Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: jsch-demo | Distribution: SUSE Linux Enterprise 15 |
Version: 0.2.15 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 150200.11.13.1 | Build date: Fri Jan 26 16:15:30 2024 |
Group: Development/Libraries/Java | Build host: h04-ch2a |
Size: 141345 | Source RPM: jsch-0.2.15-150200.11.13.1.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://github.com/mwiede/jsch/ | |
Summary: Pure Java implementation of SSH2 |
JSch allows you to connect to an sshd server and use port forwarding, X11 forwarding, file transfer, etc., and you can integrate its functionality into your own Java programs.
BSD-3-Clause
* Wed Dec 20 2023 gkenion@suse.com - Upgrade to version 0.2.15, which includes fix for SSH protocol vulnerability (bsc#1218134, CVE-2023-48795) * Changes in 0.2.15: + Address CVE-2023-48795 by adding support for new strict key exchange extension + Add support for ext-info-in-auth@openssh.com extension + Introduce two new config options to control usage of the new strict key exchange extension: ~ enable_strict_kex (set to yes by default) ~ require_strict_kex (set to no by default) ~ If either option (or both) is enabled, then JSch will attempt to use the new strict key exchange extension. ~ If the require_strict_kex option is enabled and JSch detects the server does not support it, then JSch will terminate the connection and throw an exception. ~ If the require_strict_kex option is not enabled and JSch detects the server does not support it, then JSch will fallback and proceed with the connection without using the new extension. + This gives users the ability to enable a strong security posture if needed and avoid proceeding with connections to potentially insecure servers. * Changes in 0.2.14: + #450 use Socket.connect() with a timeout that has been supported since Java 1.4 instead of using old method of creating a separate thread and joining to that thread with timeout * Changes in 0.2.13: + #411 Add flush operation from Fix added is/jsch#39, with new config option to allow disabling in case it causes regressions. + #403 add a warning when Channel.getInputStream() or Channel.getExtInputStream() is called after Channel.connect(). * Changes in 0.2.12: + Further refine previous fixes for windows line endings in PEM keys + #392 replace call to BigInteger.intValueExact to remain compatible with android api 30 + Introduce JSchSessionDisconnectException to allow the reasonCode to be retrieved without String parsing + Introduce specific JSchException for HostKey related failures * Changes in 0.2.11: + update dependencies changes + #369 fix multi-line PEM key parsing to work with windows line endings due to regression from previous fix for #362. * Changes in 0.2.10: + Fix new Java 21 compiler warning: possible 'this' escape before subclass is fully initialized + Tweak OSGi bundle manifest to allow Log4j 3 + #362 fix PEM key parsing to work with windows line endings + #361 guard against UIKeyboardInteractive implementations that include NULL elements in the String[] returned from promptKeyboardInteractive() + Add a default implmentation of the deprecated decrypt() method to the Identity interface that throws an UnsupportedOperationException * Sat Jun 03 2023 fstrba@suse.com - Migrate from com.jcraft:jsch to com.github.mwiede:jsch fork (bsc#1211955) * Alias to the old artifact since the new one is drop-in replacement * Keep the old OSGi bundle symbolic name to avoid extensive patching of eclipse stack - Upgrade to version 0.2.9 * Changes of 0.2.9 + various improvements, #295 ~ #293 allow UserAuthNone to be extended. ~ Make JGSS module optional. ~ Tweak OSGi bundle manifest: ~ Avoid self-import. ~ Mark JGSS as optional. ~ Loosen import versions of dependencies. ~ Correctly adhere to the Multi-release JAR spec by ensuring all public classes under versioned directories preside over classes present in the top-level directory. ~ Eliminate stray System.err.println() calls. ~ Change PageantConnector to use JNA's built-in support for User32.SendMessage(). + Improve error handling in InputStream.close() for SFTP channels, #331 * Changes of 0.2.8 + activate sourcecode formatting, #247 + build improvements, #279 + #287 add algorithm type information to algorithm negotiation logs, #290 + wrap NoClassDefFoundError's for invalid private keys, #289 and [#290] * Changes of 0.2.7 + #265 change buffer_margin computation to be dynamic based upon the MAC to allow connections that advertise small maximum packet sizes. + #266 fix PuTTY key parsing to work with unix line endings. + Add support for ECDSA and EdDSA type PuTTY keys. + #71 add support for PuTTY version 3 format keys. ~ Encrypted PuTTY version 3 format keys requires Bouncy Castle (bcprov-jdk18on). + Eliminate KeyPairDeferred and instead change handling of OpenSSH V1 type keys to be more like other KeyPair types. + Be more vigilant about clearing private key data. + Improve PKCS8 key handling and add support for PKCS5 2.1 encryption. + Add support for ECDSA type PKCS8 keys. + Add support for SCrypt type KDF for PKCS8 keys. ~ PKCS8 keys using SCrypt requires Bouncy Castle (bcprov-jdk18on). + Add support for EdDSA type PKCS8 keys. ~ EdDSA type PKCS8 keys requires Bouncy Castle (bcprov-jdk18on). + Attempt to authenticate using other signature algorithms supported by the same public key. ~ Allow this behavior to be disabled via try_additional_pubkey_algorithms config option. ° Some servers incorrectly respond with SSH_MSG_USERAUTH_PK_OK to an initial auth query that they don't actually support for RSA keys. + Add a new config option enable_pubkey_auth_query to allow skipping auth queries and proceed directly to attempting full SSH_MSG_USERAUTH_REQUEST's. + Add a new config option enable_auth_none to control whether an initial auth request for the method none is sent to detect all supported auth methods available on the server. * Changes of 0.2.6 + Include host alias instead of the real host in messages and exceptions, #257 + Fix missing keySize set when loading V1 RSA keys, #258 + Enhancement to present KeyPair.getKeyTypeString() method, #259 * Changes of 0.2.5 + Explictly free resources in Compression implementations, #241 + Fix integration test failures on Apple Silicon by skipping OpenSSH 7.4 tests, #227 + generate osgi bundle manifest data for jar #248, #249 * Changes of 0.2.4 + Improved excepton handling by @norrisjeremy in #200 * Changes of 0.2.3 + #188 fix private key length checks for ssh-ed25519 and ssh-ed448, #189 * Changes of 0.2.2 + setup jdk for code-ql analysis, #151 + misc improvements, #152 + Fixing Issue #131, #134 + Update link to bcrypt, #157 * Changes of 0.2.1 + Allow to set a Logger per JSch-instance rather than a VM-wide one, #128 + Preliminary changes prior to Javadoc work, #126 + remove check to allow setting any filename encoding with any server version #137, #142 * Changes of 0.2.0 + Disable RSA/SHA1 signature algorithm by default #75 + Add basic Logger implementations that can be optionally utilized with JSch.setLogger(): ~ JulLogger, using java.util.logging.Logger ~ JplLogger, using Java 9's JEP 264 ~ Log4j2Logger, using Apache Log4j 2 ~ Slf4jLogger, using SLF4J + Fix client version to be compliant with RFC 4253 section 4.2 by not including minus sign characters #115 + Add java.util.zip based compression implementation #114 ~ This is based upon the CompressionJUZ implementation posted to the JSch-users mailing list in 2012 by the original JSch author ~ The existing JZlib implementation remains the default to maintain strict RFC 4253 section 6.2 compliance ° To use the new implementation globally, execute JSch.setConfig("zlib@openssh.com", "com.jcraft.jsch.juz.Compression") + JSch.setConfig("zlib", "com.jcraft.jsch.juz.Compression") ° To use the new implementation per session, execute