org.apache.sshd.server.auth.pubkey.RejectAllPublickeyAuthenticator Java Examples
The following examples show how to use
org.apache.sshd.server.auth.pubkey.RejectAllPublickeyAuthenticator.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SshShellConfiguration.java From ssh-shell-spring-boot with Apache License 2.0 | 6 votes |
|
/**
* Construct ssh server thanks to ssh shell properties
*
* @return ssh server
*/
@Bean
public SshServer sshServer() {
SshServer server = SshServer.setUpDefaultServer();
server.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(properties.getHostKeyFile().toPath()));
server.setHost(properties.getHost());
server.setPasswordAuthenticator(passwordAuthenticator);
server.setPublickeyAuthenticator(RejectAllPublickeyAuthenticator.INSTANCE);
if (properties.getAuthorizedPublicKeysFile() != null) {
if (properties.getAuthorizedPublicKeysFile().exists() && properties.getAuthorizedPublicKeysFile().canRead()) {
server.setPublickeyAuthenticator(new SshShellPublicKeyAuthenticationProvider(properties.getAuthorizedPublicKeysFile()));
} else {
LOGGER.warn("Could not read authorized public keys file [{}], public key authentication is disabled.",
properties.getAuthorizedPublicKeysFile().getAbsolutePath());
}
}
server.setPort(properties.getPort());
server.setShellFactory(channelSession -> shellCommandFactory);
server.setCommandFactory((channelSession, s) -> shellCommandFactory);
return server;
}
Example #2
| Source File: AuthenticationTest.java From termd with Apache License 2.0 | 5 votes |
|
@Test
public void testAuthKeyPassword() throws Exception {
try (SshClient client = setupTestClient()) {
sshd.setPublickeyAuthenticator(RejectAllPublickeyAuthenticator.INSTANCE);
sshd.setKeyboardInteractiveAuthenticator(KeyboardInteractiveAuthenticator.NONE);
client.start();
try (ClientSession s = client.connect(null, TEST_LOCALHOST, port).verify(7L, TimeUnit.SECONDS).getSession()) {
Collection<ClientSession.ClientSessionEvent> result =
s.waitFor(EnumSet.of(ClientSession.ClientSessionEvent.CLOSED, ClientSession.ClientSessionEvent.WAIT_AUTH),
TimeUnit.SECONDS.toMillis(11L));
assertFalse("Timeout while waiting for session", result.contains(ClientSession.ClientSessionEvent.TIMEOUT));
KeyPair pair = createTestHostKeyProvider().loadKey(KeyPairProvider.SSH_RSA);
try {
assertAuthenticationResult(UserAuthMethodFactory.PUBLIC_KEY, authPublicKey(s, getCurrentTestName(), pair), false);
} finally {
s.removePublicKeyIdentity(pair);
}
String password = getCurrentTestName();
try {
assertAuthenticationResult(UserAuthMethodFactory.PASSWORD, authPassword(s, getCurrentTestName(), password), true);
} finally {
s.removePasswordIdentity(password);
}
} finally {
client.stop();
}
}
}
Example #3
| Source File: AuthenticationTest.java From termd with Apache License 2.0 | 5 votes |
|
@Test // see SSHD-620
public void testHostBasedAuthentication() throws Exception {
final String hostClienUser = getClass().getSimpleName();
final String hostClientName = SshdSocketAddress.toAddressString(SshdSocketAddress.getFirstExternalNetwork4Address());
final KeyPair hostClientKey = Utils.generateKeyPair(KeyUtils.RSA_ALGORITHM, 1024);
final AtomicInteger invocationCount = new AtomicInteger(0);
sshd.setHostBasedAuthenticator(new HostBasedAuthenticator() {
@Override
public boolean authenticate(ServerSession session, String username,
PublicKey clientHostKey, String clientHostName, String clientUsername, List<X509Certificate> certificates) {
invocationCount.incrementAndGet();
return hostClienUser.equals(clientUsername)
&& hostClientName.equals(clientHostName)
&& KeyUtils.compareKeys(hostClientKey.getPublic(), clientHostKey);
}
});
sshd.setPasswordAuthenticator(RejectAllPasswordAuthenticator.INSTANCE);
sshd.setKeyboardInteractiveAuthenticator(KeyboardInteractiveAuthenticator.NONE);
sshd.setPublickeyAuthenticator(RejectAllPublickeyAuthenticator.INSTANCE);
sshd.setUserAuthFactories(
Collections.<NamedFactory<org.apache.sshd.server.auth.UserAuth>>singletonList(
org.apache.sshd.server.auth.hostbased.UserAuthHostBasedFactory.INSTANCE));
try (SshClient client = setupTestClient()) {
org.apache.sshd.client.auth.hostbased.UserAuthHostBasedFactory factory =
new org.apache.sshd.client.auth.hostbased.UserAuthHostBasedFactory();
// TODO factory.setClientHostname(CLIENT_HOSTNAME);
factory.setClientUsername(hostClienUser);
factory.setClientHostKeys(HostKeyIdentityProvider.Utils.wrap(hostClientKey));
