Author: cschneider
Date: Sat Jun 30 16:04:31 2012
New Revision: 1355756
URL: http://svn.apache.org/viewvc?rev=1355756&view=rev
Log:
KARAF-1506 Acknowledging of new ssh server keys
Added:
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshClientFactory.java
Modified:
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ServerKeyVerifierImpl.java
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshAction.java
karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml
karaf/trunk/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/ServerKeyVerifierImplTest.java
karaf/trunk/wrapper/command/src/main/java/org/apache/karaf/wrapper/commands/Install.java
Modified:
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ServerKeyVerifierImpl.java
URL:
http://svn.apache.org/viewvc/karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ServerKeyVerifierImpl.java?rev=1355756&r1=1355755&r2=1355756&view=diff
==============================================================================
---
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ServerKeyVerifierImpl.java
(original)
+++
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ServerKeyVerifierImpl.java
Sat Jun 30 16:04:31 2012
@@ -18,6 +18,7 @@
*/
package org.apache.karaf.shell.ssh;
+import java.io.IOException;
import java.net.SocketAddress;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
@@ -27,10 +28,11 @@ import org.apache.sshd.client.ServerKeyV
public class ServerKeyVerifierImpl implements ServerKeyVerifier {
private final KnownHostsManager knownHostsManager;
+ private final boolean quiet;
- public ServerKeyVerifierImpl(KnownHostsManager knownHostsManager) {
+ public ServerKeyVerifierImpl(KnownHostsManager knownHostsManager,
boolean quiet) {
this.knownHostsManager = knownHostsManager;
-
+ this.quiet = quiet;
}
@Override
@@ -44,9 +46,21 @@ public class ServerKeyVerifierImpl imple
return false;
}
if (knownKey == null) {
- System.out.println("Connecting to this server for the
first time. Storing the server key.");
- knownHostsManager.storeKeyForHost(remoteAddress,
serverKey);
- return true;
+ boolean confirm;
+ if (!quiet) {
+ System.out.println("Connecting to unknown
server. Add this server to known hosts ? (y/n)");
+ confirm = getConfirmation();
+ } else {
+ System.out.println("Connecting to unknown
server. Automatically adding to known hosts.");
+ confirm = true;
+ }
+ if (confirm) {
+
knownHostsManager.storeKeyForHost(remoteAddress, serverKey);
+ System.out.println("Storing the server key in
known_hosts.");
+ } else {
+ System.out.println("Aborting connection");
+ }
+ return confirm;
}
boolean verifed = (knownKey.equals(serverKey));
@@ -56,6 +70,19 @@ public class ServerKeyVerifierImpl imple
return verifed;
}
+ private boolean getConfirmation() {
+ int ch;
+ try {
+ do {
+ ch = System.in.read();
+ } while (ch != 'y' && ch != 'n');
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ boolean confirm = ch == 'y';
+ return confirm;
+ }
+
}
Modified:
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshAction.java
URL:
http://svn.apache.org/viewvc/karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshAction.java?rev=1355756&r1=1355755&r2=1355756&view=diff
==============================================================================
---
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshAction.java
(original)
+++
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshAction.java
Sat Jun 30 16:04:31 2012
@@ -27,7 +27,6 @@ import jline.Terminal;
import org.apache.karaf.shell.commands.Argument;
import org.apache.karaf.shell.commands.Command;
import org.apache.karaf.shell.commands.Option;
-import org.apache.karaf.shell.console.BlueprintContainerAware;
import org.apache.karaf.shell.console.OsgiCommandSupport;
import org.apache.karaf.shell.console.SessionProperties;
import org.apache.sshd.ClientChannel;
@@ -38,14 +37,11 @@ import org.apache.sshd.client.channel.Ch
import org.apache.sshd.client.future.ConnectFuture;
import org.apache.sshd.common.util.NoCloseInputStream;
import org.apache.sshd.common.util.NoCloseOutputStream;
