All Classes and Interfaces
Class
Description
Provides some default implementations for managing channel/connection open/close state
Holds a single
KeyPair which is generated the 1st time AbstractGeneratorHostKeyProvider.loadKeys(SessionContext) is called.TODO Add javadoc
Provides a default implementation for some
KeyPairProvider methodsServes as a common base class for the vast majority of classes that require some kind of logging.
Base class for PEM file key-pair loaders
Useful base class implementation for a decoder of an
OpenSSH encoded key dataUseful base class for
Signature implementation
Type safe key for storage of user attributes.
Provides the capability to attach in-memory attributes to the entity
Represents an entry in the user's
authorized_keys file according to the
OpenSSH
format.Wraps a target instance and an
AutoCloseable delegate into a proxy instance that closes both when wrapper
close method called.Base class for all Cipher implementations delegating to the JCE provider.
Base class for Digest algorithms based on the JCE provider.
Algorithm parameters for AES/GCM that assumes the IV uses an 8-byte counter field as its least significant bytes.
Base class for
Mac implementations based on the JCE provider.BCrypt implements OpenBSD-style Blowfish password hashing using
the scheme described in "A Future-Adaptable Password Scheme" by
Niels Provos and David Mazieres.
Utility to decrypt an RFC 5958 PKCS#8 EncryptedPrivateKeyInfo.
BouncyCastle
Random.Named factory for the BouncyCastle
RandomProvides an abstract message buffer for encoding SSH messages
General utilities for working with byte-encoded data.
Provides easy access to the currently implemented ciphers
Holds the result of
BuiltinCiphers.parseCiphersList(String)Holds the result of
BuiltinCompressions.parseCompressionsList(String)Provides easy access to the currently implemented digests
A named optional factory.
Contains the names of the identities
Provides easy access to the currently implemented macs
Provides easy access to the currently implemented signatures
Holds the result of the
BuiltinSignatures.parseSignatureList(String)Provides an implementation of
Buffer using a backing byte arrayCancellations may not always be effective immediately.
Some operation that can be cancelled.
A
CancelOption defines whether a Cancellable future that is waited upon shall be cancelled if waiting
times out or is interrupted.AEAD cipher based on the
OpenSSH
ChaCha20-Poly1305 cipher extension.
Wrapper for a cryptographic cipher, used either for encryption or decryption.
The reported algorithm name refers to the cipher base name - e.g., "AES", "ARCFOUR", etc.
Represents a no-op cipher.
This provider loads private keys from the specified resources that are accessible via
ClassLoader.getResourceAsStream(String).TODO Add javadoc
Watches over a group of files that contains client identities
Provides keys loading capability from the user's keys folder - e.g.,
id_rsaA
ClientIdentityProvider that watches a given key file re-loading its contents if it is ever modified,
deleted or (re-)createdTODO Add javadoc
A
Closeable is a resource that can be closed.A
/dev/null stream that can be closed - in which case it will throw IOExceptions if invoked after
being closedAn
SshFuture for asynchronous close requests.Configurable properties for sshd-common.
Interface used to compress the stream of data between the SSH server and clients.
Enum identifying if this object will be used to compress or uncompress data.
Provides a "bridge" between the configuration values and the actual
NamedFactory for the Compression.ZLib delayed compression.
ZLib based Compression.
Watches for changes in a configuration file and automatically reloads any changes
Something that can decrypt encrypted data given a password.
A default implementation of a
CancelFuture.A default
Cancellable future implementation.A default implementation of
CloseFuture.Monitors the
~/.ssh/config file of the user currently running the client, re-loading it if necessary.A default implementation of an
IoConnectFuture.A default implementation of
SshFuture.A bare minimum DER parser - just enough to be able to decode signatures and private keys
A bare-minimum DER encoder - just enough so we can encoder signatures and keys data
Interface used to compute digests, based on algorithms such as MD5 or SHA1.
The reported algorithm name refers to the type of digest being calculated.
Class for scanning a directory for files/directories which match certain criteria.
Utilities for working with elliptic curves.
