1305

public static final String CIPHER_CHACHA20_POLY1305

See Also:

Constant Field Values

HMAC_SHA1

public static final String HMAC_SHA1

SHA1 message authentication

See Also:

Constant Field Values

HMAC_SHA1_ETM

public static final String HMAC_SHA1_ETM

See Also:

Constant Field Values

HMAC_SHA1_96

public static final String HMAC_SHA1_96

SHA1 96 bit message authentication

See Also:

Constant Field Values

HMAC_MD5

public static final String HMAC_MD5

MD5 message authentication

See Also:

Constant Field Values

HMAC_MD5_ETM

public static final String HMAC_MD5_ETM

See Also:

Constant Field Values

HMAC_MD5_96

public static final String HMAC_MD5_96

MD5 96 bit message authentication

See Also:

Constant Field Values

HMAC_SHA256

public static final String HMAC_SHA256

See Also:

Constant Field Values

HMAC_SHA256_ETM

public static final String HMAC_SHA256_ETM

See Also:

Constant Field Values

HMAC_SHA256_96

public static final String HMAC_SHA256_96

See Also:

Constant Field Values

HMAC_SHA512

public static final String HMAC_SHA512

See Also:

Constant Field Values

HMAC_SHA512_ETM

public static final String HMAC_SHA512_ETM

See Also:

Constant Field Values

HMAC_SHA512_96

public static final String HMAC_SHA512_96

See Also:

Constant Field Values

HMAC_RIPEMD160

public static final String HMAC_RIPEMD160

See Also:

Constant Field Values

HMAC_RIPEMD160_ETM

public static final String HMAC_RIPEMD160_ETM

See Also:

Constant Field Values

COMPRESSION_NONE

public static final String COMPRESSION_NONE

Compression off

See Also:

Constant Field Values

COMPRESSION_ZLIB

public static final String COMPRESSION_ZLIB

See Also:

Constant Field Values

COMPRESSION_ZLIB_OPENSSH

public static final String COMPRESSION_ZLIB_OPENSSH

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP1_SHA1

public static final String KEX_DIFFIE_HELLMAN_GROUP1_SHA1

The required key exchange method

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP14_SHA1

public static final String KEX_DIFFIE_HELLMAN_GROUP14_SHA1

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1

public static final String KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1

Optional key exchange mechanism in which the server maintains a list of acceptable generators and primes

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256

public static final String KEX_DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_ECDH_NISTP_256

public static final String KEX_DIFFIE_HELLMAN_ECDH_NISTP_256

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_ECDH_NISTP_384

public static final String KEX_DIFFIE_HELLMAN_ECDH_NISTP_384

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_ECDH_NISTP_521

public static final String KEX_DIFFIE_HELLMAN_ECDH_NISTP_521

See Also:

Constant Field Values

KEX_CURVE_25519_SHA256_LIBSSH_ORG

public static final String KEX_CURVE_25519_SHA256_LIBSSH_ORG

See Also:

Constant Field Values

KEX_CURVE_25519_SHA256

public static final String KEX_CURVE_25519_SHA256

See Also:

Constant Field Values

KEX_RSA_2048_SHA256

public static final String KEX_RSA_2048_SHA256

See Also:

Constant Field Values

KEX_RSA_1024_SHA1

public static final String KEX_RSA_1024_SHA1

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP14_SHA256

public static final String KEX_DIFFIE_HELLMAN_GROUP14_SHA256

Constant for the algorithm name "diffie-hellman-group14-sha256".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP15_SHA512

public static final String KEX_DIFFIE_HELLMAN_GROUP15_SHA512

Constant for the algorithm name "diffie-hellman-group15-sha512".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP16_SHA512

public static final String KEX_DIFFIE_HELLMAN_GROUP16_SHA512

Constant for the algorithm name "diffie-hellman-group16-sha512".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP17_SHA512

public static final String KEX_DIFFIE_HELLMAN_GROUP17_SHA512

Constant for the algorithm name "diffie-hellman-group17-sha512".

