Fix Travis

Add support for authorized_keys files.
Each user can have a set of authorized keys for public key authentication. This is better to support as it lets us use different algorithms and not just RSA. In the age of security, it's good to have variety. I also added additional libraries to support ed25519-based public keys. I updated the SSH libraries so any upstream bug fixes are applied, fixed some warnings and a few other things.
2019-10-02 19:41:31 -07:00 · 2019-10-02 19:14:56 -07:00 · 2018-05-06 19:50:19 +03:00 · 2018-05-06 19:42:57 +03:00 · 2018-05-06 19:42:39 +03:00
19 changed files with 435 additions and 273 deletions
--- a/.clangformat
+++ b/.clangformat
@@ -0,0 +1,68 @@
+---
+#BasedOnStyle: WebKit
+TabWidth: '4'
+IndentWidth: '4'
+UseTab: 'Always'
+AlignOperands: 'true'
+AlignAfterOpenBracket: 'Align'
+AlignConsecutiveAssignments: 'true'
+AlignConsecutiveDeclarations: 'true'
+AlignEscapedNewlines: 'Left'
+AlignTrailingComments: 'true'
+AllowAllParametersOfDeclarationOnNextLine: 'true'
+AllowShortBlocksOnASingleLine: 'false'
+AllowShortCaseLabelsOnASingleLine: 'false'
+AllowShortFunctionsOnASingleLine: 'All'
+AllowShortIfStatementsOnASingleLine: 'false'
+AllowShortLoopsOnASingleLine: 'false'
+AlwaysBreakAfterReturnType: 'None'
+AlwaysBreakTemplateDeclarations: 'true'
+AlwaysBreakBeforeMultilineStrings: 'false'
+BinPackArguments: 'false'
+BinPackParameters: 'false'
+BreakBeforeBraces: 'Custom'
+BraceWrapping:
+  AfterEnum: 'true'
+  AfterClass: 'true'
+  AfterControlStatement: 'true'
+  AfterStruct: 'true'
+  AfterFunction: 'true'
+  AfterNamespace: 'true'
+  AfterUnion: 'true'
+  AfterExternBlock: 'true'
+  BeforeCatch: 'true'
+  BeforeElse: 'true'
+  SplitEmptyRecord: 'false'
+  SplitEmptyNamespace: 'false'
+  SplitEmptyFunction: 'false'
+BreakBeforeBinaryOperators: 'true'
+BreakBeforeTernaryOperators: 'false'
+BreakConstructorInitializersBeforeComma: 'false'
+BreakBeforeInheritanceComma: 'false'
+BreakStringLiterals: 'true'
+ColumnLimit: '140'
+CompactNamespaces: 'false'
+Cpp11BracedListStyle: 'true'
+ConstructorInitializerAllOnOneLineOrOnePerLine: 'false'
+DerivePointerAlignment: 'false'
+IndentCaseLabels: 'true'
+IndentPPDirectives: 'AfterHash'
+KeepEmptyLinesAtTheStartOfBlocks: 'true'
+Language: 'Java'
+NamespaceIndentation: 'All'
+PointerAlignment: 'Right'
+ReflowComments: 'true'
+SortIncludes: 'true'
+SortUsingDeclarations: 'true'
+SpaceAfterCStyleCast: 'false'
+SpaceAfterTemplateKeyword: 'false'
+SpaceBeforeAssignmentOperators: 'true'
+SpaceBeforeParens: ControlStatements
+SpaceInEmptyParentheses: 'false'
+SpacesInAngles: 'false'
+SpacesInCStyleCastParentheses: 'false'
+SpacesInContainerLiterals: 'false'
+SpacesInParentheses: 'false'
+SpacesInSquareBrackets: 'false'
+Standard: 'Auto'
+...
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,4 +1,5 @@
 sudo: false
+dist: trusty
 language: java
 jdk:
  - oraclejdk8
--- a/README.md
+++ b/README.md
@@ -1,6 +1,70 @@
-Bukkit-SSHD
+Spigot-SSHD
 ===========

-[![Build Status](https://travis-ci.org/rmichela/Bukkit-SSHD.png)](https://travis-ci.org/rmichela/Bukkit-SSHD)
+[![Build Status](https://travis-ci.org/Justasic/Spigot-SSHD.svg?branch=master)](https://travis-ci.org/Justasic/Spigot-SSHD)

