Maybe this change ?
https://github.com/apache/mina-sshd/commit/3932a1275f3a48d5a304dcfb151a3ca3ce6050ed
On Thu, Dec 13, 2012 at 5:53 PM, Wright, Omari <omari.wri...@solers.com>wrote:
> Configuration is as follows...
>
> ----------------
>
> server = new SshServer();
> // DHG14 uses 2048 bits key which are not supported by the default
> JCE provider
> if (SecurityUtils.isBouncyCastleRegistered()) {
>
> server.setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>>asList(
> new DHG14.Factory(),
> new DHG1.Factory()));
> server.setRandomFactory(new SingletonRandomFactory(new
> BouncyCastleRandom.Factory()));
> } else {
>
> server.setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>>asList(
> new DHG1.Factory()));
> server.setRandomFactory(new SingletonRandomFactory(new
> JceRandom.Factory()));
> }
>
> List<NamedFactory<Cipher>> avail = new
> LinkedList<NamedFactory<Cipher>>();
> avail.add(new AES128CTR.Factory());
> avail.add(new AES256CTR.Factory());
> avail.add(new ARCFOUR128.Factory());
> avail.add(new ARCFOUR256.Factory());
> avail.add(new AES128CBC.Factory());
> avail.add(new TripleDESCBC.Factory());
> avail.add(new BlowfishCBC.Factory());
> avail.add(new AES192CBC.Factory());
> avail.add(new AES256CBC.Factory());
>
> for (Iterator<NamedFactory<Cipher>> i = avail.iterator();
> i.hasNext();) {
> final NamedFactory<Cipher> f = i.next();
> try {
> final Cipher c = f.create();
> final byte[] key = new byte[c.getBlockSize()];
> final byte[] iv = new byte[c.getIVSize()];
> c.init(Cipher.Mode.Encrypt, key, iv);
> } catch (InvalidKeyException e) {
> i.remove();
> } catch (Exception e) {
> i.remove();
> }
> }
> server.setCipherFactories(avail);
>
> // Compression is not enabled by default
> //
> sshd.setCompressionFactories(Arrays.<NamedFactory<Compression>>asList(
> // new CompressionNone.Factory(),
> // new CompressionZlib.Factory(),
> // new CompressionDelayedZlib.Factory()));
>
> server.setCompressionFactories(Arrays.<NamedFactory<Compression>>asList(
> new CompressionNone.Factory()));
> server.setMacFactories(Arrays.<NamedFactory<Mac>>asList(
> new HMACMD5.Factory(),
> new HMACSHA1.Factory(),
> new HMACMD596.Factory(),
> new HMACSHA196.Factory()));
> server.setChannelFactories(Arrays.<NamedFactory<Channel>>asList(
> new PdaChannelSession.Factory(),
> new ChannelDirectTcpip.Factory()));
>
> server.setSignatureFactories(Arrays.<NamedFactory<Signature>>asList(
> new SignatureDSA.Factory(),
> new SignatureRSA.Factory()));
> server.setFileSystemFactory(new PdaFileSystemFactory());
>
> ForwardingAcceptorFactory faf = new
> DefaultForwardingAcceptorFactory();
> server.setTcpipForwardNioSocketAcceptorFactory(faf);
> server.setX11ForwardNioSocketAcceptorFactory(faf);
>
> server.setPort(2222);
>
> if (SecurityUtils.isBouncyCastleRegistered()) {
> server.setKeyPairProvider(new
> PEMGeneratorHostKeyProvider("key.pem"));
> } else {
> server.setKeyPairProvider(new
> SimpleGeneratorHostKeyProvider("key.ser"));
> }
> if (OsUtils.isUNIX()) {
> server.setShellFactory(new ProcessShellFactory(new String[] {
> "/bin/sh", "-i", "-l" },
>
> EnumSet.of(ProcessShellFactory.TtyOptions.ONlCr)));
> } else {
> server.setShellFactory(new ProcessShellFactory(new String[] {
> "cmd.exe "},
>
> EnumSet.of(ProcessShellFactory.TtyOptions.Echo,
> ProcessShellFactory.TtyOptions.ICrNl,
> ProcessShellFactory.TtyOptions.ONlCr)));
> }
>
>
> server.setSubsystemFactories(Arrays.<NamedFactory<Command>>asList(new
> PdaSftpSubsystem.Factory()));
>
> server.setCommandFactory(new PdaScpCommandFactory());
>
> server.setPasswordAuthenticator(new PasswordAuthenticator() {
> public boolean authenticate(String username, String password,
> ServerSession session) {
> PdaUserManager userManager = new PdaUserManager();
> Authentication auth = new
> UsernamePasswordAuthentication(username,password);
>
> try {
> User user =
> userManager.authenticate(auth);
> if (user.getTokenId() != null) {
> TokenId tokenId = new
> TokenId(user.getTokenId());
>
> session.setAttribute(TOKEN_ID, tokenId);
> return true;
> }
> } catch (AuthenticationFailedException e) {
> logException(e, "authenticate");
> }
>
> return false;
> }
> });
>
> -------------------------
>
> UserManager is a modified version of Apache FtpServer's properties user
> manager.
>
> -----Original Message-----
> From: Guillaume Nodet [mailto:gno...@gmail.com]
> Sent: Thursday, December 13, 2012 11:33 AM
> To: users
> Subject: Re: [Apache SSHD] Authentication change between 0.6.0 and 0.8.0?
>
> COuld you give a bit more details on your set up and authentication
> process ?
>
>
> On Thu, Dec 13, 2012 at 4:55 PM, Wright, Omari <omari.wri...@solers.com
> >wrote:
>
> > When I ported my project over to Apache SSHD 0.8.0, my implementation
> > for authentication stopped working. Now a user is automatically logged
> > in as root when they attempt to connect to the server.
> >
>
>
>
> --
> ------------------------
> Guillaume Nodet
> ------------------------
> Blog: http://gnodet.blogspot.com/
> ------------------------
> FuseSource, Integration everywhere
> http://fusesource.com
>
--
------------------------
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
FuseSource, Integration everywhere
http://fusesource.com
