Jsch is a project mainly written in Java, based on the View license.
A git repository including all jsch releases.
JSch
Java Secure Channel
by [email protected], JCraft,Inc.
http://www.jcraft.com/jsch/
Last modified: Wed Nov 1 14:43:31 UTC 2006
JSch is a pure Java implementation of SSH2. JSch allows you to connect to an sshd server and use port forwarding, X11 forwarding, file transfer, etc., and you can integrate its functionality into your own Java programs. JSch is licensed under BSD style license.
Our intension in developing this stuff is to enable users of our pure java X servers, WiredX(http://wiredx.net/) and WeirdX, to enjoy secure X sessions. Our efforts have mostly targeted the SSH2 protocol in relation to X Window System and X11 forwarding. Of course, we are also interested in adding other functionality - port forward, file transfer, terminal emulation, etc.
This archive does not include java byte code, so please compile the source code by your self. $ cd jsch-?.?.?/src $ javac com/jcraft/jsch/java com/jcraft/jsch/jce/java com/jcraft/jzlib/*.java '/examples/' directory has included some samples to demonstrate what JSch can do. Please refer to '/examples/README' file.
JSch supports aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,
aes256-ctr but you require AES support in your J2SE to choose some of them.
If you are using Sun's J2SE, J2SE 1.4.2 or later is required.
And then, J2SE 1.4.2(or later) does not support aes256 by the default,
because of 'import control restrictions of some countries'.
We have confirmed that by applying
"Java Cryptography Extension (JCE)
Unlimited Strength Jurisdiction Policy Files 1.4.2"
on
http://java.sun.com/j2se/1.4.2/download.html#docs
we can enjoy 'aes256-cbc,aes256-ctr'.
JSch has a unique functionality, Stream Forwarding. Stream Forwarding allows you to plug Java I/O streams directly into a remote TCP port without assigning and opening a local TCP port. In port forwarding, as with the -L option of ssh command, you have to assign and open a local TCP port and that port is also accessible by crackers on localhost. In some case, that local TCP port may be plugged to a secret port via SSH session. A sample program, /example/StreamForwarding.java , demonstrates this functionality.
JSch allows you to generate DSA and RSA key pairs, which are in OpenSSH format. Please refer to 'examples/KeyGen.java'.
According to the draft from IETF sesch working group, the packet compression can be applied to each data stream directions; from sshd server to ssh client and from ssh client to sshd server. So, jsch allows you to choose which data stream direction will be compressed or not. For example, in X11 forwarding session, the packet compression for data stream from sshd to ssh client will save the network traffic, but usually the traffic from ssh client to sshd is light, so by omitting the compression for this direction, you may be able to save some CPU time. Please refer to a sample program 'examples/Compression.java'.
By setting properties, you can control the behavior of jsch. Here is an example of enabling the packet compression,
Session session=jsch.getSession(user, host, 22);
java.util.Properties config=new java.util.Properties();
config.put("compression.s2c", "zlib,none");
config.put("compression.c2s", "zlib,none");
session.setConfig(config);
session.connect();
Current release has supported following properties,
yes'', jsch will never automatically add host keys to the $HOME/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed. This property forces the user to manually add all new hosts. If this property is set to
no'',
jsch will automatically add new host keys to the user known hosts
files. If this property is set to ``ask'', new host keys will be
added to the user known host files only after the user has confirmed
that is what they really want to do, and jsch will refuse to connect
to hosts whose host key has changed.JSch is copyrighted by ymnk, JCraft,Inc. and is licensed through BSD style license. Read the LICENSE.txt file for the complete license.
JSch has been developed by [email protected] and it can not be hacked without several help.
If you have any comments, suggestions and questions, write us at [email protected]
``SSH is a registered trademark and Secure Shell is a trademark of SSH Communications Security Corp (www.ssh.com)''.