如果大家熟悉Linux的话,一定对ssh,sftp,scp等命令非常熟悉,ssh是一个安全协议,用来在不同系统或者服务器之间进行安全连接,SSH 在连接和传送的过程中会加密所有的数据。
但是SSH一般是基于客户端的或者Linux命令行的,比如客户端的工具:OpenSSH,putty,SSH Tectia;
在linux上大家可以通过ssh username@host连接到所要想连接的主机。
但是如果在J2EE中,如何实现SSH呢?进而可以实现SCP,SFTP的功能呢?下面介绍的JSCH就可以实现下边的功能。
JSCH是一个纯粹的用java实现SSH功能的java library;
Example: http://www.jcraft.com/jsch/examples/
maven依赖
<dependency>
<groupId>com.jcraft</groupId>
<artifactId>jsch</artifactId>
<version>0.1.44</version>
</dependency>
关键类介绍
- JSch: 作为中心配置点,以及Session的工厂;
This class serves as a central configuration point, and as a factory for Session objects configured with these settings.
- Use getSession to start a new Session.
- Use one of the addIdentity methods for public-key authentication.
- Use setKnownHosts to enable checking of host keys.
- See setConfig for a list of configuration options.
- Session:表示到远程SSH服务器的一个连接,可以包含多个Channels;
A Session represents a connection to a SSH server.One session can contain multiple Channels of various types
A session is opened with connect() and closed with disconnect().
- Channel : 与Session相关联的通道,有多种不同类型;
The abstract base class for the different types of channel which may be associated with a Session.
- shell - ChannelShell :A channel connected to a remote shell (本次使用的Channel)
- exec - ChannelExec :A channel connected to a remotely executing program
- direct-tcpip - ChannelDirectTCPIP: A Channel which allows forwarding a pair of local streams to/from a TCP-connection to a server on the remote side
- sftp - ChannelSftp :A Channel connected to an sftp server (as a subsystem of the ssh server).
- subsystem - ChannelSubsystem :A channel connected to a subsystem of the server process
使用步骤
使用Jsch进行SSH连接的具体步骤如下:
- 步骤1: 使用Jsch获取Session: jsch.getSession()
- 步骤2: 设置Session的password和属性等: setPassword()/setConfig();
- 步骤3: 设置SocketFactory(可以不进行设置,使用默认的TCP socket);
- 步骤4: 打开Session连接:connect();
- 步骤5: 打开并连接Channel:openChannel()/connect();
- 步骤6: 获取Channel的inputStream和outputStream,执行指定cmd或其他;
- getInputStream(): All data arriving in SSH_MSG_CHANNEL_DATA messages from the remote side can be read from this stream
- getOutputStream(): All data written to this stream will be sent in SSH_MSG_CHANNEL_DATA messages to the remote side.
- 步骤7: 关闭各种资源:输入输出流/Session/Channel等;
创建Session,并打开Session连接
步骤1~步骤4:程序如下
使用SSH协议,连接到Linux,执行指定命令,并获取结果
步骤5~步骤6:程序如下
执行Shell命令,并获取执行结果
测试程序
完整程序
JSCHUtil.java
package com.sssppp.Communication;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.util.Properties;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Session;
import com.jcraft.jsch.SocketFactory;
/**
* 相关链接: JSCH api:http://epaul.github.io/jsch-documentation/javadoc/ Example:
* http://www.jcraft.com/jsch/examples/
*
* @author xxxx
*
*/
public class JSCHUtil {
private static JSch jsch = new JSch();
/**
* 创建Session,并打开Session连接
*
* @param dstIp
* @param dstPort
* @param localIp
* @param localPort
* @param userName
* @param password
* @param timeOut
* @return
* @throws JSchException
*/
public static Session createSession(String dstIp, int dstPort,
final String localIp, final int localPort, String userName,
String password, final int timeOut) throws JSchException {
//jsch.setKnownHosts("/home/foo/.ssh/known_hosts");
// A Session represents a connection to a SSH server
Session session = jsch.getSession(userName, dstIp, dstPort);
session.setPassword(password);
Properties sshConfig = new Properties();
sshConfig.put("StrictHostKeyChecking", "no");//To skip host-key check
session.setConfig(sshConfig);
// this socket factory is used to create a socket to the target host,
// and also create the streams of this socket used by us