-An SSHD daemon embedded in a Bukkit plugin.
+Have you ever wished you could remotely access your server's admin console without having to setup a complex remote access system? Now you can with SSHD.
+
+SSHD securely exposes your Spigot admin console using the SSH protocol - the same protocol that serves as the secure foundation for nearly all remote server administration.
+
+- Compatible with all ssh clients, regardless of operating system.
+- Remotely view your server log in real-time.
+- Remotely issue commands from the server console, just as if you were on the server itself.
+- Supports multiple concurrent remote connections.
+- Strong identity support using public key authentication.
+- Remotely script your server by issuing one-off console commands with ssh.
+
+## Why should I use SSHD?
+
+- Your server runs on Windows.
+- You are in a shared hosting environment that only gives you access to the - log files.
+- You want to share access to your server console, but don't want to give anybody access to the machine its running on.
+- You always wanted to use RCON, but want to see the server log as well.
+- You are tired of running your server in a Screen session.
+- You just want to access your server console using SSH.
+
+## Configuration 
+
+- **listenAddress** - The network interface(s) SSHD should listen on. (Default all)
+- **port** - Specify the port SSHD should listen on. (Default 22)
+- **username/password** - The credentials used to log into the server console. (Default blank)
+
+Note: By default, only public key authentication is enabled. This is the most secure authentication mode! Setting a username and password will make your server less secure.
+
+## Setting Up Public Key Authentication
+
+Setting up public key authentication with SSH requires first generating a public and private key pair and then installing just the public key on your Spigot server.
+
+On Windows
+
+1. TODO
+
+On Linux/OS X
+
+1. TODO
+
+## Commands
+None - just install and go.
+
+## Permissions
+
+None - SSHD uses cryptographic certificates or a secure username and password to verify remote access.
+
+## Source Code
+[Get the source on GitHub](https://github.com/Justasic/Spigot-SSHD "Source Code")
+
+## Metrics
+
+This plugin utilizes Hidendra's plugin metrics system. the following information is collected and sent to mcstats.org unless opted out:
+
+- A unique identifier
+- The server's version of Java
+- Whether the server is in offline or online mode
+- Plugin's version
+- Server's version
+- OS version/name and architecture
+- core count for the CPU
+- Number of players online
+- Metrics version
+
+Opting out of this service can be done by editing plugins/Plugin Metrics/config.yml and changing opt-out to true.
--- a/pom.xml
+++ b/pom.xml
@@ -5,9 +5,14 @@
    <modelVersion>4.0.0</modelVersion>

    <groupId>com.ryanmichela</groupId>
-    <artifactId>SSHD</artifactId>
-    <version>1.3.4</version>
-    <url>http://dev.bukkit.org/server-mods/sshd/</url>
+    <artifactId>sshd</artifactId>
+    <version>1.3.4.2</version>
+    <url>https://github.com/Justasic/Bukkit-SSHD/</url>
+
+    <properties>
+        <java.version>1.8</java.version>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    </properties>

    <!-- Repositories -->
    <repositories>
@@ -30,33 +35,57 @@
        <dependency>
            <groupId>org.bukkit</groupId>
            <artifactId>bukkit</artifactId>
-            <version>1.12.2-R0.1-SNAPSHOT</version>
+            <version>1.14.4-R0.1-SNAPSHOT</version>
        </dependency>

        <dependency>
            <groupId>org.apache.sshd</groupId>
            <artifactId>sshd-core</artifactId>
-            <version>1.6.0</version>
+            <version>2.3.0</version>
            <scope>compile</scope>
            <type>jar</type>
        </dependency>

+        <dependency>
+            <groupId>org.apache.sshd</groupId>
+            <artifactId>sshd-mina</artifactId>
+            <version>2.3.0</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.sshd</groupId>
+            <artifactId>sshd-common</artifactId>
+            <version>2.3.0</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.sshd</groupId>
+            <artifactId>sshd-sftp</artifactId>
+            <version>2.3.0</version>
+        </dependency>
+
+        <dependency>
+            <groupId>net.i2p.crypto</groupId>
+            <artifactId>eddsa</artifactId>
+            <version>0.3.0</version>
+        </dependency>
+        
        <dependency>
            <groupId>org.apache.mina</groupId>
            <artifactId>mina-core</artifactId>
-            <version>2.0.16</version>
+            <version>2.1.3</version>
        </dependency>

        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-api</artifactId>
-            <version>1.7.25</version>
+            <version>1.7.28</version>
        </dependency>
        
        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-jdk14</artifactId>
-            <version>1.7.25</version>
+            <version>1.7.28</version>
        </dependency>

        <dependency>
@@ -85,10 +114,12 @@
            <version>1.10</version>
            <scope>provided</scope>
        </dependency>
-            </dependencies>
+    </dependencies>

    <!-- Build -->
    <build>
+        <defaultGoal>clean package</defaultGoal>
+
        <resources>
            <resource>
                <targetPath>.</targetPath>
@@ -104,7 +135,7 @@
        <plugins>
            <plugin>
                <artifactId>maven-assembly-plugin</artifactId>
-                <version>3.1.0</version>
+                <version>3.1.1</version>
                <executions>
                    <execution>
                        <phase>package</phase>
@@ -126,7 +157,7 @@
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.5.1</version>
+                <version>3.7.0</version>
                <configuration>
                    <source>1.8</source>
                    <target>1.8</target>
--- a/src/main/java/com/ryanmichela/sshd/ConfigPasswordAuthenticator.java
+++ b/src/main/java/com/ryanmichela/sshd/ConfigPasswordAuthenticator.java
@@ -10,6 +10,7 @@ import java.util.Map;
 * Copyright 2013 Ryan Michela
 */
 public class ConfigPasswordAuthenticator implements PasswordAuthenticator {
+
    private Map<String, Integer> failCounts = new HashMap<String, Integer>();

    @Override
--- a/src/main/java/com/ryanmichela/sshd/ConsoleCommandCompleter.java
+++ b/src/main/java/com/ryanmichela/sshd/ConsoleCommandCompleter.java
@@ -4,15 +4,16 @@ package com.ryanmichela.sshd;
 * Copyright 2013 Ryan Michela
 */

+import jline.console.completer.Completer;
 import org.bukkit.Bukkit;
 import org.bukkit.command.CommandMap;
-import jline.console.completer.Completer;

 import java.util.List;
 import java.util.concurrent.ExecutionException;
 import java.util.logging.Level;

 public class ConsoleCommandCompleter implements Completer {
+
    public int complete(final String buffer, final int cursor, final List<CharSequence> candidates) {
        Waitable<List<String>> waitable = new Waitable<List<String>>() {
            @Override
--- a/src/main/java/com/ryanmichela/sshd/ConsoleCommandFactory.java
+++ b/src/main/java/com/ryanmichela/sshd/ConsoleCommandFactory.java
@@ -1,7 +1,8 @@
 package com.ryanmichela.sshd;

