Java 如何在ganymed-ssh2-build210.jar中禁用diffie-hellman-group1-sha1
在Java中,我们使用ganymed-ssh2-build210.jar通过ssh连接到服务器。我需要特别限制较弱的算法“diffie-hellman-group1-sha1” ganymed-ssh2-build210.jar中是否有任何可自定义的设置允许限制此操作Java 如何在ganymed-ssh2-build210.jar中禁用diffie-hellman-group1-sha1,java,ssh,diffie-hellman,java-security,ganymede,Java,Ssh,Diffie Hellman,Java Security,Ganymede,在Java中,我们使用ganymed-ssh2-build210.jar通过ssh连接到服务器。我需要特别限制较弱的算法“diffie-hellman-group1-sha1” ganymed-ssh2-build210.jar中是否有任何可自定义的设置允许限制此操作 是否有任何java.security设置可用于限制相同的密码?您希望更改服务器上而不是客户端上允许的密码,否则任何人都可以轻松绕过此设置 检查答案:您希望更改服务器上而不是客户端上允许的密码,否则任何人都可以轻松绕过此操作 检查答
是否有任何java.security设置可用于限制相同的密码?您希望更改服务器上而不是客户端上允许的密码,否则任何人都可以轻松绕过此设置
检查答案:您希望更改服务器上而不是客户端上允许的密码,否则任何人都可以轻松绕过此操作
检查答案:如果您无法控制服务器,但无法控制客户端上的库 以下可能是一种选择
- 获取库的源代码
- 修改
不再支持ch/ethz/ssh2/transport/KexManager.java
diffie-hellman-group1-sha1
- 编译修改后的代码
- 将补丁库创建为
,并将此库与客户端应用程序一起使用ganymed-ssh2-build210_1.jar
bin/
apache-sshd-1.6.0.tar.gz
ganymed-ssh2-build210.jar
ganymed-ssh2-build210-sources.jar
SshClientDemo.java
SshServerDemo.java
- 下载档案
package sub.optimal;
import java.nio.file.Paths;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.kex.KeyExchange;
import org.apache.sshd.common.util.GenericUtils;
import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.scp.ScpCommandFactory;
import org.apache.sshd.server.shell.InteractiveProcessShellFactory;
import org.apache.sshd.server.shell.ProcessShellFactory;
public class SshServerDemo extends Thread {
public static void main(String[] args) throws Exception {
Logger.getGlobal().setLevel(Level.FINEST);
SshServer sshd = SshServer.setUpDefaultServer();
sshd.setPort(2222);
sshd.setKeyPairProvider(
new SimpleGeneratorHostKeyProvider(Paths.get("hostkey.ser"))
);
sshd.setShellFactory(InteractiveProcessShellFactory.INSTANCE);
sshd.setCommandFactory(
new ScpCommandFactory.Builder().withDelegate(
cmd -> new ProcessShellFactory(
GenericUtils.split(cmd, ' ')
).create()
).build()
);
List<NamedFactory<KeyExchange>> keyExchangeFactories;
keyExchangeFactories = sshd.getKeyExchangeFactories();
keyExchangeFactories.removeIf(
e -> !e.getName().equals("diffie-hellman-group1-sha1")
);
sshd.setKeyExchangeFactories(keyExchangeFactories);
sshd.setPasswordAuthenticator(
(username, password, session) -> username.equals(password)
);
sshd.start();
Thread.sleep(Long.MAX_VALUE);
}
}
package sub.optimal;
import ch.ethz.ssh2.Connection;
import ch.ethz.ssh2.Session;
import ch.ethz.ssh2.StreamGobbler;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
public class SshClientDemo {
public static void main(String[] args) throws Exception {
Connection conn = new Connection("localhost", 2222);
conn.connect();
boolean isAuthenticated = conn.authenticateWithPassword("foo", "foo");
Session sess = conn.openSession();
System.out.println("session is authenticated: " + isAuthenticated);
sess.execCommand("echo I'm there...");
InputStream stdout = new StreamGobbler(sess.getStdout());
BufferedReader br = new BufferedReader(new InputStreamReader(stdout));
while (true) {
String line = br.readLine();
if (line == null) {
break;
}
System.out.println(line);
}
sess.close();
conn.close();
}
}
- 解压缩Apache服务器
tar xzf apache-sshd-1.6.0.tar.gz
- 编译演示类
javac -cp "apache-sshd-1.6.0/lib/*" -d bin/ SshServerDemo.java javac -cp ganymed-ssh2-build210.jar -d bin/ SshClientDemo.java
- 提取
KexManager.java
jar vxf ganymed-ssh2-build210-sources.jar \ ch/ethz/ssh2/transport/KexManager.java
public static final String[] getDefaultKexAlgorithmList() { return new String[] { "diffie-hellman-group-exchange-sha1", "diffie-hellman-group14-sha1"// , // "diffie-hellman-group1-sha1" }; } ... public static final void checkKexAlgorithmList(String[] algos) ... if ("diffie-hellman-group14-sha1".equals(algos[i])) continue; // if ("diffie-hellman-group1-sha1".equals(algos[i])) // continue; ...