-import org.osgi.service.blueprint.container.BlueprintContainer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@Command(scope = "ssh", name = "ssh", description = "Connects to a remote SSH
server")
-public class SshAction
- extends OsgiCommandSupport implements BlueprintContainerAware
-{
+public class SshAction extends OsgiCommandSupport {
private final Logger log = LoggerFactory.getLogger(getClass());
@Option(name="-l", aliases={"--username"}, description = "The user name
for remote login", required = false, multiValued = false)
@@ -53,6 +49,9 @@ public class SshAction
@Option(name="-p", aliases={"--port"}, description = "The port to use for
SSH connection", required = false, multiValued = false)
private int port = 22;
+
+ @Option(name="-q", description = "Quiet Mode. Do not ask for
confirmations", required = false, multiValued = false)
+ private boolean quiet;
@Argument(index = 0, name = "hostname", description = "The host name to
connect to via SSH", required = true, multiValued = false)
private String hostname;
@@ -60,21 +59,15 @@ public class SshAction
@Argument(index = 1, name = "command", description = "Optional command to
execute", required = false, multiValued = true)
private List<String> command;
- private BlueprintContainer container;
-
private ClientSession sshSession;
- private String sshClientId;
- public void setBlueprintContainer(final BlueprintContainer container) {
- assert container != null;
- this.container = container;
- }
+ private SshClientFactory sshClientFactory;
- public void setSshClientId(String sshClientId) {
- this.sshClientId = sshClientId;
- }
+ public void setSshClientFactory(SshClientFactory sshClientFactory) {
+ this.sshClientFactory = sshClientFactory;
+ }
- @Override
+ @Override
protected Object doExecute() throws Exception {
if (hostname.indexOf('@') >= 0) {
@@ -98,8 +91,7 @@ public class SshAction
}
}
- // Create the client from prototype
- SshClient client = (SshClient)
container.getComponentInstance(sshClientId);
+ SshClient client = sshClientFactory.create(quiet);
log.debug("Created client: {}", client);
client.start();
Added:
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshClientFactory.java
URL:
http://svn.apache.org/viewvc/karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshClientFactory.java?rev=1355756&view=auto
==============================================================================
---
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshClientFactory.java
(added)
+++
karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshClientFactory.java
Sat Jun 30 16:04:31 2012
@@ -0,0 +1,27 @@
+package org.apache.karaf.shell.ssh;
+
+import java.io.File;
+
+import org.apache.sshd.SshClient;
+import org.apache.sshd.agent.SshAgentFactory;
+import org.apache.sshd.client.ServerKeyVerifier;
+
+public class SshClientFactory {
+
+ private SshAgentFactory agentFactory;
+ private File knownHosts;
+
+ public SshClientFactory(SshAgentFactory agentFactory, File knownHosts) {
+ this.agentFactory = agentFactory;
+ this.knownHosts = knownHosts;
+ }
+
+ public SshClient create(boolean quiet) {
+ SshClient client = SshClient.setUpDefaultClient();
+ client.setAgentFactory(agentFactory);
+ KnownHostsManager knownHostsManager = new
KnownHostsManager(knownHosts);
+ ServerKeyVerifier serverKeyVerifier = new
ServerKeyVerifierImpl(knownHostsManager, quiet);
+ client.setServerKeyVerifier(serverKeyVerifier );
+ return client;
+ }
+}
Modified:
karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml
URL:
http://svn.apache.org/viewvc/karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml?rev=1355756&r1=1355755&r2=1355756&view=diff
==============================================================================
--- karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml
(original)
+++ karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml
Sat Jun 30 16:04:31 2012
@@ -56,9 +56,7 @@
<command-bundle xmlns="http://karaf.apache.org/xmlns/shell/v1.1.0";>
<command>
<action class="org.apache.karaf.shell.ssh.SshAction">
- <property name="sshClientId">
- <bp:idref component-id="sshClient"/>
- </property>
+ <property name="sshClientFactory" ref="sshClientFactory" />