-import org.apache.sshd.server.Command;
-import org.apache.sshd.server.CommandFactory;
+import org.apache.sshd.server.command.Command;
+import org.apache.sshd.server.command.CommandFactory;
+import org.apache.sshd.server.channel.ChannelSession;
 import org.apache.sshd.server.Environment;
 import org.apache.sshd.server.ExitCallback;
 import org.bukkit.Bukkit;
@@ -14,12 +15,14 @@ import java.io.OutputStream;
 * Copyright 2013 Ryan Michela
 */
 public class ConsoleCommandFactory implements CommandFactory {
+
    @Override
-    public Command createCommand(String command) {
+    public Command createCommand(ChannelSession cs, String command) {
        return new ConsoleCommand(command);
    }

    public class ConsoleCommand implements Command {
+
        private String command;

        private InputStream in;
@@ -48,9 +51,10 @@ public class ConsoleCommandFactory implements CommandFactory {
        }

        @Override
-        public void start(Environment environment) throws IOException {
+        public void start(ChannelSession cs, Environment environment) throws IOException {
            try {
-                SshdPlugin.instance.getLogger().info("[U: " + environment.getEnv().get(Environment.ENV_USER) + "] " + command);
+                SshdPlugin.instance.getLogger()
+                        .info("[U: " + environment.getEnv().get(Environment.ENV_USER) + "] " + command);
                Bukkit.dispatchCommand(Bukkit.getConsoleSender(), command);
            } catch (Exception e) {
                SshdPlugin.instance.getLogger().severe("Error processing command from SSH -" + e.getMessage());
@@ -60,8 +64,6 @@ public class ConsoleCommandFactory implements CommandFactory {
        }

        @Override
-        public void destroy() {
-
-        }
-    }
+        public void destroy(ChannelSession cn) {}
+	}
 }
--- a/src/main/java/com/ryanmichela/sshd/ConsoleLogFormatter.java
+++ b/src/main/java/com/ryanmichela/sshd/ConsoleLogFormatter.java
@@ -54,20 +54,29 @@ public class ConsoleLogFormatter extends Formatter {
        // ORIGINAL CODE FROM org.bukkit.craftbukkit.command.ColouredConsoleSender
        final Map<ChatColor, String> replacements = new EnumMap<>(ChatColor.class);

-        replacements.put(ChatColor.BLACK, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.BLACK).boldOff().toString());
-        replacements.put(ChatColor.DARK_BLUE, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.BLUE).boldOff().toString());
-        replacements.put(ChatColor.DARK_GREEN, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.GREEN).boldOff().toString());
-        replacements.put(ChatColor.DARK_AQUA, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.CYAN).boldOff().toString());
-        replacements.put(ChatColor.DARK_RED, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.RED).boldOff().toString());
-        replacements.put(ChatColor.DARK_PURPLE, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.MAGENTA).boldOff().toString());
-        replacements.put(ChatColor.GOLD, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.YELLOW).boldOff().toString());
+        replacements
+                .put(ChatColor.BLACK, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.BLACK).boldOff().toString());
+        replacements
+                .put(ChatColor.DARK_BLUE, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.BLUE).boldOff().toString());
+        replacements.put(ChatColor.DARK_GREEN,
+                Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.GREEN).boldOff().toString());
+        replacements
+                .put(ChatColor.DARK_AQUA, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.CYAN).boldOff().toString());
+        replacements
+                .put(ChatColor.DARK_RED, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.RED).boldOff().toString());
+        replacements.put(ChatColor.DARK_PURPLE,
+                Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.MAGENTA).boldOff().toString());
+        replacements
+                .put(ChatColor.GOLD, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.YELLOW).boldOff().toString());
        replacements.put(ChatColor.GRAY, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.WHITE).boldOff().toString());
-        replacements.put(ChatColor.DARK_GRAY, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.BLACK).bold().toString());
+        replacements
+                .put(ChatColor.DARK_GRAY, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.BLACK).bold().toString());
        replacements.put(ChatColor.BLUE, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.BLUE).bold().toString());
        replacements.put(ChatColor.GREEN, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.GREEN).bold().toString());
        replacements.put(ChatColor.AQUA, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.CYAN).bold().toString());
        replacements.put(ChatColor.RED, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.RED).bold().toString());
-        replacements.put(ChatColor.LIGHT_PURPLE, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.MAGENTA).bold().toString());
+        replacements.put(ChatColor.LIGHT_PURPLE,
+                Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.MAGENTA).bold().toString());
        replacements.put(ChatColor.YELLOW, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.YELLOW).bold().toString());
        replacements.put(ChatColor.WHITE, Ansi.ansi().a(Ansi.Attribute.RESET).fg(Ansi.Color.WHITE).bold().toString());
        replacements.put(ChatColor.MAGIC, Ansi.ansi().a(Ansi.Attribute.BLINK_SLOW).toString());
--- a/src/main/java/com/ryanmichela/sshd/ConsoleShellFactory.java
+++ b/src/main/java/com/ryanmichela/sshd/ConsoleShellFactory.java
@@ -1,11 +1,20 @@
 package com.ryanmichela.sshd;