javac -cp ganymed-ssh2-build210.jar ch/ethz/ssh2/transport/KexManager.java
- 修改文件
KexManager.java
jar vxf ganymed-ssh2-build210-sources.jar \ ch/ethz/ssh2/transport/KexManager.java
public static final String[] getDefaultKexAlgorithmList() { return new String[] { "diffie-hellman-group-exchange-sha1", "diffie-hellman-group14-sha1"// , // "diffie-hellman-group1-sha1" }; } ... public static final void checkKexAlgorithmList(String[] algos) ... if ("diffie-hellman-group14-sha1".equals(algos[i])) continue; // if ("diffie-hellman-group1-sha1".equals(algos[i])) // continue; ...
javac -cp ganymed-ssh2-build210.jar ch/ethz/ssh2/transport/KexManager.java
- 编译补丁的
KexManager.java
jar vxf ganymed-ssh2-build210-sources.jar \ ch/ethz/ssh2/transport/KexManager.java
public static final String[] getDefaultKexAlgorithmList() { return new String[] { "diffie-hellman-group-exchange-sha1", "diffie-hellman-group14-sha1"// , // "diffie-hellman-group1-sha1" }; } ... public static final void checkKexAlgorithmList(String[] algos) ... if ("diffie-hellman-group14-sha1".equals(algos[i])) continue; // if ("diffie-hellman-group1-sha1".equals(algos[i])) // continue; ...
javac -cp ganymed-ssh2-build210.jar ch/ethz/ssh2/transport/KexManager.java
- 创建一个补丁库
cp ganymed-ssh2-build210.jar ganymed-ssh2-build210-patched.jar jar vuf ganymed-ssh2-build210-patched.jar \ ch/ethz/ssh2/transport/KexManager.class
- 启动服务器
java -cp "bin/:apache-sshd-1.6.0/lib/*" sub.optimal.SshServerDemo
ssh -vv foo@localhost -p 2222
- 首先检查服务器支持的密钥交换算法
java -cp "bin/:apache-sshd-1.6.0/lib/*" sub.optimal.SshServerDemo
在输出中,仅报告ssh -vv foo@localhost -p 2222
diffie-hellman-group1-sha1
debug2: peer server KEXINIT proposal debug2: KEX algorithms: diffie-hellman-group1-sha1
- 使用未修补的库运行客户端
java -cp bin/:ganymed-ssh2-build210.jar sub.optimal.SshClientDemo
输出java -cp bin/:ganymed-ssh2-build210-patched.jar sub.optimal.SshClientDemo
session is authenticated: true I'm there...
Caused by: java.io.IOException: Cannot negotiate, proposals do not match.
- 使用已修补的库运行客户端
java -cp bin/:ganymed-ssh2-build210.jar sub.optimal.SshClientDemo
输出java -cp bin/:ganymed-ssh2-build210-patched.jar sub.optimal.SshClientDemo
session is authenticated: true I'm there...
在服务器日志上Caused by: java.io.IOException: Cannot negotiate, proposals do not match.