client.setUserAuthFactories(Collections.<NamedFactory<org.apache.sshd.client.auth.UserAuth>>singletonList(factory));
client.start();
try (ClientSession s = client.connect(getCurrentTestName(), TEST_LOCALHOST, port).verify(7L, TimeUnit.SECONDS).getSession()) {
s.auth().verify(11L, TimeUnit.SECONDS);
assertEquals("Mismatched authenticator invocation count", 1, invocationCount.get());
} finally {
client.stop();
}
}
}
Example #4
| Source File: SshdServerConfiguration.java From sshd-shell-spring-boot with Apache License 2.0 | 5 votes |
|
private void configureAuthenticationPolicies(SshServer server, Shell props) {
server.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(Paths.get(props.getHostKeyFile())));
server.setPublickeyAuthenticator(Objects.isNull(props.getPublicKeyFile())
? RejectAllPublickeyAuthenticator.INSTANCE
: new SshdAuthorizedKeysAuthenticator(Paths.get(props.getPublicKeyFile())));
server.setPasswordAuthenticator(passwordAuthenticator(props));
}
Example #5
| Source File: AuthenticationTest.java From termd with Apache License 2.0 | 5 votes |
|
@Test
public void testAuthKeyPassword() throws Exception {
try (SshClient client = setupTestClient()) {
sshd.setPublickeyAuthenticator(RejectAllPublickeyAuthenticator.INSTANCE);
sshd.setKeyboardInteractiveAuthenticator(KeyboardInteractiveAuthenticator.NONE);
client.start();
try (ClientSession s = client.connect(null, TEST_LOCALHOST, port).verify(7L, TimeUnit.SECONDS).getSession()) {
Collection<ClientSession.ClientSessionEvent> result =
s.waitFor(EnumSet.of(ClientSession.ClientSessionEvent.CLOSED, ClientSession.ClientSessionEvent.WAIT_AUTH),
TimeUnit.SECONDS.toMillis(11L));
assertFalse("Timeout while waiting for session", result.contains(ClientSession.ClientSessionEvent.TIMEOUT));
KeyPair pair = createTestHostKeyProvider().loadKey(KeyPairProvider.SSH_RSA);
try {
assertAuthenticationResult(UserAuthMethodFactory.PUBLIC_KEY, authPublicKey(s, getCurrentTestName(), pair), false);
} finally {
s.removePublicKeyIdentity(pair);
}
String password = getCurrentTestName();
try {
assertAuthenticationResult(UserAuthMethodFactory.PASSWORD, authPassword(s, getCurrentTestName(), password), true);
} finally {
s.removePasswordIdentity(password);
}
} finally {
client.stop();
}
}
}
Example #6
| Source File: AuthenticationTest.java From termd with Apache License 2.0 | 5 votes |
|
@Test // see SSHD-620
public void testHostBasedAuthentication() throws Exception {
final String hostClienUser = getClass().getSimpleName();
final String hostClientName = SshdSocketAddress.toAddressString(SshdSocketAddress.getFirstExternalNetwork4Address());
final KeyPair hostClientKey = Utils.generateKeyPair(KeyUtils.RSA_ALGORITHM, 1024);
final AtomicInteger invocationCount = new AtomicInteger(0);
sshd.setHostBasedAuthenticator(new HostBasedAuthenticator() {
@Override
public boolean authenticate(ServerSession session, String username,
PublicKey clientHostKey, String clientHostName, String clientUsername, List<X509Certificate> certificates) {
invocationCount.incrementAndGet();
return hostClienUser.equals(clientUsername)
&& hostClientName.equals(clientHostName)
&& KeyUtils.compareKeys(hostClientKey.getPublic(), clientHostKey);
}
});
sshd.setPasswordAuthenticator(RejectAllPasswordAuthenticator.INSTANCE);
sshd.setKeyboardInteractiveAuthenticator(KeyboardInteractiveAuthenticator.NONE);
sshd.setPublickeyAuthenticator(RejectAllPublickeyAuthenticator.INSTANCE);
sshd.setUserAuthFactories(
Collections.<NamedFactory<org.apache.sshd.server.auth.UserAuth>>singletonList(
org.apache.sshd.server.auth.hostbased.UserAuthHostBasedFactory.INSTANCE));
try (SshClient client = setupTestClient()) {
org.apache.sshd.client.auth.hostbased.UserAuthHostBasedFactory factory =
new org.apache.sshd.client.auth.hostbased.UserAuthHostBasedFactory();
// TODO factory.setClientHostname(CLIENT_HOSTNAME);
factory.setClientUsername(hostClienUser);
factory.setClientHostKeys(HostKeyIdentityProvider.Utils.wrap(hostClientKey));
client.setUserAuthFactories(Collections.<NamedFactory<org.apache.sshd.client.auth.UserAuth>>singletonList(factory));
client.start();
try (ClientSession s = client.connect(getCurrentTestName(), TEST_LOCALHOST, port).verify(7L, TimeUnit.SECONDS).getSession()) {
s.auth().verify(11L, TimeUnit.SECONDS);
assertEquals("Mismatched authenticator invocation count", 1, invocationCount.get());
} finally {
client.stop();
}
}
}