</action>
</command>
<command>
@@ -70,17 +68,9 @@
</command>
</command-bundle>
- <bean id="knownHostsManager"
class="org.apache.karaf.shell.ssh.KnownHostsManager">
- <argument value="$[user.home]/.sshkaraf/known_hosts"/>
- </bean>
-
- <bean id="serverKeyVerifier"
class="org.apache.karaf.shell.ssh.ServerKeyVerifierImpl">
- <argument ref="knownHostsManager"/>
- </bean>
-
- <bean id="sshClient" class="org.apache.sshd.SshClient"
factory-method="setUpDefaultClient" scope="prototype">
- <property name="agentFactory" ref="agentFactory" />
- <property name="serverKeyVerifier" ref="serverKeyVerifier" />
+ <bean id="sshClientFactory"
class="org.apache.karaf.shell.ssh.SshClientFactory">
+ <argument ref="agentFactory" />
+ <argument value="$[user.home]/.sshkaraf/known_hosts"/>
</bean>
<bean id="userAuthFactoriesFactory"
class="org.apache.karaf.shell.ssh.UserAuthFactoriesFactory">
Modified:
karaf/trunk/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/ServerKeyVerifierImplTest.java
URL:
http://svn.apache.org/viewvc/karaf/trunk/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/ServerKeyVerifierImplTest.java?rev=1355756&r1=1355755&r2=1355756&view=diff
==============================================================================
---
karaf/trunk/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/ServerKeyVerifierImplTest.java
(original)
+++
karaf/trunk/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/ServerKeyVerifierImplTest.java
Sat Jun 30 16:04:31 2012
@@ -52,7 +52,7 @@ public class ServerKeyVerifierImplTest {
EasyMock.expectLastCall();
EasyMock.replay(knowHostsManager);
- ServerKeyVerifierImpl verifier = new
ServerKeyVerifierImpl(knowHostsManager);
+ ServerKeyVerifierImpl verifier = new
ServerKeyVerifierImpl(knowHostsManager, true);
boolean verified = verifier.verifyServerKey(null, address,
validServerKey);
Assert.assertTrue("Key should be verified as the key is new",
verified);
}
@@ -66,7 +66,7 @@ public class ServerKeyVerifierImplTest {
EasyMock.expect(knowHostsManager.getKnownKey(address,
ALGORITHM)).andReturn(validServerKey);
EasyMock.replay(knowHostsManager);
- ServerKeyVerifierImpl verifier = new
ServerKeyVerifierImpl(knowHostsManager);
+ ServerKeyVerifierImpl verifier = new
ServerKeyVerifierImpl(knowHostsManager, true);
boolean verified = verifier.verifyServerKey(null, address,
validServerKey);
Assert.assertTrue("Key should be verified as the key is known
and matches the key we verify", verified);
}
@@ -81,7 +81,7 @@ public class ServerKeyVerifierImplTest {
EasyMock.expect(knowHostsManager.getKnownKey(address,
ALGORITHM)).andReturn(otherServerKey);
EasyMock.replay(knowHostsManager);
- ServerKeyVerifierImpl verifier = new
ServerKeyVerifierImpl(knowHostsManager);
+ ServerKeyVerifierImpl verifier = new
ServerKeyVerifierImpl(knowHostsManager, true);
boolean verified = verifier.verifyServerKey(null, address,
validServerKey);
Assert.assertFalse("Key should not be verified as the key is
known and does not match the key we verify", verified);
}
Modified:
karaf/trunk/wrapper/command/src/main/java/org/apache/karaf/wrapper/commands/Install.java
URL:
http://svn.apache.org/viewvc/karaf/trunk/wrapper/command/src/main/java/org/apache/karaf/wrapper/commands/Install.java?rev=1355756&r1=1355755&r2=1355756&view=diff
==============================================================================
---
karaf/trunk/wrapper/command/src/main/java/org/apache/karaf/wrapper/commands/Install.java
(original)
+++
karaf/trunk/wrapper/command/src/main/java/org/apache/karaf/wrapper/commands/Install.java
Sat Jun 30 16:04:31 2012
@@ -16,16 +16,15 @@
*/
package org.apache.karaf.wrapper.commands;
+import java.io.File;
+
import org.apache.karaf.shell.commands.Command;
import org.apache.karaf.shell.commands.Option;
import org.apache.karaf.shell.console.AbstractAction;
-import org.apache.karaf.shell.console.OsgiCommandSupport;
import org.apache.karaf.wrapper.WrapperService;
import org.apache.karaf.wrapper.internal.WrapperServiceImpl;
import org.fusesource.jansi.Ansi;
-import java.io.File;
-
/**
* Installs the Karaf instance as a service in your operating system.
*/
