houtianze/apache.mina.sshd.java

## apache.mina.sshd.java
package com.example;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.ObjectOutputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Arrays;
import java.util.Base64;

import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.auth.password.PasswordAuthenticator;
import org.apache.sshd.server.auth.pubkey.PublickeyAuthenticator;
import org.apache.sshd.server.forward.AcceptAllForwardingFilter;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.scp.ScpCommandFactory;
import org.apache.sshd.server.session.ServerSession;
import org.apache.sshd.server.shell.InteractiveProcessShellFactory;

public class Sshd {
    public static void genKeyPair(String keyFile) throws NoSuchAlgorithmException, IOException {
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        KeyPair keyPair = kpg.generateKeyPair();
        PrivateKey privateKey = keyPair.getPrivate();
        FileOutputStream fos = new FileOutputStream(keyFile);
        try(ObjectOutputStream oos = new ObjectOutputStream(fos)) {
            oos.writeObject(privateKey);
        }
    }

    public static void main(String[] args) throws Exception {
        int port = 22222;
        final String hostKey = "hostkey";
        String pubKeyFile = "your.pub";
        boolean error = false;

        for (int i = 0; i < args.length; i++) {
            if ("-p".equals(args[i])) {
                if (i + 1 >= args.length) {
                    System.err.println("option requires an argument: " + args[i]);
                    break;
                }
                port = Integer.parseInt(args[++i]);
            } else if ("-k".equals(args[i])) {
                if (i + 1 >= args.length) {
                    System.err.println("option requires an argument: " + args[i]);
                    break;
                }
                pubKeyFile = args[++i];
            } else if (args[i].startsWith("-")) {
                System.err.println("illegal option: " + args[i]);
                error = true;
                break;
            } else {
                System.err.println("extra argument: " + args[i]);
                error = true;
                break;
            }
        }
        if (error) {
            System.err.println("usage: sshd [-p port] [-k pubkey]");
            System.exit(-1);
        }

        System.err.println("Starting SSHD on port " + port);
        // genKeyPair(hostKey);
        // System.exit(0);

        SshServer sshd = SshServer.setUpDefaultServer();
        sshd.setPort(port);
        sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(new File(hostKey)));
        //sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider());
        sshd.setShellFactory(new InteractiveProcessShellFactory());
        sshd.setPasswordAuthenticator(new PasswordAuthenticator() {
            public boolean authenticate(String username, String password, ServerSession session) {
                if (username == null || !username.equals("you") || password == null) {
                    return false;
                }
                try {
                    MessageDigest md = MessageDigest.getInstance("SHA-512");
                    String salt = "YOUR SALT";
                    byte[] saltyBytes = (salt + password).getBytes();
                    md.update(saltyBytes);
                    byte[] digests = md.digest();
                    byte[] expected = Base64.getDecoder().decode("YOU HASH OF SALTED PASSWORD");
                    return Arrays.equals(digests, expected);
                } catch (NoSuchAlgorithmException e) {
                    return false;
                }
            }
        });
        // https://stackoverflow.com/a/5402769/404271
        AuthorizedKeysDecoder akd = new AuthorizedKeysDecoder();
        String keyline;
        try (BufferedReader br = new BufferedReader(new InputStreamReader(new FileInputStream(new File(pubKeyFile))))) {
            keyline = br.readLine();
        }
        PublicKey pubKey = akd.decodePublicKey(keyline);
        sshd.setPublickeyAuthenticator(new PublickeyAuthenticator() {
            @Override
            public boolean authenticate(String username, PublicKey key, ServerSession session) {
                return key.equals(pubKey);
            }
        });
        sshd.setCommandFactory(new ScpCommandFactory());
        sshd.setForwardingFilter(new AcceptAllForwardingFilter());
        sshd.start();
    }
}
	package com.example;