Unable to negotiate key exchange for kex algorithms \ (client: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 \ / server: diffie-hellman-group1-sha1)
这证明了带有补丁库的SshClientDemo无法使用密钥交换算法
diffie-hellman-group1-sha1
连接到服务器(PoC仅支持此服务器)。如果您无法控制服务器,但无法控制客户端上的库
以下可能是一种选择
- 获取库的源代码
- 修改
不再支持ch/ethz/ssh2/transport/KexManager.java
diffie-hellman-group1-sha1
- 编译修改后的代码
- 将补丁库创建为
,并将此库与客户端应用程序一起使用ganymed-ssh2-build210_1.jar
bin/
apache-sshd-1.6.0.tar.gz
ganymed-ssh2-build210.jar
ganymed-ssh2-build210-sources.jar
SshClientDemo.java
SshServerDemo.java
- 下载档案
package sub.optimal;
import java.nio.file.Paths;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.kex.KeyExchange;
import org.apache.sshd.common.util.GenericUtils;
import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.scp.ScpCommandFactory;
import org.apache.sshd.server.shell.InteractiveProcessShellFactory;
import org.apache.sshd.server.shell.ProcessShellFactory;
public class SshServerDemo extends Thread {
public static void main(String[] args) throws Exception {
Logger.getGlobal().setLevel(Level.FINEST);
SshServer sshd = SshServer.setUpDefaultServer();
sshd.setPort(2222);
sshd.setKeyPairProvider(
new SimpleGeneratorHostKeyProvider(Paths.get("hostkey.ser"))
);
sshd.setShellFactory(InteractiveProcessShellFactory.INSTANCE);
sshd.setCommandFactory(
new ScpCommandFactory.Builder().withDelegate(
cmd -> new ProcessShellFactory(
GenericUtils.split(cmd, ' ')
).create()
).build()
);
List<NamedFactory<KeyExchange>> keyExchangeFactories;
keyExchangeFactories = sshd.getKeyExchangeFactories();
keyExchangeFactories.removeIf(
e -> !e.getName().equals("diffie-hellman-group1-sha1")
);
sshd.setKeyExchangeFactories(keyExchangeFactories);
sshd.setPasswordAuthenticator(
(username, password, session) -> username.equals(password)
);
sshd.start();
Thread.sleep(Long.MAX_VALUE);
}
}
package sub.optimal;
import ch.ethz.ssh2.Connection;
import ch.ethz.ssh2.Session;
import ch.ethz.ssh2.StreamGobbler;
import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
public class SshClientDemo {
public static void main(String[] args) throws Exception {
Connection conn = new Connection("localhost", 2222);
conn.connect();
boolean isAuthenticated = conn.authenticateWithPassword("foo", "foo");
Session sess = conn.openSession();
System.out.println("session is authenticated: " + isAuthenticated);
sess.execCommand("echo I'm there...");
InputStream stdout = new StreamGobbler(sess.getStdout());
BufferedReader br = new BufferedReader(new InputStreamReader(stdout));
while (true) {
String line = br.readLine();
if (line == null) {
break;
}
System.out.println(line);
}
sess.close();
conn.close();
}
}
- 解压缩Apache服务器
tar xzf apache-sshd-1.6.0.tar.gz
- 编译演示类
javac -cp "apache-sshd-1.6.0/lib/*" -d bin/ SshServerDemo.java javac -cp ganymed-ssh2-build210.jar -d bin/ SshClientDemo.java
- 提取
KexManager.java
jar vxf ganymed-ssh2-build210-sources.jar \ ch/ethz/ssh2/transport/KexManager.java
public static final String[] getDefaultKexAlgorithmList() { return new String[] { "diffie-hellman-group-exchange-sha1", "diffie-hellman-group14-sha1"// , // "diffie-hellman-group1-sha1" }; } ... public static final void checkKexAlgorithmList(String[] algos) ... if ("diffie-hellman-group14-sha1".equals(algos[i])) continue; // if ("diffie-hellman-group1-sha1".equals(algos[i])) // continue; ...
javac -cp ganymed-ssh2-build210.jar ch/ethz/ssh2/transport/KexManager.java
- 修改文件
KexManager.java
jar vxf ganymed-ssh2-build210-sources.jar \ ch/ethz/ssh2/transport/KexManager.java
public static final String[] getDefaultKexAlgorithmList() { return new String[] { "diffie-hellman-group-exchange-sha1", "diffie-hellman-group14-sha1"// , // "diffie-hellman-group1-sha1" }; } ... public static final void checkKexAlgorithmList(String[] algos) ... if ("diffie-hellman-group14-sha1".equals(algos[i])) continue; // if ("diffie-hellman-group1-sha1".equals(algos[i])) // continue; ...