+import com.ryanmichela.sshd.ConsoleCommandCompleter;
+import com.ryanmichela.sshd.ConsoleLogFormatter;
+import com.ryanmichela.sshd.FlushyOutputStream;
+import com.ryanmichela.sshd.FlushyStreamHandler;
+import com.ryanmichela.sshd.SshTerminal;
+import com.ryanmichela.sshd.SshdPlugin;
+import com.ryanmichela.sshd.StreamHandlerAppender;
 import com.ryanmichela.sshd.implementations.SSHDCommandSender;
 import jline.console.ConsoleReader;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.core.Logger;
 import org.apache.sshd.common.Factory;
-import org.apache.sshd.server.Command;
+import org.apache.sshd.server.shell.ShellFactory;
+import org.apache.sshd.server.command.Command;
+import org.apache.sshd.server.channel.ChannelSession;
 import org.apache.sshd.server.Environment;
 import org.apache.sshd.server.ExitCallback;
 import org.bukkit.Bukkit;
@@ -16,19 +25,16 @@ import java.io.OutputStream;
 import java.util.logging.Level;
 import java.util.logging.StreamHandler;

-public class ConsoleShellFactory implements Factory<Command> {
+public class ConsoleShellFactory implements ShellFactory {

    static SSHDCommandSender sshdCommandSender = new SSHDCommandSender();

-    public Command get() {
-        return this.create();
-    }
-
-    public Command create() {
+    public Command createShell(ChannelSession cs) {
        return new ConsoleShell();
    }

    public static class ConsoleShell implements Command, Runnable {
+
        private InputStream in;
        private OutputStream out;
        private OutputStream err;
@@ -71,56 +77,76 @@ public class ConsoleShellFactory implements Factory<Command> {
            this.callback = callback;
        }

-        public void start(Environment env) throws IOException {
-            try {
-                consoleReader = new ConsoleReader(in, new FlushyOutputStream(out), new SshTerminal());
-                consoleReader.setExpandEvents(true);
-                consoleReader.addCompleter(new ConsoleCommandCompleter());
+        @Override
+		public void start(ChannelSession cs, Environment env) throws IOException
+		  {
+			  try
+			  {
+				  consoleReader = new ConsoleReader(in, new FlushyOutputStream(out), new SshTerminal());
+				  consoleReader.setExpandEvents(true);
+				  consoleReader.addCompleter(new ConsoleCommandCompleter());

-                StreamHandler streamHandler = new FlushyStreamHandler(out, new ConsoleLogFormatter(), consoleReader);
-                streamHandlerAppender = new StreamHandlerAppender(streamHandler);
+				  StreamHandler streamHandler = new FlushyStreamHandler(out, new ConsoleLogFormatter(), consoleReader);
+				  streamHandlerAppender		  = new StreamHandlerAppender(streamHandler);

-                ((Logger) LogManager.getRootLogger()).addAppender(streamHandlerAppender);
+				  ((Logger)LogManager.getRootLogger()).addAppender(streamHandlerAppender);

-                environment = env;
-                thread = new Thread(this, "SSHD ConsoleShell " + env.getEnv().get(Environment.ENV_USER));
-                thread.start();
-            } catch (Exception e) {
-                throw new IOException("Error starting shell", e);
-            }
+				  environment = env;
+				  thread	  = new Thread(this, "SSHD ConsoleShell " + env.getEnv().get(Environment.ENV_USER));
+				  thread.start();
+			  }
+			  catch (Exception e)
+			  {
+				  throw new IOException("Error starting shell", e);
+			  }
        }

-        public void destroy() {
-            ((Logger) LogManager.getRootLogger()).removeAppender(streamHandlerAppender);
-        }
+        @Override
+		public void destroy(ChannelSession cs) { ((Logger)LogManager.getRootLogger()).removeAppender(streamHandlerAppender); }

-        public void run() {
-            try {
+		public void run()
+        {
+            try
+            {
                if (!SshdPlugin.instance.getConfig().getString("mode").equals("RPC"))
                    printPreamble(consoleReader);
-                while (true) {
+                while (true)
+                {
                    String command = consoleReader.readLine("\r>", null);
-                    if (command == null) continue;
-                    if (command.equals("exit")) break;
-                    Bukkit.getScheduler().runTask(SshdPlugin.instance, () -> {
-                        if (SshdPlugin.instance.getConfig().getString("mode").equals("RPC") && command.startsWith("rpc")) {
-                            //NO ECHO NO PREAMBLE AND SHIT
-                            String cmd = command.substring("rpc".length() + 1, command.length());
-                            Bukkit.dispatchCommand(sshdCommandSender, cmd);
-                        } else {
-                            SshdPlugin.instance.getLogger().info("<" + environment.getEnv().get(Environment.ENV_USER) + "> " + command);
-                            Bukkit.dispatchCommand(Bukkit.getConsoleSender(), command);
-                        }
-                    });
+                    if (command == null)
+                        continue;
+                    if (command.equals("exit") || command.equals("quit"))
+                        break;
+                    Bukkit.getScheduler().runTask(
+                        SshdPlugin.instance, () ->
+                        {
+                            if (SshdPlugin.instance.getConfig().getString("mode").equals("RPC") && command.startsWith("rpc"))
+                            {
+                                // NO ECHO NO PREAMBLE AND SHIT
+                                String cmd = command.substring("rpc".length() + 1, command.length());
+                                Bukkit.dispatchCommand(sshdCommandSender, cmd);
+                            }
+                            else
+                            {
+                                SshdPlugin.instance.getLogger().info("<" + environment.getEnv().get(Environment.ENV_USER) + "> "
+                                                                    + command);
+                                Bukkit.dispatchCommand(Bukkit.getConsoleSender(), command);
+                            }
+                        });
                }
-            } catch (IOException e) {
+            }
+            catch (IOException e)
+            {
                SshdPlugin.instance.getLogger().log(Level.SEVERE, "Error processing command from SSH", e);
-            } finally {
+            }
+            finally
+            {
                callback.onExit(0);
            }
        }