The various
ECPoint representation compression indicatorsTODO complete this when SSHD-440 is done
An implementation of
GenericEd25519PEMResourceKeyParser tied to the net.i2p.crypto EdDSA security
provider.An implementation of
GenericEd25519PublicKeyDecoder tied to the net.i2p.crypto EdDSA security
provider.Provides generic operations required of a security provider to support EdDSA and Ed25519.
Utilities to extract the raw key bytes from ed25519 or ed448 public keys, in a manner that is independent of the
actual concrete key implementation classes.
A
/dev/null implementation - always openNotify about the occurrence of an event
Callback used by the shell to notify the SSH server is has exited
Factory is a simple interface that is used to create other objects.
This host key provider loads private keys from the specified files.
Something that can produce a result given a password.
TODO Add javadoc
A snapshot of file metadata that can be used to determine whether a file has been modified since the last time it was
read.
Interface that can be implemented by a command to be able to access the file system in which this command will be
used.
Factory for file system implementations - it returns the file system for user.
Tracks a file containing
KeyPair-s an re-loads it whenever a change has been sensed in the monitored file (if
it exists)Something that may have a failure exception.
Represents an entry in the client's configuration file as defined by the
ssh_config configuration file format
Represents a pattern definition in the known_hosts file
Represents an SSH key type - the referenced algorithm is the one used to generate the key - e.g., "RSA",
"DSA", "EC".
A dummy map that ignores all
put/remove callsDescribes a range of IP addresses specified in CIDR notation.
The complement to the
Callable interface - accepts one argument and possibly throws somethingInvokes some I/O function on the input returning some output and potentially throwing an
IOException in the
processRepresents a stream that can be read asynchronously.
Represents a stream that can be written asynchronously.
TODO Add javadoc
A
Random implementation using the built-in SecureRandom PRNG.Named factory for the JCE
RandomParses a known KEX extension
Provides some helpers for RFC 8308
Used to track the key-exchange (KEX) protocol progression.
TODO Add javadoc
The reported algorithm name refers to the encryption algorithm name - e.g., "RSA", "DSA"
Provider for key pairs.
Loads
KeyPairs from text resourcesA
KeyPairResourceWriter can serialize keys to an external representation.Draw an ASCII-Art representing the fingerprint so human brain can profit from its built-in pattern recognition
ability.
TODO Add javadoc
Utility class for keys
Available digesters for known hosts entries
Contains a representation of an entry in the
known_hosts fileWraps several
ClientIdentityProvider into a KeyPair Iterator that invokes each provider
"lazily" - i.e., only when Iterator.hasNext() is invoked.TODO Add javadoc
Creates a "smooth" wrapping
Iterable using several underlying ones to provide the values.Provides a selective
Iterable over values that match a specific type out of all available.An
Iterator that selects only objects of a certain type from the underlying available ones.Reads from another
InputStream up to specified max. length
Accumulates all written data into a work buffer and calls the actual writing method only when LF detected.
Calls the actual writing method only when LF detected in the written stream.
Used to hold the result of parsing a list of value.
Provides some more default implementations for
Logger interface methodsDumps everything that is written to the stream to the logger
Message Authentication Code for use in SSH.
The reported algorithm name refers to the MAC being used
Represents an un-modifiable pair of values
Watches over changes for a file and re-loads them if file has changed - including if file is deleted or (re-)created
Iterates over several
KeyIdentityProvider-s exhausting their keys one by one (lazily).Aggregates several
KeyIdentityProvider-s into a single logical one that (lazily) exposes the keys from each
aggregated providerHolds the result of parsing a list of
NamedFactoryiesA named factory is a factory identified by a name.
Native file system factory.
Wraps an
ExecutorService as a CloseableExecutorService and avoids calling its shutdown
methods when the wrapper is shut downTODO Add javadoc
TODO Add javadoc
Provides an "empty" file system that has no files/folders and throws exceptions on any attempt to access a
file/folder on it
Provides an "empty"
FileSystemProvider that has no files of any type.A
/dev/null input streamA {code /dev/null} output stream
A generic builder interface
An OpenSSH certificate key as specified by OpenSSH.