javac -cp ganymed-ssh2-build210.jar ch/ethz/ssh2/transport/KexManager.java
- 编译补丁的
KexManager.java
jar vxf ganymed-ssh2-build210-sources.jar \ ch/ethz/ssh2/transport/KexManager.java
public static final String[] getDefaultKexAlgorithmList() { return new String[] { "diffie-hellman-group-exchange-sha1", "diffie-hellman-group14-sha1"// , // "diffie-hellman-group1-sha1" }; } ... public static final void checkKexAlgorithmList(String[] algos) ... if ("diffie-hellman-group14-sha1".equals(algos[i])) continue; // if ("diffie-hellman-group1-sha1".equals(algos[i])) // continue; ...
javac -cp ganymed-ssh2-build210.jar ch/ethz/ssh2/transport/KexManager.java
- 创建一个补丁库
cp ganymed-ssh2-build210.jar ganymed-ssh2-build210-patched.jar jar vuf ganymed-ssh2-build210-patched.jar \ ch/ethz/ssh2/transport/KexManager.class
- 启动服务器
java -cp "bin/:apache-sshd-1.6.0/lib/*" sub.optimal.SshServerDemo
ssh -vv foo@localhost -p 2222
- 首先检查服务器支持的密钥交换算法
java -cp "bin/:apache-sshd-1.6.0/lib/*" sub.optimal.SshServerDemo
在输出中,仅报告ssh -vv foo@localhost -p 2222
diffie-hellman-group1-sha1
debug2: peer server KEXINIT proposal debug2: KEX algorithms: diffie-hellman-group1-sha1
- 使用未修补的库运行客户端
java -cp bin/:ganymed-ssh2-build210.jar sub.optimal.SshClientDemo
输出java -cp bin/:ganymed-ssh2-build210-patched.jar sub.optimal.SshClientDemo
session is authenticated: true I'm there...
Caused by: java.io.IOException: Cannot negotiate, proposals do not match.
- 使用已修补的库运行客户端
java -cp bin/:ganymed-ssh2-build210.jar sub.optimal.SshClientDemo
输出java -cp bin/:ganymed-ssh2-build210-patched.jar sub.optimal.SshClientDemo
session is authenticated: true I'm there...
在服务器日志上Caused by: java.io.IOException: Cannot negotiate, proposals do not match.
Unable to negotiate key exchange for kex algorithms \ (client: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 \ / server: diffie-hellman-group1-sha1)
这证明了带有补丁库的SshClientDemo不能使用密钥交换算法
diffie-hellman-group1-sha1
连接到服务器(对于PoC来说,它只支持这一个)。如果服务器只允许“diffie-hellman-group1-sha1”,我希望限制在客户端(java)中那我们就不联系了。你需要把你的问题扩大一点。。是否要阻止开发人员使用特定密码或用户为其开发客户端?在运行应用程序时,ssh连接建立不应允许“diffie-hellman-group1-sha1”不能真正回答我的问题。。但是,如果没有任何代码或更多关于runnin“应用程序”是什么的信息,很难给出一个示例。具体来说,希望客户端开发人员像前面所说的那样限制访问。我希望限制在客户端(java)中,如果服务器只允许“diffie-hellman-group1-sha1”,那么我们将无法连接。您需要稍微扩展一下您的问题。。是否要阻止开发人员使用特定密码或用户为其开发客户端?在运行应用程序时,ssh连接建立不应允许“diffie-hellman-group1-sha1”不能真正回答我的问题。。但是,如果没有任何代码或更多关于runnin“应用程序”是什么的信息,很难给出一个示例。具体来说,希望客户端开发人员如前所述限制访问。请查看我更新的答案。也许我不清楚我的意思。谢谢@SubOptimal提供的详细答案。请查看我的最新答案。也许我不清楚我的意思。谢谢@SubOptimal提供的详细答案