-        private void printPreamble(ConsoleReader consoleReader) throws IOException {
+		private void printPreamble(ConsoleReader consoleReader) throws IOException
+        {
            consoleReader.println("  _____ _____ _    _ _____" + "\r");
            consoleReader.println(" / ____/ ____| |  | |  __ \\" + "\r");
            consoleReader.println("| (___| (___ | |__| | |  | |" + "\r");
@@ -133,5 +159,5 @@ public class ConsoleShellFactory implements Factory<Command> {
            consoleReader.println("Type 'exit' to exit the shell." + "\r");
            consoleReader.println("===============================================" + "\r");
        }
-    }
+	}
 }
--- a/src/main/java/com/ryanmichela/sshd/FlushyOutputStream.java
+++ b/src/main/java/com/ryanmichela/sshd/FlushyOutputStream.java
@@ -1,5 +1,7 @@
 package com.ryanmichela.sshd;

+import org.apache.sshd.common.SshException;
+
 import java.io.IOException;
 import java.io.OutputStream;

@@ -7,6 +9,7 @@ import java.io.OutputStream;
 * Copyright 2013 Ryan Michela
 */
 public class FlushyOutputStream extends OutputStream {
+
    private OutputStream base;
    private boolean isClosed = false;

@@ -16,23 +19,27 @@ public class FlushyOutputStream extends OutputStream {

    @Override
    public void write(int b) throws IOException {
-        if(isClosed) return;
+        if (isClosed) return;
        base.write(b);
        base.flush();
    }

    @Override
    public void write(byte[] b) throws IOException {
-        if(isClosed) return;
+        if (isClosed) return;
        base.write(b);
        base.flush();
    }

    @Override
    public void write(byte[] b, int off, int len) throws IOException {
-        if(isClosed) return;
-        base.write(b, off, len);
-        base.flush();
+        if (isClosed) return;
+        try {
+            base.write(b, off, len);
+            base.flush();
+        } catch (SshException e) {
+            if (!e.getMessage().contains("channel already closed")) throw e;
+        }
    }

    @Override
--- a/src/main/java/com/ryanmichela/sshd/FlushyStreamHandler.java
+++ b/src/main/java/com/ryanmichela/sshd/FlushyStreamHandler.java
@@ -1,8 +1,7 @@
 package com.ryanmichela.sshd;

-import org.apache.sshd.common.SshException;
 import jline.console.ConsoleReader;
-
+import org.apache.sshd.common.SshException;

 import java.io.IOException;
 import java.io.OutputStream;
@@ -12,6 +11,7 @@ import java.util.logging.*;
 * Copyright 2013 Ryan Michela
 */
 public class FlushyStreamHandler extends StreamHandler {
+
    private ConsoleReader reader;

    public FlushyStreamHandler(OutputStream out, Formatter formatter, ConsoleReader reader) {
--- a/src/main/java/com/ryanmichela/sshd/PemDecoder.java
+++ b/src/main/java/com/ryanmichela/sshd/PemDecoder.java
@@ -1,97 +0,0 @@
-package com.ryanmichela.sshd;
-
-import org.apache.commons.codec.binary.Base64;
-
-import java.io.Reader;
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.PublicKey;
-import java.security.spec.DSAPublicKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-
-/**
- * Copyright 2013 Ryan Michela
- */
-public class PemDecoder extends java.io.BufferedReader {
-    private static final String BEGIN = "^-+\\s*BEGIN.+";
-    private static final String END = "^-+\\s*END.+";
-    private static final String COMMENT = "Comment:";
-
-    public PemDecoder(Reader in) {
-        super(in);
-    }
-
-    public PublicKey getPemBytes() throws Exception {
-        StringBuilder b64 = new StringBuilder();
-
-        String line = readLine();
-        if (!line.matches(BEGIN)) {
-            return null;
-        }
-
-        for(line = readLine(); line != null; line = readLine()) {
-            if (!line.matches(END) && !line.startsWith(COMMENT)) {
-                b64.append(line.trim());
-            }
-        }
-
-        return decodePublicKey(b64.toString());
-    }
-
-    private byte[] bytes;
-    private int pos;
-
-    private PublicKey decodePublicKey(String keyLine) throws Exception {
-        bytes = null;
-        pos = 0;
-
-        // look for the Base64 encoded part of the line to decode
-        // both ssh-rsa and ssh-dss begin with "AAAA" due to the length bytes
-        for (String part : keyLine.split(" ")) {
-            if (part.startsWith("AAAA")) {
-                bytes = Base64.decodeBase64(part.getBytes());
-                break;
-            }
-        }
-        if (bytes == null) {
-            throw new IllegalArgumentException("no Base64 part to decode");
-        }
-
-        String type = decodeType();
-        if (type.equals("ssh-rsa")) {
-            BigInteger e = decodeBigInt();
-            BigInteger m = decodeBigInt();
-            RSAPublicKeySpec spec = new RSAPublicKeySpec(m, e);
-            return KeyFactory.getInstance("RSA").generatePublic(spec);
-        } else if (type.equals("ssh-dss")) {
-            BigInteger p = decodeBigInt();
-            BigInteger q = decodeBigInt();
-            BigInteger g = decodeBigInt();
-            BigInteger y = decodeBigInt();
-            DSAPublicKeySpec spec = new DSAPublicKeySpec(y, p, q, g);
-            return KeyFactory.getInstance("DSA").generatePublic(spec);
-        } else {
-            throw new IllegalArgumentException("unknown type " + type);
-        }
-    }
-
-    private String decodeType() {
-        int len = decodeInt();
-        String type = new String(bytes, pos, len);
-        pos += len;
-        return type;
-    }
-
-    private int decodeInt() {
-        return ((bytes[pos++] & 0xFF) << 24) | ((bytes[pos++] & 0xFF) << 16)
-                | ((bytes[pos++] & 0xFF) << 8) | (bytes[pos++] & 0xFF);
-    }
-
-    private BigInteger decodeBigInt() {
-        int len = decodeInt();
-        byte[] bigIntBytes = new byte[len];
-        System.arraycopy(bytes, pos, bigIntBytes, 0, len);
-        pos += len;
-        return new BigInteger(bigIntBytes);
-    }
-}
--- a/src/main/java/com/ryanmichela/sshd/PublicKeyAuthenticator.java
+++ b/src/main/java/com/ryanmichela/sshd/PublicKeyAuthenticator.java
@@ -1,50 +1,85 @@
 package com.ryanmichela.sshd;