session.setConfig("zlib@openssh.com", "com.jcraft.jsch.juz.Compression") + session.setConfig("zlib", "com.jcraft.jsch.juz.Compression") * Changes of 0.1.72 + Switch chacha20-poly1305@openssh.com algorithm to a pure Bouncy Castle based implementation + implement openssh config behavior to handle append, prepend and removal of algorithms #104 * Changes of 0.1.71 + Address #98 by restoring JSch.VERSION * Changes of 0.1.70 + Address #89 by fixing rare ECDSA signature validation issue + Address #93 by always setting the "want reply" flag for "env" type channel requests to false * Changes of 0.1.69 + Address #83 by sending CR LF at the end of the identification string + Fix earlier change for #76 that failed to correctly make the "Host" keyword case-insensitive + Fix PageantConnector struct class visibility #86 * Changes of 0.1.68 + Added support for the rijndael-cbc@lysator.liu.se algorithm + Added support for the hmac-ripemd160, hmac-ripemd160@openssh.com and hmac-ripemd160-etm@openssh.com algorithms using Bouncy Castle + Added support for various algorithms from RFC 4253 and RFC 4344 using Bouncy Castle ~ cast128-cbc ~ cast128-ctr ~ twofish-cbc ~ twofish128-cbc ~ twofish128-ctr ~ twofish192-cbc ~ twofish192-ctr ~ twofish256-cbc ~ twofish256-ctr + Added support for the seed-cbc@ssh.com algorithm using Bouncy Castle * Changes of 0.1.67 + Added support for the blowfish-ctr algorithm from RFC 4344 + Fix bug where ext-info-c was incorrectly advertised during rekeying ~ According to RFC 8308 section 2.1, ext-info-c should only advertised during the first key exchange + Address #77 by attempting to add compatibility with older Bouncy Castle releases * Changes of 0.1.66 + Added support for RFC 8308 extension negotiation and server-sig-algs extension ~ This support is enabled by default, but can be controlled via the enable_server_sig_algs config option (or jsch.enable_server_sig_algs system property) ~ When enabled and a server-sig-algs message is received from the server, the algorithms included by the server and also present in the PubkeyAcceptedKeyTypes config option will be attempted first when using publickey authentication ~ Additionally if the server is detected as OpenSSH version 7.4, the rsa-sha2-256 and rsa-sha2-512 algorithms will be added to the received server-sig-algs as a workaround for OpenSSH bug 2680 + Added support for various algorithms supported by Tectia (ssh.com): ~ diffie-hellman-group14-sha224@ssh.com ~ diffie-hellman-group14-sha256@ssh.com ~ diffie-hellman-group15-sha256@ssh.com ~ diffie-hellman-group15-sha384@ssh.com ~ diffie-hellman-group16-sha384@ssh.com ~ diffie-hellman-group16-sha512@ssh.com ~ diffie-hellman-group18-sha512@ssh.com ~ diffie-hellman-group-exchange-sha224@ssh.com ~ diffie-hellman-group-exchange-sha384@ssh.com ~ diffie-hellman-group-exchange-sha512@ssh.com ~ hmac-sha224@ssh.com ~ hmac-sha256@ssh.com ~ hmac-sha256-2@ssh.com ~ hmac-sha384@ssh.com ~ hmac-sha512@ssh.com ~ ssh-rsa-sha224@ssh.com ~ ssh-rsa-sha256@ssh.com ~ ssh-rsa-sha384@ssh.com ~ ssh-rsa-sha512@ssh.com + Added support for SHA224 to FingerprintHash + Fixing #52 + Deprecate void setFilenameEncoding(String encoding) in favor of void setFilenameEncoding(Charset encoding) in ChannelSftp + Added support for rsa-sha2-256 and rsa-rsa2-512 algorithms to ChannelAgentForwarding + Address #65 by adding ssh-agent support derived from jsch-agent-proxy ~ See examples/JSchWithAgentProxy.java for simple example ~ ssh-agent support requires either Java 16's JEP 380 or the addition of junixsocket to classpath ~ Pageant support is untested and requires the addition of JNA to classpath + Added support for the following algorithms with older Java releases by using Bouncy Castle: ~ ssh-ed25519 ~ ssh-ed448 ~ curve25519-sha256 ~ curve25519-sha256@libssh.org ~ curve448-sha512 ~ chacha20-poly1305@openssh.com * Changes of 0.1.65 + Added system properties to allow manipulation of various crypto algorithms used by default + Integrated JZlib, allowing use of zlib@openssh.com and zlib compressions without the need to provide the JZlib jar-file + Modularized the jar-file for use with Java 9 or newer + Added runtime controls for the min/max/preferred sizes used for diffie-hellman-group-exchange-sha256 and diffie-hellman-group-exchange-sha1 + Renamed PubkeyAcceptedKeyTypes config to PubkeyAcceptedAlgorithms to match recent changes in OpenSSH (PubkeyAcceptedKeyTypes is still accepted for backward compatibility) + Reduced number of algorithms that are runtime checked by default via CheckCiphers, CheckMacs, CheckKExes and CheckSignatures to improve runtime performance * Changes of 0.1.64 + #55 bug fix * Changes of 0.1.63 + fix for #42 * Changes 0.1.62 + #13 reject HostKey with some servers + #20 Include TestBCrypt.java unit test + #21 Misc cleanup + #27 Update Testcontainers to newest version to fix test failures + #34 NPE with openssh v1 format * Changes 0.1.61 + Add support for chacha20-poly1305@openssh.com, ssh-ed25519, ssh-ed448, curve448-sha512, diffie-hellman-group15-sha512 and diffie-hellman-group17-sha512. This makes use of the new EdDSA feature added in Java 15's JEP 339. #17 + added integration test for public key authentication #19 * Changes of 0.1.60 + support for openssh-v1-private-key format + Fix bug with AEAD ciphers when compression is used. #15 * Changes of 0.1.59 + fixing issue #6 (originally from https://sourceforge.net/p/jsch/mailman/message/36872566/) * Changes of 0.1.58 + adds support for more algorithms, see #4 * Changes of 0.1.57 + support for rsa-sha2-256 and rsa-sha2-512. #1 * Changes of 0.1.56 + support for direct-streamlocal@openssh.com (see SocketForwardingL.java) - Removed patches: * jsch-0.1.54-sourcetarget.patch * jsch-osgi-manifest.patch + both problems are handled differently in the new version - Added patches: * jsch-junixsocket.patch + disable building with dependency that we don't have * jsch-log4j.patch + disable building with log4j support in order to avoid a huge build cycle * Sat Mar 19 2022 fstrba@suse.com - Modified patch: * jsch-0.1.54-sourcetarget.patch + build with source/target levels 8 * Tue Apr 07 2020 fstrba@suse.com - Version 0.1.55 * Tue Apr 07 2020 fstrba@suse.com - Added patch: * jsch-osgi-manifest.patch + create the osgi manifest during the ant build + replaces the MANIFEST.MF file - Miscellaneous clean-up * Fri Sep 20 2019 fstrba@suse.com - Remove reference to the parent from pom file, since we are not building with maven * Fri Sep 08 2017 fstrba@suse.com - Added patch: * jsch-0.1.54-sourcetarget.patch - Specify java source and target levels to 1.6, in order to allow building with jdk9 * Fri Jun 09 2017 tchvatal@suse.com - Build with full java, does not compile with gcj * Fri May 19 2017 dziolkowski@suse.com - New build dependency: javapackages-local * Sun Feb 12 2017 guoyunhebrave@gmail.com - Version 0.1.54 * Wed Mar 18 2015 tchvatal@suse.com - Fix build with new javapackages-tools
/usr/share/jsch /usr/share/jsch/AES.java /usr/share/jsch/ChangePassphrase.java /usr/share/jsch/Compression.java /usr/share/jsch/Daemon.java /usr/share/jsch/Exec.java /usr/share/jsch/JSchWithAgentProxy.java /usr/share/jsch/JumpHosts.java /usr/share/jsch/KeyGen.java /usr/share/jsch/KnownHosts.java /usr/share/jsch/Logger.java /usr/share/jsch/OpenSSHConfig.java /usr/share/jsch/PortForwardingL.java /usr/share/jsch/PortForwardingR.java /usr/share/jsch/README /usr/share/jsch/ScpFrom.java /usr/share/jsch/ScpTo.java /usr/share/jsch/ScpToNoneCipher.java /usr/share/jsch/Sftp.java /usr/share/jsch/Shell.java /usr/share/jsch/SocketForwardingL.java /usr/share/jsch/StreamForwarding.java /usr/share/jsch/Subsystem.java /usr/share/jsch/Sudo.java /usr/share/jsch/UserAuthKI.java /usr/share/jsch/UserAuthPubKey.java /usr/share/jsch/ViaHTTP.java /usr/share/jsch/ViaSOCKS5.java /usr/share/jsch/X11Forwarding.java
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 19:58:50 2024