See Also:

Constant Field Values

KEX_DIFFIE_HELLMAN_GROUP18_SHA512

public static final String KEX_DIFFIE_HELLMAN_GROUP18_SHA512

Constant for the algorithm name "diffie-hellman-group18-sha512".

See Also:

Constant Field Values

PUBLIC_KEY_SSHDSS

public static final String PUBLIC_KEY_SSHDSS

SSH2 DSA Public Key

See Also:

Constant Field Values

PUBLIC_KEY_SSHRSA

public static final String PUBLIC_KEY_SSHRSA

SSH2 RSA Public Key

See Also:

Constant Field Values

PUBLIC_KEY_X509_SIGN_RSA

public static final String PUBLIC_KEY_X509_SIGN_RSA

See Also:

Constant Field Values

PUBLIC_KEY_X509_SIGN_RSA_SHA1

public static final String PUBLIC_KEY_X509_SIGN_RSA_SHA1

See Also:

Constant Field Values

PUBLIC_KEY_X509_SIGN_DSA

public static final String PUBLIC_KEY_X509_SIGN_DSA

See Also:

Constant Field Values

PUBLIC_KEY_ECDSA_256

public static final String PUBLIC_KEY_ECDSA_256

See Also:

Constant Field Values

PUBLIC_KEY_ECDSA_384

public static final String PUBLIC_KEY_ECDSA_384

See Also:

Constant Field Values

PUBLIC_KEY_ECDSA_521

public static final String PUBLIC_KEY_ECDSA_521

See Also:

Constant Field Values

PUBLIC_KEY_ED25519

public static final String PUBLIC_KEY_ED25519

See Also:

Constant Field Values

PUBLIC_KEY_RSA_SHA256

public static final String PUBLIC_KEY_RSA_SHA256

See Also:

Constant Field Values

PUBLIC_KEY_RSA_SHA512

public static final String PUBLIC_KEY_RSA_SHA512

See Also:

Constant Field Values

Constructor Detail

Ssh2Context

public Ssh2Context()
            throws SshException

Contructs a default context

Throws:

SshException

Ssh2Context

public Ssh2Context(SecurityPolicy securityPolicy)
            throws SshException

Throws:

SshException

Method Detail

getTemporaryValue

public String getTemporaryValue(String name,
                                String defaultValue)

getTemporaryValue

public boolean getTemporaryValue(String name,
                                 boolean defaultValue)

setTemporaryValue

public void setTemporaryValue(String name,
                              String value)

setTemporaryValue

public void setTemporaryValue(String name,
                              boolean value)

getMaximumPacketLength

public int getMaximumPacketLength()

Get the maximim packet size supported by the transport layer.

Returns:

int

setGssCallback

public void setGssCallback(MaverickCallbackHandler gsscall)

getGssCallback

public MaverickCallbackHandler getGssCallback()

setMaximumPacketLength

public void setMaximumPacketLength(int maxPacketLength)

Set the maximum packet size supported by the transport layer. This would not normally require changing but some servers may support larger packets. The default and minimum size is 35,000 bytes.

Parameters:

maxPacketLength - int

setChannelLimit

public void setChannelLimit(int maxChannels)

Description copied from interface: SshContext

Set the maximum number of channels that are allowed open at any one time.

Specified by:

setChannelLimit in interface SshContext

getChannelLimit

public int getChannelLimit()

Description copied from interface: SshContext

Get the maximum number of channels that are allowed open at any one time.

Specified by:

getChannelLimit in interface SshContext

Returns:

the maximum number of channels

setX11Display

public void setX11Display(String xDisplay)

Description copied from interface: SshContext

Set the DISPLAY variable for the SSH connection. If this is set the SSH sessions will have their DISPLAY variable set and X sessions will be forwarded over the SSH connection to the display specified.

Specified by:

setX11Display in interface SshContext

Parameters:

xDisplay - the display in the form localhost:1

getX11Display

public String getX11Display()

Description copied from interface: SshContext

Get the currently configured XDisplay setting which will be null if no display is currently set.