Certificate Options are a set of bytes that is
OpenSshCertificates have a type indicating whether the certificate if for a host key (certifying a host
identity) or for a user key (certifying a user identity).An implementation of
GenericOpenSSHEd25519PrivateKeyEntryDecoder tied to the net.i2p.crypto EdDSA
security providerA
PrivateKeyEncryptionContext for use with a OpenSSHKeyPairResourceWriter.Basic support for OpenSSH
key file(s)
A
KeyPairResourceWriter for writing keys in the modern OpenSSH format, using the OpenBSD bcrypt KDF for
passphrase-protected encrypted private keys.A key encryptor for modern-style OpenSSH private keys using the bcrypt KDF.
Operating system dependent utility methods.
Waits for a group of
Closeables to complete in any order, then signals the completion by setting the
"parent" future as closed
PrivateKeyInfo ::= SEQUENCE {
version Version,
privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
privateKey PrivateKey,
attributes [0] IMPLICIT Attributes OPTIONAL
}
Version ::= INTEGER
PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
PrivateKey ::= OCTET STRING
Attributes ::= SET OF Attribute
AlgorithmIdentifier ::= SEQUENCE {
algorithm OBJECT IDENTIFIER,
parameters ANY DEFINED BY algorithm OPTIONAL
}
Poly1305 one-time message authentication code.
Property definition.
Indicates an entity that can be configured using properties.
A enum describing the tty modes according to RFC 4254 -
section 8.
TODO Add javadoc
Represents a decoder of an
OpenSSH encoded key dataRepresents a public key identity
A pseudo random number generator.
Generic options
secure directory stream proxy for a
RootedFileSystemFile system provider which provides a rooted file system.
Utility functions for rooted file utils
A secure directory stream proxy for a
RootedFileSystemException used in the SSH client or server.
A
ByteArrayOutputStream that clears its internal buffer after resizing and when it is closed.Specific security providers related code
This is a utility class used by selectors and DirectoryScanner.
Waits for a group of
Closeables to complete in the given order, then signals the completion by setting the
"parent" future as closedA "succinct" summary of the most important attributes of an SSH session
System signals definition that the shell can receive.
Signature interface for SSH used to sign or verify packets.
DSA
SignatureSignature algorithm for EC keys using ECDSA.
An implementation of
GenericSignatureEd25519 tied to the net.i2p.crypto EdDSA security provider.Manage the list of named factories for
Signature.RSA
SignatureA simple implementation of an
AbstractGeneratorHostKeyProvider that writes and reads host keys using the
OpenSSH file format.Routes the effective logging to the
SimplifiedLog methods.A random factory wrapper that uses a single random instance.
Decodes a public key file encoded according to The Secure Shell (SSH)
Public Key File Format
This interface defines constants for the SSH protocol.
A simple socket address holding the host name and port number.
Default
ThreadFactory used by ThreadUtils to create thread pools if user did provide oneRepresents an SSH related exception
Represents the completion of an asynchronous SSH operation on a given object (it may be an SSH session or an SSH
channel).
Something interested in being notified when the completion of an asynchronous SSH operation :
SshFuture.A
PublicKey that has an SSH key type.Support for stty command on unix
This is registrar ensures that even if other registrars are active, we still use the Java built-in security provider
at least for some security entities.
A wrapper that exposes a read-only
Map access to the system properties.Utility class for thread pools.
Used to convey information about an expired timeout
Timeout status.
Handles the input while taking into account the
PtyModes for handling CR / LFHandles the output stream while taking care of the
PtyMode for CR / LF and ECHO settingsChecks equality between 2 entities of same type
A representation of an unsupported SSH public key -- just a key type and the raw key data.
Represents an authentication-in-progress tracker for a specific session
Represents a user authentication method
Represents an asynchronous operation whose successful result can be verified somehow.
SSHd file system factory to reduce the visibility to a physical folder.
Represents an asynchronous operation which one can wait for its completion.
Something that may carry a failure exception.