 import org.apache.commons.lang.ArrayUtils;
+import org.apache.sshd.common.config.keys.AuthorizedKeyEntry;
+import org.apache.sshd.common.config.keys.PublicKeyEntryResolver;
 import org.apache.sshd.server.auth.pubkey.PublickeyAuthenticator;
 import org.apache.sshd.server.session.ServerSession;

 import java.io.File;
+import java.util.List;
 import java.io.FileReader;
 import java.security.PublicKey;

 /**
 * Copyright 2013 Ryan Michela
 */
-public class PublicKeyAuthenticator implements PublickeyAuthenticator {
-    private File authorizedKeysDir;
+public class PublicKeyAuthenticator implements PublickeyAuthenticator
+{

-    public PublicKeyAuthenticator(File authorizedKeysDir) {
-        this.authorizedKeysDir = authorizedKeysDir;
-    }
+  private File authorizedKeysDir;

-    @Override
-    public boolean authenticate(String username, PublicKey key, ServerSession session) {
-        byte[] keyBytes = key.getEncoded();
-        File keyFile = new File(authorizedKeysDir, username);
+  public PublicKeyAuthenticator(File authorizedKeysDir) { this.authorizedKeysDir = authorizedKeysDir; }

-        if (keyFile.exists()) {
-            try {
+	@Override public boolean authenticate(String username, PublicKey key, ServerSession session)
+	{
+		byte[] keyBytes = key.getEncoded();
+		File keyFile	= new File(authorizedKeysDir, username);

-                FileReader fr = new FileReader(keyFile);
-                PemDecoder pd = new PemDecoder(fr);
-                PublicKey k = pd.getPemBytes();
-                pd.close();
+		if (keyFile.exists())
+		{
+			try
+            {
+                List<AuthorizedKeyEntry> pklist = AuthorizedKeyEntry.readAuthorizedKeys(keyFile.toPath());
                
-                if (k != null) {
-                    if (ArrayUtils.isEquals(key.getEncoded(), k.getEncoded())) {
-                        return true;
-                    }
-                } else {
-                    SshdPlugin.instance.getLogger().severe("Failed to parse PEM file. " + keyFile.getAbsolutePath());
+                PublickeyAuthenticator auth = PublickeyAuthenticator.fromAuthorizedEntries(username, session, pklist,
+                        PublicKeyEntryResolver.IGNORING);
+
+				boolean accepted = auth.authenticate(username, key, session);
+
+                if (accepted)
+                {
+					SshdPlugin.instance.getLogger().info(
+						username + " successfully authenticated via SSH session using key file " + keyFile.getAbsolutePath());
+				}
+                else
+                {
+					SshdPlugin.instance.getLogger().info(
+						username + " failed authentication via SSH session using key file " + keyFile.getAbsolutePath());
+				}
+                return accepted;
+				/*
+
+				FileReader  fr = new FileReader(keyFile);
+				PemDecoder  pd = new PemDecoder(fr);
+				PublicKey k  = pd.getPemBytes();
+				pd.close();
+
+				if (k != null)
+				{
+					if (ArrayUtils.isEquals(key.getEncoded(), k.getEncoded()))
+					{
+						return true;
+					}
+				}
+				else
+				{
+					SshdPlugin.instance.getLogger().severe("Failed to parse PEM file. " + keyFile.getAbsolutePath());
                }
-            } catch (Exception e) {
-                SshdPlugin.instance.getLogger().severe("Failed to process public key " + keyFile.getAbsolutePath() + ". " + e.getMessage());
-            }
-        } else {
-            SshdPlugin.instance.getLogger().warning("Could not locate public key for " + username + ". Make sure the user's key is named the same as their user name without a file extension.");
-        }
+                */
+			}
+			catch (Exception e)
+			{
+				SshdPlugin.instance.getLogger().severe("Failed to process public key " + keyFile.getAbsolutePath() + " " + e.getMessage());
+			}
+		}
+		else
+		{
+			SshdPlugin.instance.getLogger().warning("Could not locate public key for " + username
+													+ ". Make sure the user's key is named the same as their user name "
+													+ "without a file extension.");
+		}