Specified by:

getX11Display in interface SshContext

Returns:

String

getX11AuthenticationCookie

public byte[] getX11AuthenticationCookie()
                                  throws SshException

Description copied from interface: SshContext

Get a fake random cookie for X11 authentication

Specified by:

getX11AuthenticationCookie in interface SshContext

Returns:

byte[]

Throws:

SshException

setX11AuthenticationCookie

public void setX11AuthenticationCookie(byte[] x11FakeCookie)

Description copied from interface: SshContext

Set the fake cookie used for X11 authentication

Specified by:

setX11AuthenticationCookie in interface SshContext

setX11RealCookie

public void setX11RealCookie(byte[] x11RealCookie)

Description copied from interface: SshContext

Sets the real X11 authentication cookie which can be obtained from the users $HOME/.Xauthority file.

Specified by:

setX11RealCookie in interface SshContext

getX11RealCookie

public byte[] getX11RealCookie()
                        throws SshException

Description copied from interface: SshContext

Get the real X11 authentication cookie, if not cookie has been set the fake cookie will be returned.

Specified by:

getX11RealCookie in interface SshContext

Returns:

byte[]

Throws:

SshException

disableETM

public void disableETM()

enableETM

public void enableETM()

isEnableETM

public boolean isEnableETM()

disableNonStandardAlgorithms

public void disableNonStandardAlgorithms()

enableNonStandardAlgorithms

public void enableNonStandardAlgorithms()

isNonStandardAlgorithmsEnabled

public boolean isNonStandardAlgorithmsEnabled()

setX11RequestListener

public void setX11RequestListener(ForwardingRequestListener x11Listener)

Description copied from interface: SshContext

Set the listener to which X11 forwarding requests will be processed.

Specified by:

setX11RequestListener in interface SshContext

getX11RequestListener

public ForwardingRequestListener getX11RequestListener()

Description copied from interface: SshContext

Get the X11 forwarding request listener.

Specified by:

getX11RequestListener in interface SshContext

Returns:

ForwardingRequestListener

getBannerDisplay

public BannerDisplay getBannerDisplay()

Get the contexts banner display

Returns:

the banner display, may be null

setBannerDisplay

public void setBannerDisplay(BannerDisplay bannerdisplay)

Set a banner display for callback of authentication banners

Parameters:

bannerdisplay - the banner display, may be null

supportedCiphersSC

public ComponentFactory<SshCipher> supportedCiphersSC()

Returns this context's supported cipher algorithms.

Returns:

the component factory

supportedCiphersCS

public ComponentFactory<SshCipher> supportedCiphersCS()

getPreferredCipherCS

public String getPreferredCipherCS()

Get the currently preferred cipher for the Client->Server stream.

Returns:

the preferred Client-Server cipher

setPreferredCipherCS

public void setPreferredCipherCS(String name)
                          throws SshException

Set the preferred cipher for the Client->Server stream.

Parameters:

name -

Throws:

SshException

getPreferredCipherSC

public String getPreferredCipherSC()

Get the currently preferred cipher for the Server->Client stream.

Returns:

the preferred Server-Client cipher

getCiphersCS

public String getCiphersCS()

Get the ciphers for the Client->Server stream.

Returns:

the Client-Server ciphers in order of preference

getCiphersSC

public String getCiphersSC()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getMacsCS

public String getMacsCS()

Get the ciphers for the Client->Server stream.

Returns:

the Client-Server ciphers in order of preference

getMacsSC

public String getMacsSC()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getPublicKeys

public String getPublicKeys()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

getKeyExchanges

public String getKeyExchanges()

Get the ciphers for the Server->Client stream.

Returns:

the Server-Client ciphers in order of preference

setPreferredCipherSC

public void setPreferredCipherSC(int[] order)
                          throws SshException

Set the preferred SC cipher order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setPreferredCipherCS

public void setPreferredCipherCS(int[] order)
                          throws SshException

Set the preferred SC cipher order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setCipherPreferredPositionCS

public void setCipherPreferredPositionCS(String name,
                                         int position)
                                  throws SshException

Throws:

SshException

setCipherPreferredPositionSC

public void setCipherPreferredPositionSC(String name,
                                         int position)
                                  throws SshException

Throws:

SshException

setMacPreferredPositionSC

public void setMacPreferredPositionSC(String name,
                                      int position)
                               throws SshException

Throws:

SshException

setMacPreferredPositionCS

public void setMacPreferredPositionCS(String name,
                                      int position)
                               throws SshException

Throws:

SshException

setPreferredMacSC

public void setPreferredMacSC(int[] order)
                       throws SshException

Set the preferred SC Mac order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setPreferredMacCS

public void setPreferredMacCS(int[] order)
                       throws SshException

Set the preferred CS Mac order

Parameters:

order - , list of indices to be moved to the top.

