Skip to content
/ jsch Public
forked from mwiede/jsch

fork of the popular jsch library

License

View license
0 stars 146 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jda258/jsch

BranchesTags
 
 

Repository files navigation

Fork of JSch-0.1.55

See original README

GitHub release Maven Central Java CI with Maven Quality Gate Status

Why should you use this library?

As I explained in a blog post the main points are:

  • OpenSSH will disable ssh-rsa in the future per default and you need a library which supports rsa-sha2-256 and rsa-sha2-512.
  • Drop in replacement: just change dependency coordinates and you are good to go.
  • No active maintenance of JSch at SourceForge.
  • Stay in sync with OpenJDK features so there is no need for additional dependencies.

FAQ

  • Is this fork 100% compatible with original JSch, because the connection to my server does not work any more!
    • For compatibility with OpenSSH and improved security, the order of crypto algorithms was changed. If you still want to use older or deprecated algorithms, you need to change the configuration. Examples see #37, #40
    • To make it easier to adjust the crypto algorithms, starting with 0.1.65 the following system properties can be set at your application's startup:
      • jsch.kex
        • analogous to JSch.setConfig("kex", "...")
      • jsch.server_host_key
        • analogous to JSch.setConfig("server_host_key", "...")
      • jsch.cipher
        • analogous to JSch.setConfig("cipher.s2c", "...") + JSch.setConfig("cipher.c2s", "...")
      • jsch.mac
        • analogous to JSch.setConfig("mac.s2c", "...") + JSch.setConfig("mac.c2s", "...")
      • jsch.compression
        • analogous to JSch.setConfig("compression.s2c", "...") + JSch.setConfig("compression.c2s", "...")
      • jsch.lang
        • analogous to JSch.setConfig("lang.s2c", "...") + JSch.setConfig("lang.c2s", "...")
      • jsch.dhgex_min
        • analogous to JSch.setConfig("dhgex_min", "...")
      • jsch.dhgex_max
        • analogous to JSch.setConfig("dhgex_max", "...")
      • jsch.dhgex_preferred
        • analogous to JSch.setConfig("dhgex_preferred", "...")
      • jsch.compression_level
        • analogous to JSch.setConfig("compression_level", "...")
      • jsch.preferred_authentications
        • analogous to JSch.setConfig("PreferredAuthentications", "...")
      • jsch.client_pubkey
        • analogous to JSch.setConfig("PubkeyAcceptedAlgorithms", "...")
      • jsch.check_ciphers
        • analogous to JSch.setConfig("CheckCiphers", "...")
      • jsch.check_macs
        • analogous to JSch.setConfig("CheckMacs", "...")
      • jsch.check_kexes
        • analogous to JSch.setConfig("CheckKexes", "...")
      • jsch.check_signatures
        • analogous to JSch.setConfig("CheckSignatures", "...")
      • jsch.fingerprint_hash
        • analogous to JSch.setConfig("FingerprintHash", "...")
      • jsch.max_auth_tries
        • analogous to JSch.setConfig("MaxAuthTries", "...")
  • Are ssh-ed25519, ssh-ed448, curve25519-sha256, curve448-sha512 & [email protected] supported?
    • This library is a Multi-Release-jar, which means that you can only use certain features when a more recent Java version is used.
      • In order to use ssh-ed25519 & ssh-ed448, you must use at least Java 15.
      • In order to use curve25519-sha256, curve448-sha512 & [email protected], you must use at least Java 11.

Changes since fork:

  • 0.1.65
    • Added system properties to allow manipulation of various crypto algorithms used by default
    • Integrated JZlib, allowing use of [email protected] & zlib compressions without the need to provide the JZlib jar-file
    • Modularized the jar-file for use with Java 9 or newer
    • Added runtime controls for the min/max/preferred sizes used for diffie-hellman-group-exchange-sha256 & diffie-hellman-group-exchange-sha1
    • Renamed PubkeyAcceptedKeyTypes config to PubkeyAcceptedAlgorithms to match recent changes in OpenSSH (PubkeyAcceptedKeyTypes is still accepted for backward compatibility)
    • Reduced number of algorithms that are runtime checked by default via CheckCiphers, CheckMacs, CheckKExes & CheckSignatures to improve runtime performance
  • 0.1.64 Fixing #55
  • 0.1.63 Fixing #42
  • 0.1.62 bugfixes and code cleanup
  • 0.1.61
    • Add support for [email protected], ssh-ed25519, ssh-ed448, curve448-sha512, diffie-hellman-group15-sha512 & diffie-hellman-group17-sha512. This makes use of the new EdDSA feature added in Java 15's JEP 339. #17
    • added integration test for public key authentication #19
  • 0.1.60
    • support for openssh-v1-private-key format opensshFormat.md.
    • Fix bug with AEAD ciphers when compression is used. #15
  • 0.1.59 fixing issue from https://sourceforge.net/p/jsch/mailman/message/36872566/
  • 0.1.58 support for more algorithms contributed by @norrisjeremy see #4
  • 0.1.57 support for rsa-sha2-256 and rsa-sha2-512. #1
  • 0.1.56 support for [email protected] (see SocketForwardingL.java)

About

fork of the popular jsch library

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

10 tags

Packages

No packages published

Languages

  • Java 96.8%
  • Scala 1.5%
  • Shell 1.3%
  • Other 0.4%