Includes all the features and bug fixes of version 2.16.0 and up to commit 084e69b818.
- GH-622 Handle quoted values in
HostConfigEntry.
- The
AbstractSessionhas been completely refactored. Most of its code has been moved out of this class into separate filters in a filter chain. For details, see the technical documentation. - Handling of global requests has been moved from
AbstractSessionto theConnectionService. - KEX temporarily closes
RemoteWindows, preventing data to be written in that way until KEX is over. Version 2 blocked threads in a different, more convoluted, and fragile way. - Deprecated API has been removed.
- System property "org.apache.sshd.registerBouncyCastle" is gone; use "org.apache.sshd.security.provider.BC.enabled" instead.
- System property "org.apache.sshd.eddsaSupport" is gone; use "org.apache.sshd.security.provider.EdDSA.enabled" instead. (This property applies only to the
net.i2ped25519 provider.)
- Method
KeyUtils.cloneKeyPair()has been removed. It was never used inside Apache MINA sshd. If you need to duplicate an existingKeyPair, useKey.getEncoded()on the keys and then re-create a duplicate key using anX509EncodedKeySpecfor the public key or aPKCS8EncodedKeySpecfor the private key. HostConfigEntryhas been changed to be more compliant with OpenSSH, and handles quoted values now. It also has a new methodgetValues(key)to get all the values of a key that can have multiple values, either because it may have multiple space-separated values (such asUserKnownHostsFile) or because it appears several times and does not follow the "first match wins" rule (such asIdentityFileorCertificateFile). Note that some keys have values that are comma-separated lists of items; such lists are a single value and must be split by user code (as in version 2).- Integration tests using docker containers have been moved out of bundle
sshd-coreinto a new bundlesshd-test, and are run now also with the MINA and the netty transports. - All docker tests have been changed to be skipped if no docker engine is running. If a docker engine is running, they will newly also be run on Windows. (Previously, they were disabled unconditionally on Windows because the Windows runners in CI don't have docker support.)
- This was back-ported to version 2.17.0-SNAPSHOT on the master branch.
- Random padding on SSH packets as suggested by RFC 4253, section 6.
- New event callback
SessionListener.sessionStarting(). See the filter documentation.SessionListener.sessionEstablished()was removed; it was called from the constructor ofAbstractSessionat a time when the object was not yet fully initialized. - GH-728 New method
ClientSession.getHostConfigEntry()to get theHostConfigEntryfor the session. - GH-729 Support for client-side SOCKS5 or HTTP CONNECT proxies. See the documentation.
- The OpenSSH "hostkeys-00@openssh.com" host key rotation extension is now implemented client-side. New host keys so received are registered on the session but we don't update the
known_hostsfile. If you want that, implement your ownNewHostKeysHandlerand set it on theSshClient.