Throws:

SshException

setPreferredCipherSC

public void setPreferredCipherSC(String name)
                          throws SshException

Set the preferred cipher for the Server->Client stream.

Parameters:

name -

Throws:

SshException

supportedMacsSC

public ComponentFactory<SshHmac> supportedMacsSC()

Get this context's supported message authentication algorithms SC.

Returns:

the component factory

supportedMacsCS

public ComponentFactory<SshHmac> supportedMacsCS()

Get this context's supported message authentication algorithms CS.

Returns:

the component factory

getPreferredMacCS

public String getPreferredMacCS()

Get the currently preferred mac for the Client->Server stream.

Returns:

the preferred Client-Server mac

setPreferredMacCS

public void setPreferredMacCS(String name)
                       throws SshException

Set the preferred mac for the Client->Server stream.

Parameters:

name -

Throws:

SshException

getPreferredMacSC

public String getPreferredMacSC()

Get the currently supported mac for the Server-Client stream.

Returns:

the preferred Server-Client mac

setPreferredMacSC

public void setPreferredMacSC(String name)
                       throws SshException

Set the preferred mac for the Server->Client stream.

Parameters:

name -

Throws:

SshException

supportedCompressionsSC

public ComponentFactory<SshCompression> supportedCompressionsSC()

Get this context's supported SC compression algorithms.

Returns:

the component factory

supportedCompressionsCS

public ComponentFactory<SshCompression> supportedCompressionsCS()

Get this context's supported CS compression algorithms.

Returns:

the component factory

getPreferredCompressionCS

public String getPreferredCompressionCS()

Get the currently preferred compression for the Client->Server stream.

Returns:

the preferred Client-Server compression

setPreferredCompressionCS

public void setPreferredCompressionCS(String name)
                               throws SshException

Set the preferred compression for the Client->Server stream.

Parameters:

name -

Throws:

SshException

getPreferredCompressionSC

public String getPreferredCompressionSC()

Get the currently preferred compression for the Server->Client stream.

Returns:

the preferred Server->Client compression

setPreferredCompressionSC

public void setPreferredCompressionSC(String name)
                               throws SshException

Set the preferred compression for the Server->Client stream.

Parameters:

name -

Throws:

SshException

enableCompression

public void enableCompression()
                       throws SshException

Throws:

SshException

disableCompression

public void disableCompression()
                        throws SshException

Throws:

SshException

supportedKeyExchanges

public ComponentFactory<SshKeyExchange> supportedKeyExchanges()

Get this context's supported key exchange methods.

Returns:

the component factory

getPreferredKeyExchange

public String getPreferredKeyExchange()

Get the currently preferred key exchange method.

Returns:

the preferred key exhcange

setPreferredKeyExchange

public void setPreferredKeyExchange(String name)
                             throws SshException

Set the preferred key exchange method.

Parameters:

name -

Throws:

SshException

supportedPublicKeys

public ComponentFactory<SshPublicKey> supportedPublicKeys()

Get this context's supported public keys.

Returns:

the component factory

getPreferredPublicKey

public String getPreferredPublicKey()

Get the currently preferred public key algorithm.

Returns:

the preferred public key

setPreferredPublicKey

public void setPreferredPublicKey(String name)
                           throws SshException

Set the preferred public key algorithm.