	import java.io.BufferedReader;
	import java.io.File;
	import java.io.FileInputStream;
	import java.io.FileOutputStream;
	import java.io.IOException;
	import java.io.InputStreamReader;
	import java.io.ObjectOutputStream;
	import java.security.KeyPair;
	import java.security.KeyPairGenerator;
	import java.security.MessageDigest;
	import java.security.NoSuchAlgorithmException;
	import java.security.PrivateKey;
	import java.security.PublicKey;
	import java.util.Arrays;
	import java.util.Base64;

	import org.apache.sshd.server.SshServer;
	import org.apache.sshd.server.auth.password.PasswordAuthenticator;
	import org.apache.sshd.server.auth.pubkey.PublickeyAuthenticator;
	import org.apache.sshd.server.forward.AcceptAllForwardingFilter;
	import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
	import org.apache.sshd.server.scp.ScpCommandFactory;
	import org.apache.sshd.server.session.ServerSession;
	import org.apache.sshd.server.shell.InteractiveProcessShellFactory;

	public class Sshd {
	public static void genKeyPair(String keyFile) throws NoSuchAlgorithmException, IOException {
	KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
	KeyPair keyPair = kpg.generateKeyPair();
	PrivateKey privateKey = keyPair.getPrivate();
	FileOutputStream fos = new FileOutputStream(keyFile);
	try(ObjectOutputStream oos = new ObjectOutputStream(fos)) {
	oos.writeObject(privateKey);
	}
	}

	public static void main(String[] args) throws Exception {
	int port = 22222;
	final String hostKey = "hostkey";
	String pubKeyFile = "your.pub";
	boolean error = false;

	for (int i = 0; i < args.length; i++) {
	if ("-p".equals(args[i])) {
	if (i + 1 >= args.length) {
	System.err.println("option requires an argument: " + args[i]);
	break;
	}
	port = Integer.parseInt(args[++i]);
	} else if ("-k".equals(args[i])) {
	if (i + 1 >= args.length) {
	System.err.println("option requires an argument: " + args[i]);
	break;
	}
	pubKeyFile = args[++i];
	} else if (args[i].startsWith("-")) {
	System.err.println("illegal option: " + args[i]);
	error = true;
	break;
	} else {
	System.err.println("extra argument: " + args[i]);
	error = true;
	break;
	}
	}
	if (error) {
	System.err.println("usage: sshd [-p port] [-k pubkey]");
	System.exit(-1);
	}

	System.err.println("Starting SSHD on port " + port);
	// genKeyPair(hostKey);
	// System.exit(0);

	SshServer sshd = SshServer.setUpDefaultServer();
	sshd.setPort(port);
	sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(new File(hostKey)));
	//sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider());
	sshd.setShellFactory(new InteractiveProcessShellFactory());
	sshd.setPasswordAuthenticator(new PasswordAuthenticator() {
	public boolean authenticate(String username, String password, ServerSession session) {
	if (username == null \|\| !username.equals("you") \|\| password == null) {
	return false;
	}
	try {
	MessageDigest md = MessageDigest.getInstance("SHA-512");
	String salt = "YOUR SALT";
	byte[] saltyBytes = (salt + password).getBytes();
	md.update(saltyBytes);
	byte[] digests = md.digest();
	byte[] expected = Base64.getDecoder().decode("YOU HASH OF SALTED PASSWORD");
	return Arrays.equals(digests, expected);
	} catch (NoSuchAlgorithmException e) {
	return false;
	}
	}
	});
	// https://stackoverflow.com/a/5402769/404271
	AuthorizedKeysDecoder akd = new AuthorizedKeysDecoder();
	String keyline;
	try (BufferedReader br = new BufferedReader(new InputStreamReader(new FileInputStream(new File(pubKeyFile))))) {
	keyline = br.readLine();
	}
	PublicKey pubKey = akd.decodePublicKey(keyline);
	sshd.setPublickeyAuthenticator(new PublickeyAuthenticator() {
	@Override
	public boolean authenticate(String username, PublicKey key, ServerSession session) {
	return key.equals(pubKey);
	}
	});
	sshd.setCommandFactory(new ScpCommandFactory());
	sshd.setForwardingFilter(new AcceptAllForwardingFilter());
	sshd.start();
	}
	}