2 * Copyright (c) 2016 Inocybe Technologies and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netconf.northbound;
10 import java.io.IOException;
11 import java.util.List;
12 import java.util.concurrent.ExecutionException;
13 import org.opendaylight.netconf.api.TransportConstants;
14 import org.opendaylight.netconf.auth.AuthProvider;
15 import org.opendaylight.netconf.server.ServerChannelInitializer;
16 import org.opendaylight.netconf.server.ServerTransportInitializer;
17 import org.opendaylight.netconf.shaded.sshd.server.auth.password.UserAuthPasswordFactory;
18 import org.opendaylight.netconf.shaded.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
19 import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
20 import org.opendaylight.netconf.transport.ssh.SSHServer;
21 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
22 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
23 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.server.rev230417.netconf.server.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
24 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev230417.TcpServerGrouping;
25 import org.opendaylight.yangtools.yang.common.Uint16;
26 import org.osgi.service.component.annotations.Activate;
27 import org.osgi.service.component.annotations.Component;
28 import org.osgi.service.component.annotations.Deactivate;
29 import org.osgi.service.component.annotations.Reference;
30 import org.osgi.service.metatype.annotations.AttributeDefinition;
31 import org.osgi.service.metatype.annotations.Designate;
32 import org.osgi.service.metatype.annotations.ObjectClassDefinition;
33 import org.slf4j.Logger;
34 import org.slf4j.LoggerFactory;
37 * NETCONF server for MD-SAL (listening by default on port 2830).
39 @Component(service = { }, configurationPid = "org.opendaylight.netconf.ssh")
40 @Designate(ocd = SshServerTransport.Configuration.class)
41 public final class SshServerTransport implements AutoCloseable {
42 @ObjectClassDefinition
43 public @interface Configuration {
45 String bindingAddress() default "0.0.0.0";
46 // NOTE: default is not TransportConstants.SSH_TCP_PORT to allow unprivileged execution
47 @AttributeDefinition(min = "1", max = "65535")
48 int portNumber() default 2830;
51 private static final Logger LOG = LoggerFactory.getLogger(SshServerTransport.class);
53 private final SSHServer sshServer;
56 public SshServerTransport(@Reference final TransportFactoryHolder factoryHolder,
57 @Reference final OSGiNetconfServer backend,
58 @Reference(target = "(type=netconf-auth-provider)") final AuthProvider authProvider,
59 final Configuration configuration) {
60 this(factoryHolder, backend.serverChannelInitializer(), authProvider, new TcpServerParametersBuilder()
61 .setLocalAddress(IetfInetUtil.ipAddressFor(configuration.bindingAddress()))
62 .setLocalPort(new PortNumber(Uint16.valueOf(configuration.portNumber())))
66 public SshServerTransport(final TransportFactoryHolder factoryHolder, final ServerChannelInitializer initializer,
67 final AuthProvider authProvider, final TcpServerGrouping listenParams) {
68 final var localAddr = listenParams.requireLocalAddress().stringValue();
69 final var localPort = listenParams.requireLocalPort().getValue();
72 sshServer = factoryHolder.factory().listenServer(TransportConstants.SSH_SUBSYSTEM,
73 new ServerTransportInitializer(initializer), listenParams, null, factoryMgr -> {
74 factoryMgr.setUserAuthFactories(List.of(UserAuthPasswordFactory.INSTANCE));
75 factoryMgr.setPasswordAuthenticator(
76 (username, password, session) -> authProvider.authenticated(username, password));
77 factoryMgr.setKeyPairProvider(new SimpleGeneratorHostKeyProvider());
80 } catch (UnsupportedConfigurationException | ExecutionException | InterruptedException e) {
81 LOG.warn("Could not start SSH NETCONF server at {}:{}", localAddr, localPort, e);
82 throw new IllegalStateException("Unable to start SSH netconf server", e);
85 LOG.info("SSH NETCONF server at {}:{} started", localAddr, localPort);
90 public void close() throws IOException {
92 sshServer.shutdown().get();
93 } catch (ExecutionException | InterruptedException e) {
94 LOG.warn("Could not stop SSH NETCONF server {}", sshServer, e);