-        return false;
-    }
+		return false;
+	}
 }
--- a/src/main/java/com/ryanmichela/sshd/ReflectionUtil.java
+++ b/src/main/java/com/ryanmichela/sshd/ReflectionUtil.java
@@ -8,6 +8,7 @@ import java.lang.reflect.Modifier;
 * Copyright 2013 Ryan Michela
 */
 public class ReflectionUtil {
+
    public static void setProtectedValue(Object o, String field, Object newValue) {
        setProtectedValue(o.getClass(), o, field, newValue);
    }
@@ -36,9 +37,9 @@ public class ReflectionUtil {
    public static <T> T getProtectedValue(Object obj, String fieldName) {
        try {
            Class c = obj.getClass();
-            while(c != Object.class) {
+            while (c != Object.class) {
                Field[] fields = c.getDeclaredFields();
-                for(Field f : fields) {
+                for (Field f : fields) {
                    if (f.getName() == fieldName) {
                        f.setAccessible(true);
                        return (T) f.get(obj);
@@ -76,7 +77,7 @@ public class ReflectionUtil {
    public static Object invokeProtectedMethod(Class c, Object o, String method, Object... args) {
        try {
            Class[] pTypes = new Class[args.length];
-            for(int i = 0; i < args.length; i++) {
+            for (int i = 0; i < args.length; i++) {
                if (args[i] instanceof Integer) {
                    pTypes[i] = int.class;
                } else {
@@ -87,8 +88,7 @@ public class ReflectionUtil {
            Method m = c.getDeclaredMethod(method, pTypes);
            m.setAccessible(true);
            return m.invoke(o, args);
-        }
-        catch (Exception ex) {
+        } catch (Exception ex) {
            System.out.println("*** " + c.getName() + "." + method + "(): " + ex);
            return null;
        }
--- a/src/main/java/com/ryanmichela/sshd/SshdPlugin.java
+++ b/src/main/java/com/ryanmichela/sshd/SshdPlugin.java
@@ -6,6 +6,8 @@ import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
 import org.apache.sshd.server.subsystem.sftp.SftpSubsystemFactory;
 import org.bukkit.plugin.java.JavaPlugin;

+import com.ryanmichela.sshd.ConsoleShellFactory;
+
 import java.io.File;
 import java.io.IOException;
 import java.nio.file.FileSystems;
@@ -15,64 +17,72 @@ import java.util.logging.Level;
 /**
 * Copyright 2013 Ryan Michela
 */
-public class SshdPlugin extends JavaPlugin {
-    private SshServer sshd;
-    public static SshdPlugin instance;
+public
+class SshdPlugin extends JavaPlugin
+{

-    @Override
-    public void onLoad() {
-        saveDefaultConfig();
-        File authorizedKeys = new File(getDataFolder(), "authorized_keys");
-        if (!authorizedKeys.exists()) {
-            authorizedKeys.mkdirs();
-        }
+  private SshServer sshd;
+  public static SshdPlugin instance;

-        // Don't go any lower than INFO or SSHD will cause a stack overflow exception.
-        // SSHD will log that it wrote bites to the output stream, which writes
-        // bytes to the output stream - ad nauseaum.
-        getLogger().setLevel(Level.INFO);
-    }
+	@Override public void onLoad()
+	{
+		saveDefaultConfig();
+		File authorizedKeys = new File(getDataFolder(), "authorized_keys");
+		if (!authorizedKeys.exists())
+		{
+			authorizedKeys.mkdirs();
+		}

-    @Override
-    public void onEnable() {
-        instance = this;
+		// Don't go any lower than INFO or SSHD will cause a stack overflow exception.
+		// SSHD will log that it wrote bites to the output stream, which writes
+		// bytes to the output stream - ad nauseaum.
+		getLogger().setLevel(Level.INFO);
+	}

-        sshd = SshServer.setUpDefaultServer();
-        sshd.setPort(getConfig().getInt("port", 22));
-        String host = getConfig().getString("listenAddress", "all");
-        sshd.setHost(host.equals("all") ? null : host);
+	@Override public void onEnable()
+	{
+		instance = this;

-        File hostKey = new File(getDataFolder(), "hostkey");
-        File authorizedKeys = new File(getDataFolder(), "authorized_keys");
+		sshd = SshServer.setUpDefaultServer();
+		sshd.setPort(getConfig().getInt("port", 22));
+		String host = getConfig().getString("listenAddress", "all");
+		sshd.setHost(host.equals("all") ? null : host);

-        sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(hostKey));
-        sshd.setShellFactory(new ConsoleShellFactory());
-        sshd.setPasswordAuthenticator(new ConfigPasswordAuthenticator());
-        sshd.setPublickeyAuthenticator(new PublicKeyAuthenticator(authorizedKeys));
+		File hostKey		= new File(getDataFolder(), "hostkey");
+		File authorizedKeys = new File(getDataFolder(), "authorized_keys");

-        if (getConfig().getBoolean("enableSFTP")) {
-            sshd.setSubsystemFactories(Collections.singletonList(new SftpSubsystemFactory()));
-            sshd.setFileSystemFactory(new VirtualFileSystemFactory(
-                    FileSystems.getDefault().getPath(
-                            getDataFolder().getAbsolutePath()
-                    ).getParent().getParent()
-            ));
-        }
+		sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(hostKey.toPath()));
+		sshd.setShellFactory(new ConsoleShellFactory());
+		sshd.setPasswordAuthenticator(new ConfigPasswordAuthenticator());
+		sshd.setPublickeyAuthenticator(new PublicKeyAuthenticator(authorizedKeys));

