This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/karaf.git
The following commit(s) were added to refs/heads/master by this push:
new 4b32a5b [KARAF-5485] Add the sftpEnabled property in
org.apache.karaf.shell configuration to control the SSH SFTP system startup
4b32a5b is described below
commit 4b32a5b7514f63423adfc63857cffff6abe1ef46
Author: Jean-Baptiste Onofré <[email protected]>
AuthorDate: Wed Dec 13 14:18:37 2017 +0100
[KARAF-5485] Add the sftpEnabled property in org.apache.karaf.shell
configuration to control the SSH SFTP system startup
---
assemblies/features/standard/src/main/feature/feature.xml | 5 +++++
manual/src/main/asciidoc/user-guide/remote.adoc | 7 +++++++
.../ssh/src/main/java/org/apache/karaf/shell/ssh/Activator.java | 9 ++++++---
3 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/assemblies/features/standard/src/main/feature/feature.xml
b/assemblies/features/standard/src/main/feature/feature.xml
index cde6fea..a7d8b25 100644
--- a/assemblies/features/standard/src/main/feature/feature.xml
+++ b/assemblies/features/standard/src/main/feature/feature.xml
@@ -271,6 +271,11 @@
sshRole = ssh
#
+ # Defines if the SFTP system is enabled or not in the SSH server
+ #
+ sftpEnabled=true
+
+ #
# The location of the hostKey file defines where the
private/public key of the server
# is located. If no file is at the defined location it will be
ignored.
#
diff --git a/manual/src/main/asciidoc/user-guide/remote.adoc
b/manual/src/main/asciidoc/user-guide/remote.adoc
index 7c33f9d..5462523 100644
--- a/manual/src/main/asciidoc/user-guide/remote.adoc
+++ b/manual/src/main/asciidoc/user-guide/remote.adoc
@@ -88,6 +88,11 @@ hostKey = ${karaf.etc}/host.key
# sshRole = admin
#
+# Defines if the SFTP system is enabled or not in the SSH server
+#
+sftpEnabled=true
+
+#
# Self defined key size in 1024, 2048, 3072, or 4096
# If not set, this defaults to 4096.
#
@@ -122,6 +127,8 @@ The `etc/org.apache.karaf.shell.cfg` configuration file
contains different prope
and private key pair of the SSHd server.
* `sshRole` is the default role used for SSH access. The default value is the
value of `karaf.admin.role` property
defined in `etc/system.properties`. See the [Security section|security] of
this user guide for details.
+* `sftpEnabled` controls if the SSH server start the SFTP system or not. When
enabled, Karaf SSHd supports SFTP, meaning
+ that you can remotely access to the Karaf filesystem with any sftp clients.
* `keySize` is the key size used by the SSHd server. The possible values are
1024, 2048, 3072, or 4096. The default
value is 1024.
* `algorithm` is the host key algorithm used by the SSHd server. The possible
values are DSA or RSA. The default
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/Activator.java
b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/Activator.java
index 4c7667b..1deb9fe 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/Activator.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/Activator.java
@@ -156,6 +156,7 @@ public class Activator extends BaseActivator implements
ManagedService {
String[] kexAlgorithms = getStringArray("kexAlgorithms",
"diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1");
String welcomeBanner = getString("welcomeBanner", null);
String moduliUrl = getString("moduli-url", null);
+ boolean sftpEnabled = getBoolean("sftpEnabled", true);
Path serverKeyPath = Paths.get(hostKey);
KeyPairProvider keyPairProvider = new
OpenSSHKeyPairProvider(serverKeyPath.toFile(), algorithm, keySize);
@@ -170,12 +171,14 @@ public class Activator extends BaseActivator implements
ManagedService {
server.setCipherFactories(SshUtils.buildCiphers(ciphers));
server.setKeyExchangeFactories(SshUtils.buildKexAlgorithms(kexAlgorithms));
server.setShellFactory(new ShellFactoryImpl(sessionFactory));
- server.setCommandFactory(new
ScpCommandFactory.Builder().withDelegate(cmd -> new
ShellCommand(sessionFactory, cmd)).build());
- server.setSubsystemFactories(Collections.singletonList(new
SftpSubsystemFactory()));
+ if (sftpEnabled) {
+ server.setCommandFactory(new
ScpCommandFactory.Builder().withDelegate(cmd -> new
ShellCommand(sessionFactory, cmd)).build());
+ server.setSubsystemFactories(Collections.singletonList(new
SftpSubsystemFactory()));
+ server.setFileSystemFactory(new
VirtualFileSystemFactory(Paths.get(System.getProperty("karaf.base"))));
+ }
server.setKeyPairProvider(keyPairProvider);
server.setPasswordAuthenticator(authenticator);
server.setPublickeyAuthenticator(authenticator);
- server.setFileSystemFactory(new
VirtualFileSystemFactory(Paths.get(System.getProperty("karaf.base"))));
server.setUserAuthFactories(authFactoriesFactory.getFactories());
server.setAgentFactory(KarafAgentFactory.getInstance());
server.setTcpipForwardingFilter(AcceptAllForwardingFilter.INSTANCE);
--
To stop receiving notification emails like this one, please contact
['"[email protected]" <[email protected]>'].
