• Home
• com.github.automately
• automately-core
• 1.11.0
• source code
• SSHDaemonService.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

automately.core.services.ssh.SSHDaemonService Maven / Gradle / Ivy

package automately.core.services.ssh;

import automately.core.data.Meta;
import automately.core.data.User;
import automately.core.services.core.AutomatelyService;
import automately.core.services.ssh.sftp.SSHFileSystemFactory;
import automately.core.data.UserData;
import io.jsync.app.core.Cluster;
import io.jsync.app.core.Logger;
import io.jsync.json.JsonObject;
import org.apache.sshd.SshServer;
import org.apache.sshd.server.UserAuth;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.server.Command;
import org.apache.sshd.server.auth.UserAuthPassword;
import org.apache.sshd.server.auth.UserAuthPublicKey;
import org.apache.sshd.server.command.ScpCommandFactory;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.sftp.SftpSubsystem;

import java.util.*;

/**
 * The SSHDaemonService is an {@link automately.core.services.core.AutomatelyService} that allows the cluster
 * to have SSH operations. This includes direct access to the {@link automately.core.file.VirtualFileSystem} using
 * SFTP.
 *
 */
public class SSHDaemonService extends AutomatelyService {

    private Cluster cluster;
    private Logger logger;
    private SshServer server = null;

    @Override
    public void start(Cluster owner) {
        this.cluster = owner;
        this.logger = cluster.logger();

        JsonObject sshdConfig = coreConfig().getObject("sshd", new JsonObject());

        if(!sshdConfig.containsField("sftp_enabled")
                || !sshdConfig.containsField("port")
                || !sshdConfig.containsField("host")
                || !sshdConfig.containsField("host_key")){

            logger.info("Creating default configuration.");

            sshdConfig.putBoolean("sftp_enabled", true);
            sshdConfig.putNumber("port", 2282);
            sshdConfig.putString("host", "0.0.0.0");
            sshdConfig.putString("host_key", "sshd.ser");

            coreConfig().putObject("sshd", sshdConfig);
            cluster.config().save();
        }

        if(sshdConfig.getBoolean("sftp_enabled", false)){

            logger.info("The SSH Daemon is enabled. This is experimental right now.");

            server = SshServer.setUpDefaultServer();
            server.setFileSystemFactory(new SSHFileSystemFactory());

            List> userAuthFactory = new ArrayList<>();
            userAuthFactory.add(new UserAuthPassword.Factory());
            userAuthFactory.add(new UserAuthPublicKey.Factory());

            server.setUserAuthFactories(userAuthFactory);
            server.setCommandFactory(new ScpCommandFactory());

            List> subSystemFactoryList = new ArrayList<>();
            subSystemFactoryList.add(new SftpSubsystem.Factory());
            server.setSubsystemFactories(subSystemFactoryList);

            // TODO Implement protection from brute force
            // TODO Implement special authorization
            server.setPasswordAuthenticator((user, password, serverSession) -> {
                User mUser = UserData.getUserByUsername(user);

                if (mUser != null) {
                    logger.info("Authenticating: " + mUser.username);
                    Meta userSshEnabled = UserData.getMeta(mUser, "ssh_enabled");
                    if ((userSshEnabled != null && Boolean.parseBoolean(userSshEnabled.value.toString()))
                            || cluster.config().isDebug()) {

                        boolean passed = UserData.validateUserPassword(mUser, password);
                        if (!passed) {
                            logger.info("Authentication Failed: " + mUser.username);
                        } else {
                            logger.info("Authentication Success: " + mUser.username);
                        }
                        return passed;
                    }

                    logger.info("SSH not enabled for the user " + mUser.username);
                }
                return false;
            });

            server.setHost(sshdConfig.getString("host", "0.0.0.0"));
            server.setPort(sshdConfig.getNumber("port", 2282).intValue());

            String hostKey = sshdConfig.getString("host_key","sshd.ser");

            logger.info("Using the hostkey " + hostKey);

            server.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(hostKey));
            try {
                logger.info("Starting the SshServer Daemon on port " + server.getPort());
                server.start();
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }

    @Override
    public void stop() {
        if(server != null){
            try {
                server.stop(true);
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }

    @Override
    public String name() {
        return getClass().getCanonicalName();
    }
}