-        sshd.setCommandFactory(new ConsoleCommandFactory());
-        try {
-            sshd.start();
-        } catch (IOException e) {
-            getLogger().log(Level.SEVERE, "Failed to start SSH server! ", e);
-        }
-    }
+		if (getConfig().getBoolean("enableSFTP"))
+		{
+			sshd.setSubsystemFactories(Collections.singletonList(new SftpSubsystemFactory()));
+			sshd.setFileSystemFactory(
+				new VirtualFileSystemFactory(FileSystems.getDefault().getPath(getDataFolder().getAbsolutePath()).getParent().getParent()));
+		}

-    @Override
-    public void onDisable() {
-        try {
-            sshd.stop();
-        } catch (Exception e) {
-            // do nothing
-        }
-    }
+		sshd.setCommandFactory(new ConsoleCommandFactory());
+		try
+		{
+			sshd.start();
+		}
+		catch (IOException e)
+		{
+			getLogger().log(Level.SEVERE, "Failed to start SSH server! ", e);
+		}
+	}
+
+	@Override public void onDisable()
+	{
+		try
+		{
+			sshd.stop();
+		}
+		catch (Exception e)
+		{
+			// do nothing
+		}
+	}
 }
--- a/src/main/java/com/ryanmichela/sshd/StreamHandlerAppender.java
+++ b/src/main/java/com/ryanmichela/sshd/StreamHandlerAppender.java
@@ -14,6 +14,7 @@ import java.util.logging.StreamHandler;
 * Copyright 2014 Ryan Michela
 */
 public class StreamHandlerAppender implements Appender {
+
    private StreamHandler streamHandler;
    private UUID uuid;

@@ -26,13 +27,13 @@ public class StreamHandlerAppender implements Appender {
    public void append(LogEvent logEvent) {
        java.util.logging.Level level;

-        if(logEvent.getLevel().equals(org.apache.logging.log4j.Level.DEBUG)) {
+        if (logEvent.getLevel().equals(org.apache.logging.log4j.Level.DEBUG)) {
            level = java.util.logging.Level.FINE;
-        } else if(logEvent.getLevel().equals(org.apache.logging.log4j.Level.INFO)) {
+        } else if (logEvent.getLevel().equals(org.apache.logging.log4j.Level.INFO)) {
            level = java.util.logging.Level.INFO;
-        } else if(logEvent.getLevel().equals(org.apache.logging.log4j.Level.WARN)) {
+        } else if (logEvent.getLevel().equals(org.apache.logging.log4j.Level.WARN)) {
            level = java.util.logging.Level.WARNING;
-        } else if(logEvent.getLevel().equals(org.apache.logging.log4j.Level.ERROR)) {
+        } else if (logEvent.getLevel().equals(org.apache.logging.log4j.Level.ERROR)) {
            level = java.util.logging.Level.SEVERE;
        } else {
            level = java.util.logging.Level.INFO;
--- a/src/main/java/com/ryanmichela/sshd/Waitable.java
+++ b/src/main/java/com/ryanmichela/sshd/Waitable.java
@@ -6,11 +6,13 @@ import java.util.concurrent.ExecutionException;
 * Copyright 2013 Ryan Michela
 */
 public abstract class Waitable<T> implements Runnable {
+
    private enum Status {
        WAITING,
        RUNNING,
        FINISHED,
    }
+
    Throwable t = null;
    T value = null;
    Status status = Status.WAITING;
--- a/src/main/java/com/ryanmichela/sshd/implementations/SSHDCommandSender.java
+++ b/src/main/java/com/ryanmichela/sshd/implementations/SSHDCommandSender.java
@@ -1,6 +1,5 @@
 package com.ryanmichela.sshd.implementations;

-import com.ryanmichela.sshd.ConsoleShellFactory;
 import com.ryanmichela.sshd.SshdPlugin;
 import org.bukkit.Bukkit;
 import org.bukkit.ChatColor;
@@ -16,6 +15,8 @@ import org.bukkit.permissions.PermissionAttachment;
 import org.bukkit.permissions.PermissionAttachmentInfo;
 import org.bukkit.plugin.Plugin;

+import com.ryanmichela.sshd.ConsoleShellFactory;
+
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.Set;
@@ -44,7 +45,7 @@ public class SSHDCommandSender implements ConsoleCommandSender, CommandSender {
    }

    public String getName() {
-        return "SSHD CONSOLE";
+        return "Console";
    }

    public boolean isOp() {
--- a/src/main/resources/plugin.yml
+++ b/src/main/resources/plugin.yml
@@ -1,4 +1,4 @@
 name: SSHD
 version: ${project.version}
-author: Ryan Michela, Haarolean, toxuin
+author: Ryan Michela, Haarolean, toxuin, Justin Crawford
 main: com.ryanmichela.sshd.SshdPlugin
Author	SHA1	Message	Date
Justin Crawford	25287b1580	Fix Travis	2019-10-02 19:41:31 -07:00
Justin Crawford	0458179597	Add support for authorized_keys files. Each user can have a set of authorized keys for public key authentication. This is better to support as it lets us use different algorithms and not just RSA. In the age of security, it's good to have variety. I also added additional libraries to support ed25519-based public keys. I updated the SSH libraries so any upstream bug fixes are applied, fixed some warnings and a few other things.	2019-10-02 19:14:56 -07:00
Haarolean	dc76da9ac1	Version bump	2018-05-06 19:50:19 +03:00
Haarolean	7330b1eead	Fix codestyle	2018-05-06 19:42:57 +03:00
Haarolean	8f6319d979	Fixed #10 Fixed #6 once more Added exit command alias	2018-05-06 19:42:39 +03:00