sshj - SSHv2 library for Java

To get started, have a look at one of the examples. Hopefully you will find the API pleasant to work with :)

Getting SSHJ

To get SSHJ, you have two options:

Add a dependency to SSHJ to your project.
Build SSHJ yourself.

And, if you want, you can also run the SSHJ examples.

Binary releases of SSHJ are not provided here, but you can download it straight from the Maven Central repository if you want to.

Depending on SSHJ

If you’re building your project using Maven, you can add the following dependency to the pom.xml:

<dependency>
  <groupId>com.hierynomus</groupId>
  <artifactId>sshj</artifactId>
  <version>0.15.0</version>
</dependency>

If your project is built using another build tool that uses the Maven Central repository, translate this dependency into the format used by your build tool.

Building SSHJ

Clone the Overthere repository.
Ensure you have Java6 installed with the Unlimited strength Java Cryptography Extensions (JCE).
Run the command ./gradlew clean build.

Running the examples

In the examples directory, there is a separate Maven project that shows how the library can be used in some sample cases. If you want to run them, follow these guidelines:

Install Maven 2.2.1 or up.
Clone the Overthere repository.
Go into the examples directory and run the command mvn eclipse:eclipse.
Import the examples project into Eclipse.
Change the login details in the example classes (address, username and password) and run them!

Features of the library include:

reading known_hosts files for host key verification
publickey, password and keyboard-interactive authentication
command, subsystem and shell channels
local and remote port forwarding
scp + complete sftp version 0-3 implementation

Supported algorithms

Implementations / adapters for the following algorithms are included:

ciphers: aes{128,192,256}-{cbc,ctr}, blowfish-{cbc,ctr}, 3des-{cbc,ctr}, twofish{128,192,256}-{cbc,ctr}, twofish-cbc, serpent{128,192,256}-{cbc,ctr}, idea-{cbc,ctr}, cast128-{cbc,ctr}, arcfour, arcfour{128,256} SSHJ also supports the following extended (non official) ciphers: camellia{128,192,256}-{cbc,ctr}, camellia{128,192,256}-{cbc,ctr}@openssh.org
key exchange: diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1, diffie-hellman-group-exchange-sha256, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
signatures: ssh-rsa, ssh-dss, ecdsa-sha2-nistp256, ssh-ed25519
mac: hmac-md5, hmac-md5-96, hmac-sha1, hmac-sha1-96, hmac-sha2-256, hmac-sha2-512
compression: zlib and zlib@openssh.com (delayed zlib)
private key files: pkcs8 encoded (what openssh uses)

If you need something that is not included, it shouldn’t be too hard to add (do contribute it!)

Comparing to other implementations

SSH Implementation Comparison

Dependencies

Java 6+. slf4j is required. bouncycastle is highly recommended and required for using some of the crypto algorithms. jzlib is required for using zlib compression.

Reporting bugs

Issue tracker: https://github.com/hierynomus/sshj/issues

Discussion

Google Group: http://groups.google.com/group/sshj-users

Contributing

Fork away!

Release history

SSHJ 0.16.0 (2016-04-11)

Fixed #239: Remote port forwards did not work if you used the empty string as address, or a catch-all address.
Fixed #242: Added OSGI headers to sources jar manifest
Fixed #236: Remote Port forwarding with dynamic port allocation fails with BufferUnderflowException
Upgraded gradle distribution to 2.12
Closed #234: Dropped Java6 support (0.15.0 was already Java6 incompatible due to Java7 dependency)
Fixed #118: Added configuration switch for waiting on a server ident before sending the client ident.
Fixed #114: Added javadoc that you always need to call close() on a Command before inspecting the exit codes.
Fixed #237: Fixed race condition if a hostkeys-00@openssh.com global request is received directly after a successful auth.

SSHJ 0.15.0 (2015-11-20)

Fixed #220: Added support for ssh-ed25519 host keys
Fixed #225: Fixed bug in ECDSA fingerprint calculation that sometimes produced an incorrect fingerprint
Added arcfour Stream Ciphers from RFC4253 and RFC4345
Added all Block Ciphers from RFC4344 and RFC4253

SSHJ 0.14.0 (2015-11-04)

Fixed #171: Added support for curve25519-sha256@libssh.org key exchange algorithm
Added support for ecdh-sha2-nistp256, ecdh-sha2-nistp384 and ecdh-sha2-nistp521 key exchange algorithms
Fixed #167: Added support for diffie-hellman-group-exchange-sha1 and diffie-hellman-group-exchange-sha256 key exchange methods
Fixed #212: Configure path escaping to enable shell expansion to work correctly
Merged #210: RemoteFileInputStream.skip returns wrong value (Fixes #209)
Merged #208: Added SCP bandwidth limitation support
Merged #211: Made keyfile format detection more robust

SSHJ 0.13.0 (2015-08-18)

Merged #199: Fix for IndexOutOfBoundsException in ReadAheadRemoteFileInputStream, fixes #183
Merged #195: New authentication supported: gssapi-with-mic
Merged #201: New option to verify negotiated key exchange algorithms
Merged #196: Fix for looking up complete hostname in known hosts file

SSHJ 0.12.0 (2015-04-14)

Added support for HTTP proxies when running JDK6 or JDK7, fixes: #170
Merged #186: Fix for detecting end-of-stream
Compiling to JDK6, fixes #179 and #185
Correctly close socket and channel when LocalPortForwarder fails to open and start the channel (Fixes #175 and #176)
Merged #181: Invalid write packet length when reading with offset (Fixes #180)

SSHJ 0.11.0 (2015-01-23)

New maven coordinates com.hierynomus:sshj:0.11.0 as @hierynomus took over as maintainer of SSHJ
Migrated build system to Gradle 2.2.1
Merged #150: Fix for incorrect file handle on some SSH servers, fixes: #54, #119, #168, #169
Made jzlib optional in OSGi bundling, fixes: #162
Improved some log levels, fixes: #161
Merged #156, #164, #165: Fixed block sizes for hmac-sha2-256 and hmac-sha2-512
Merged #141: Add proxy support
Merged #157, #163: Doc and build fixes
Upgraded BouncyCastle to 1.51, fixes: #142
Implemented keep-alive with connection drop detection, fixes #166

furkanozbay/sshj