session.setSocketFactory(new SocketFactory() {
@Override
public OutputStream getOutputStream(Socket socket)
throws IOException {
return socket.getOutputStream();
}
@Override
public InputStream getInputStream(Socket socket) throws IOException {
return socket.getInputStream();
}
@Override
public Socket createSocket(String host, int port)
throws IOException, UnknownHostException {
Socket socket = new Socket();
if (localIp != null) {
socket.bind(new InetSocketAddress(InetAddress
.getByName(localIp), localPort));
}
socket.connect(
new InetSocketAddress(InetAddress.getByName(host), port),
timeOut);
return socket;
}
});
session.connect(timeOut);
return session;
}
}
SSHCommUtil.java
package com.sssppp.Communication;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import com.jcraft.jsch.Channel;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Session;
public class SSHCommUtil {
/**
* 测试程序
* @param args
*/
public static void main(String[] args) {
String ip = "10.180.137.241";
int port = 22;
String localIp = null;
int localPort = 0;
int timeOut = 3000;
String userName = "xxx";
String password = "xxx";
String[] cmds = new String[] { "ifconfig | grep eth0\n",
"cat /etc/redhat-release\n" };
String[] result = null;
try {
result = execShellCmdBySSH(ip, port, localIp, localPort, timeOut,
userName, password, cmds);
} catch (Exception e) {
e.printStackTrace();
}
if (result != null) {
for (String string : result) {
System.out.println(string);
System.out.println("-------------------");
}
}
}
/**
* 使用SSH协议,连接到Linux Shell,执行脚本命令,并获取结果
*
* @param dstIp
* @param dstport
* default :22
* @param localIp
* @param localPort
* @param timeOut
* @param userName
* @param password
* @param cmds
* @return
* @throws Exception
*/
public static String[] execShellCmdBySSH(String dstIp, int dstport,
String localIp, int localPort, int timeOut, String userName,
String password, String... cmds) throws Exception {
Session session = null;
Channel channel = null;
InputStream is = null;
OutputStream os = null;
try {
session = JSCHUtil.createSession(dstIp, dstport, localIp,
localPort, userName, password, timeOut);
channel = session.openChannel("shell");
// Enable agent-forwarding.
// ((ChannelShell)channel).setAgentForwarding(true);
// Choose the pty-type "vt102".
// ((ChannelShell)channel).setPtyType("vt102");
// Set environment variable "LANG" as "ja_JP.eucJP".
// ((ChannelShell)channel).setEnv("LANG", "ja_JP.eucJP");
channel.connect();
is = channel.getInputStream();
os = channel.getOutputStream();
String[] result = new String[cmds.length];
for (int i = 0; i < cmds.length; i++) {
result[i] = sendCommand(is, os, cmds[i]);
}
return result;
} catch (JSchException e) {
if (e.getMessage().contains("Auth fail")) {
throw new Exception("Auth error");
} else {
throw new Exception("Connect error");
}
} catch (Exception e) {
throw e;
} finally {
try {
is.close();
} catch (IOException e) {
}
try {
os.close();
} catch (IOException e) {
}
channel.disconnect();
session.disconnect();
}
}
/**
* 执行Shell命令,并获取执行结果
*
* @param is
* @param os
* @param cmd
* @return
* @throws IOException
*/
private static String sendCommand(InputStream is, OutputStream os,
String cmd) throws IOException {
os.write(cmd.getBytes());
os.flush();
StringBuffer sb = new StringBuffer();
int beat = 0;
while (true) {
if (beat > 3) {
break;
}
if (is.available() > 0) {
byte[] b = new byte[is.available()];
is.read(b);
sb.append(new String(b));
beat = 0;
} else {
if (sb.length() > 0) {
beat++;
}
try {
Thread.sleep(sb.toString().trim().length() == 0 ? 1000
: 300);
} catch (InterruptedException e) {
}
}
}
return sb.toString();
}
}