Apache MINA SFTP Example

Asked 18/7, 2016 at 16:41 Answered 8/7, 2022 at 15:7

I'm trying to set up an SFTP server with multiple users that each have their own home directory.

I read this answer which explained how to set a virtual directory for a single user but I'm not sure how to have multiple users each with their own home directory.

Can someone please tell me how to go about this?

Corunna answered 18/7, 2016 at 16:41 Comment(0)

I finally got it working. Here is a working example:

pom.xml

 <dependency>
    <groupId>org.apache.sshd</groupId>
    <artifactId>sshd-core</artifactId>
    <version>0.14.0</version>
</dependency>

Test.java

import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.sshd.SshServer;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.file.virtualfs.VirtualFileSystemFactory;
import org.apache.sshd.server.Command;
import org.apache.sshd.server.PasswordAuthenticator;
import org.apache.sshd.server.UserAuth;
import org.apache.sshd.server.auth.UserAuthPassword;
import org.apache.sshd.server.command.ScpCommandFactory;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.session.ServerSession;
import org.apache.sshd.server.sftp.SftpSubsystem;

public class Test {

    public static void main(String args[]) {
        try {
            Runtime.getRuntime().exec("sudo fuser -k " + "2222" + "/tcp");
        } catch (IOException ex) {
            Logger.getLogger(Test.class.getName()).log(Level.SEVERE, null, ex);
        }

        File TEST = new File("test");
        File ADMIN = new File("admin");
        File ERROR = new File("error");

        TEST.mkdirs();
        ADMIN.mkdirs();
        ERROR.mkdirs();

        SshServer sshServer = SshServer.setUpDefaultServer();
        sshServer.setFileSystemFactory(new VirtualFileSystemFactory(ERROR.getAbsolutePath()));
        sshServer.setPort(2222);
        sshServer.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(new File("my.pem").getAbsolutePath()));
        sshServer.setCommandFactory(new ScpCommandFactory());
        List<NamedFactory<UserAuth>> userAuthFactories = new ArrayList<>();
        userAuthFactories.add(new UserAuthPassword.Factory());
        sshServer.setUserAuthFactories(userAuthFactories);
        sshServer.setPasswordAuthenticator(new PasswordAuthenticator() {
            @Override
            public boolean authenticate(String username, String password, ServerSession session) {
                if ((username.equals("test")) && (password.equals("test"))) {
                    sshServer.setFileSystemFactory(new VirtualFileSystemFactory(TEST.getAbsolutePath()));
                    return true;
                }
                if ((username.equals("admin")) && (password.equals("admin"))) {
                    sshServer.setFileSystemFactory(new VirtualFileSystemFactory(ADMIN.getAbsolutePath()));
                    return true;
                }
                return false;
            }
        });
        List<NamedFactory<Command>> namedFactoryList = new ArrayList<>();
        namedFactoryList.add(new SftpSubsystem.Factory());
        sshServer.setSubsystemFactories(namedFactoryList);
        try {
            sshServer.start();
        } catch (IOException ex) {
            Logger.getLogger(CarrierSFTPServer.class.getName()).log(Level.SEVERE, null, ex);
        }

    }
}

Corunna answered 18/7, 2016 at 18:58 Comment(4)

Only caveat with this is that it may potentially have issues with concurrent users. I'm not sure how to resolve this though. – Corunna 1/8, 2016 at 17:45

It would be great if there was a more up to date version of the above. – Corunna 12/8, 2016 at 19:8

Hi, VirtualFileSystemFactory has a setUserHomeDir method where you can specify a home directory by user. Then FileSystemFactory will be able to handle many users. – Rizzio 15/5, 2017 at 8:0

:( Gives me a build issue locally: Cannot resolve symbol 'CarrierSFTPServer' – Smudge 8/7, 2022 at 15:10

Updated version of above (as of 1.4.0 of sshd-core). Note that I did not specify a file for the host key provider since mine was for a Junit integration test.

List<NamedFactory<UserAuth>> userAuthFactories = new ArrayList<NamedFactory<UserAuth>>();
userAuthFactories.add(new UserAuthPasswordFactory());

List<NamedFactory<Command>> sftpCommandFactory = new ArrayList<NamedFactory<Command>>();
sftpCommandFactory.add(new SftpSubsystemFactory());

SshServer sshd = SshServer.setUpDefaultServer();
sshd.setPort(22);
sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider());
sshd.setUserAuthFactories(userAuthFactories);
sshd.setCommandFactory(new ScpCommandFactory());
sshd.setSubsystemFactories(sftpCommandFactory);
sshd.setPasswordAuthenticator(new PasswordAuthenticator() {
  @Override
  public boolean authenticate(String username, String password, ServerSession session) {
    if ((username.equals("admin")) && (password.equals("admin"))) {
      sshd.setFileSystemFactory(new VirtualFileSystemFactory(new File("C:\\devl").toPath()));
      return true;
    }
    return false;
  }
});

sshd.start();

Supervise answered 12/6, 2017 at 15:44 Comment(1)

Copy-pasting this into the version 0.14.0 code, there are compile errors, and I can't seem to find some of the referenced classes, like UserAuthPasswordFactory and SftpSubsystemFactory. I guess other imports are required? – Smudge 8/7, 2022 at 15:3

For version 2.8.0 (dependency GAV: org.apache.sshd:sshd-sftp:2.8.0) this file provided a great resource for me:

https://github.com/spring-projects/spring-integration-samples/blob/main/basic/sftp/src/test/java/org/springframework/integration/samples/sftp/EmbeddedSftpServer.java

Excerpt because the link may break:

// ...

import org.apache.sshd.common.file.virtualfs.VirtualFileSystemFactory;
import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.sftp.server.SftpSubsystemFactory;

import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.SmartLifecycle;
import org.springframework.core.io.ClassPathResource;
import org.springframework.integration.sftp.session.DefaultSftpSessionFactory;
import org.springframework.util.Base64Utils;
import org.springframework.util.StreamUtils;
        
public class EmbeddedSftpServer implements InitializingBean, SmartLifecycle { 

    // ...

    private DefaultSftpSessionFactory defaultSftpSessionFactory;

    public void setPort(int port) {
        this.port = port;
    }

    public void setDefaultSftpSessionFactory(DefaultSftpSessionFactory defaultSftpSessionFactory) {
        this.defaultSftpSessionFactory = defaultSftpSessionFactory;
    }

    @Override
    public void afterPropertiesSet() throws Exception {
        final PublicKey allowedKey = decodePublicKey();
        this.server.setPublickeyAuthenticator((username, key, session) -> key.equals(allowedKey));
        this.server.setPort(this.port);
        this.server.setKeyPairProvider(new SimpleGeneratorHostKeyProvider(new File("hostkey.ser").toPath()));
        server.setSubsystemFactories(Collections.singletonList(new SftpSubsystemFactory()));
        final String pathname = System.getProperty("java.io.tmpdir") + File.separator + "sftptest" + File.separator;
        new File(pathname).mkdirs();
        server.setFileSystemFactory(new VirtualFileSystemFactory(Paths.get(pathname)));
    }

// ...

I usually leave the port unspecified, it uses a random port then, it seems.

Smudge answered 8/7, 2022 at 15:7 Comment(0)

Recommended topics

Hot tags