Parameters:

name -

Throws:

SshException

setHostKeyVerification

public void setHostKeyVerification(HostKeyVerification verify)

Set the host key verification implementation

Specified by:

setHostKeyVerification in interface SshContext

Parameters:

verify -

getHostKeyVerification

public HostKeyVerification getHostKeyVerification()

Get the host key verification implementation

Specified by:

getHostKeyVerification in interface SshContext

Returns:

HostKeyVerification

setSFTPProvider

public void setSFTPProvider(String sftpProvider)

Description copied from interface: SshContext

Set the path to the SFTP provider. For SSH1 connections an attempt to execute this provider will be made as SSH1 does not support subsystems. For SSH2 connections an attempt will be made to execute this provider if the subsystem cannot be started.

Specified by:

setSFTPProvider in interface SshContext

getSFTPProvider

public String getSFTPProvider()

Description copied from interface: SshContext

Get the path to the SFTP provider. For SSH1 connections an attempt to execute this provider will be made as SSH1 does not support subsystems. For SSH2 connections an attempt will be made to execute this provider if the subsystem cannot be started. The default is '/usr/libexec/sftp-server'

Specified by:

getSFTPProvider in interface SshContext

Returns:

String

setPartialMessageTimeout

public void setPartialMessageTimeout(int partialMessageTimeout)

Deprecated. No longer used. Use setSocketTimeout.

Parameters:

partialMessageTimeout -

getPartialMessageTimeout

public int getPartialMessageTimeout()

Deprecated. No longer used. Use getSocketTimeout instead.

Returns:

isKeyReExchangeDisabled

public boolean isKeyReExchangeDisabled()

setKeyReExchangeDisabled

public void setKeyReExchangeDisabled(boolean keyReExchangeDisabled)

setPublicKeyPreferredPosition

public void setPublicKeyPreferredPosition(String name,
                                          int position)
                                   throws SshException

Throws:

SshException

setKeyExchangePreferredPosition

public void setKeyExchangePreferredPosition(String name,
                                            int position)
                                     throws SshException

Throws:

SshException

getIdleConnectionTimeoutSeconds

public int getIdleConnectionTimeoutSeconds()

setIdleConnectionTimeoutSeconds

public void setIdleConnectionTimeoutSeconds(int idleConnectionTimeoutSeconds)

setTreatIdleConnectionAsError

public void setTreatIdleConnectionAsError(boolean treatIdleConnectionAsError)

isTreatIdleConnectionAsError

public boolean isTreatIdleConnectionAsError()

isDHGroupExchangeBackwardsCompatible

public boolean isDHGroupExchangeBackwardsCompatible()

getDHGroupExchangeKeySize

public int getDHGroupExchangeKeySize()

setDHGroupExchangeKeySize

public void setDHGroupExchangeKeySize(int dhGroupExchangeKeySize)

setDHGroupExchangeBackwardsCompatible

public void setDHGroupExchangeBackwardsCompatible(boolean dhGroupExchangeBackwardCompatible)

isSendIgnorePacketOnIdle

public boolean isSendIgnorePacketOnIdle()

setSendIgnorePacketOnIdle

public void setSendIgnorePacketOnIdle(boolean sendIgnorePacketOnIdle)

getKeepAliveMaxDataLength

public int getKeepAliveMaxDataLength()

setKeepAliveMaxDataLength

public void setKeepAliveMaxDataLength(int keepAliveMaxDataLength)

getSocketTimeout

public int getSocketTimeout()

setSocketTimeout

public void setSocketTimeout(int socketTimeout)

setMessageTimeout

public void setMessageTimeout(int messageTimeout)

Specified by:

setMessageTimeout in interface SshContext

getMessageTimeout

public int getMessageTimeout()

Specified by:

getMessageTimeout in interface SshContext

Returns:

enableFIPSMode

@Deprecated
public void enableFIPSMode()
                                throws SshException

Deprecated. This method is out-of-date. Use JCEProvider.initializeDefaultProvider("BCFIPS") passing a FIPS approved JCE provider in approved mode to restrict algorithms to only those supported by the approved FIPS environment.

Description copied from interface: SshContext

Enables FIPS compatible algorithms and disables any other non-compatible algorithms.

Specified by:

enableFIPSMode in interface SshContext

Throws:

SshException

getSftpMaxWindowSpace

public int getSftpMaxWindowSpace()

getSftpMaxPacketSize

public int getSftpMaxPacketSize()

setSftpMaxWindowSpace

public void setSftpMaxWindowSpace(int sftpMaxWindowSpace)

setSftpMaxPacketSize

public void setSftpMaxPacketSize(int sftpMaxPacketSize)

getSessionMaxWindowSpace

public int getSessionMaxWindowSpace()

getSessionMaxPacketSize

public int getSessionMaxPacketSize()

setSessionMaxWindowSpace

public void setSessionMaxWindowSpace(int sessionMaxWindowSpace)

setSessionMaxPacketSize

public void setSessionMaxPacketSize(int sessionMaxPacketSize)

getMaxNumPacketsBeforeReKey

public int getMaxNumPacketsBeforeReKey()

getMaxNumBytesBeforeReKey

public int getMaxNumBytesBeforeReKey()

setMaxNumBytesBeforeReKey

public void setMaxNumBytesBeforeReKey(int maxNumBytesBeforeReKey)

setMaxNumPacketsBeforeReKey

public void setMaxNumPacketsBeforeReKey(int maxNumPacketsBeforeReKey)

getExecutorService

public ExecutorService getExecutorService()

Specified by:

getExecutorService in interface ExecutorServiceProvider

setExecutorService

public void setExecutorService(ExecutorService executor)

Specified by:

setExecutorService in interface ExecutorServiceProvider

setPreferKeyboardInteractiveOverPassword

public void setPreferKeyboardInteractiveOverPassword(boolean preferKeyboardInteractiveOverPassword)

isPreferKeyboardInteractiveOverPassword

public boolean isPreferKeyboardInteractiveOverPassword()

setMinDHGroupSize

public void setMinDHGroupSize(int minDHGroupSize)

getMinDHGroupSize

public int getMinDHGroupSize()

setMaxDHGroupSize

public void setMaxDHGroupSize(int maxDHGroupSize)

getMaxDHGroupSize

public int getMaxDHGroupSize()

allowHostKeyUpdates

public boolean allowHostKeyUpdates()

Accept host key updates from remote server. Requires a HostKeyVerification that implements HostKeyUpdate interface.

Returns:

setAllowHostKeyUpdates

public void setAllowHostKeyUpdates(boolean value)

Tell the client to accept host key updates from the server

getSecurityPolicy

public SecurityPolicy getSecurityPolicy()

isLimitPublicKeysToKnownHosts

public boolean isLimitPublicKeysToKnownHosts()

setLimitPublicKeysToKnownHosts

public void setLimitPublicKeysToKnownHosts(boolean limitPublicKeysToKnownHosts)

isTriedBackwardsCompatibility

@Deprecated
public boolean isTriedBackwardsCompatibility()

Deprecated.

setTriedBackwardsCompatibility

@Deprecated
public void setTriedBackwardsCompatibility(boolean triedBackwardsCompatibility)

Deprecated.

isTriedMinimalKeyExchangePacket

@Deprecated
public boolean isTriedMinimalKeyExchangePacket()

Deprecated.

setTriedMinimalKeyExchangePacket

@Deprecated
public void setTriedMinimalKeyExchangePacket(boolean triedMinimalKeyExchangePacket)

Deprecated.

isSHA1SignaturesSupported

public boolean isSHA1SignaturesSupported()

Description copied from interface: SshContext

Option to disable SHA1 signatures on RSA keys.

Specified by:

isSHA1SignaturesSupported in interface SshContext

Returns:

setSHA1SignaturesSupported

public void setSHA1SignaturesSupported(boolean supportSHA1Signatures)

Description copied from interface: SshContext

Option to disable SHA1 signatures on RSA keys.

Specified by:

setSHA1SignaturesSupported in interface SshContext

getIdleAuthenticationTimeoutSeconds

public int getIdleAuthenticationTimeoutSeconds()

setIdleAuthenticationTimeoutSeconds

public void setIdleAuthenticationTimeoutSeconds(int idleAuthenticationTimeoutSeconds)

configureSecurityLevel

public void configureSecurityLevel(SecurityLevel securityLevel)
                            throws SshException

Throws:

SshException