J2SSH Maverick
Release Notes
Updated 13th November 2006

Contents

Release Notes

J2SSH Maverick is an SSH API for the Java programming language and comes from the same team that brought you the original open source J2SSH API. A complete redesign has resulted in a single threaded, leaner API, with support for both SSH1 and SSH2 protocols. This library provides dramatic performance improvements to any Maverick-based SSH application compared to the original J2SSH.

Whats New?

The current release provides the following features:

  • Cross platform, 100% Javatm based API
  • Support for both SSH protocols, SSH1 and SSH2
  • No external dependencies, no JCE required!
  • Small JAR sizes (148k minimum to support both protocols, 325k for complete feature set)
  • Compatible with JDK1.1+ and J2ME (Java 2 Platform, Micro Edition)
  • Password, Public key, Hostbased, and Keyboard Interactive authentication
  • 3DES, DES & Blowfish ciphers
  • Optional Twofish, AES & CAST ciphers
  • Stateful decryption counter (SDCTR) mode cipher for AES
  • SHA1, MD5 Message Authentication Codes (MACS)
  • SFTP, SCP File Transfer protocols
  • RSA, DSA public/private key file generation, in SSHTools, OpenSSH and SSH1 formats
  • Supports reading of PuTTY and SSH.com public/private keys
  • Port forwarding
  • Public key subsystem
  • X Forwarding
  • ZLIB compression
  • SSH2 custom channels
  • HTTP, SOCKS 4 and SOCKS 5 proxy support
  • diffie-hellman-group-exchange-sha1 Key Exchange
  • Optional use of JCE
  • Event based model for receiving data
  • Text mode support for SFTP operations
  • Shell class provides capture of individual command output from the users shell.
  • ShellEnvironment class provides information about the remote operating system and shell environment.
  • ShellProcess provides expect type functionality for enhanced shell automation.
  • **NEW** SSH1 Challenge Response authentication.
  • **NEW** diffie-hellman-group-exchange-sha1 Key Exchange.

System Requirements

The J2SSH Maverick API requires that a compatible Java Development Kit (JDK) is installed prior to starting development. You can download the latest version of the JDK, J2SE 1.4.2 from Sun Microsystems. Maverick also supports most previous versions of the JDK which can also be downloaded from Sun Microsystems download area.

Known Issues

This list covers some of the known problems with J2SSH Maverick. Please read this before reporting any new bugs, for an up-to-date listing of known issues visit the 3SP knowledge base http://3sp.com/kb.
 
      °    Compiling from source for J2ME with a JDK before 1.4.1 causes failure of the pre-verification process.

The J2ME version should always be built using a JDK compatible with your J2ME WTK.  Whilst the code compiles under previous versions of the API,, the pre-verificiation process that is required to build jar files for the J2ME platform will fail if the compiler is not compatible.
 
     °     IllegalMonitorStateException is thrown when using JDK1.1, JDK1.2 and the JIT compiler. 
     
To workaround this problem, diable the JIT using the -nojit switch on the JDK1.1 command line, this option is not provided for JDK1.2 and requires that the  JAVA_HOME/jre/bin/smycjit.dll file is removed, or renamed. The compiler will then fall back to intepreting mode.

      °    OpenSSH Private keys encrypted using SshKeyPairGenerator fail to be recognised by OpenSSH ssh-keygen utility.

We are working on this problem, the API can read keys generated by ssh-keygen utility and can read files generated by SshKeyPairGenerator. The problem occurs only when keys generated within the API are used from the OpenSSH command line clients.

      °    SSH connections within J2ME seem to hang.

This is a result of expensive cryptographic routines and low VM speeds on J2ME devices. We have traced the problem to a specific set of classes and are currently working to improve their efficiency. The problem is less severe with SSH1 connections since fewer cryptographic functions are required.

      °    Compression of some files causes server to abruptley terminate the connection

When using the SftpConnect.java example with compression, the server may abruptley terminal the connection. The example generates a random file and uploads to an SFTP server, however since the file contains random bytes it is not suitable for compression and is therefore causing the maximum packet size to be exceeded with additional compression headers added to the data. This should not happen in normal operation as most files do have some traits that are suitable for compression.

      °    Exceptions occur when trying to open multple session channels

Some old SSH servers, most notably the version shipped with Solaris 9 do not operate as excepted when opening multiple session channels over the SSH2 protocol. Although the SSH2 protocol supports concurrent multple sessions, when connecing to these 'broken' servers the first session will be opened correctly but after the first session has been closed the server silently disconnects the connection. The next call to open a session, or perform any form of socket operation will result in an exception. In order to workaround this server problem we advise that you open the first session channel and initialize it by starting the users shell, leaving it open for the duration of the connection. This enables multiple sessions to operate in the correct manner since the first session never gets closed allowing the server to operate as expected.

   °    When using Maverick with an iPlanet Web Server I get connection errors with the message "current thread not owner"
This is related to a problem with the 1.2.2 Java Runtime and can easily be resolved by disabling the JIT compiler in the Web Servers JVM settings.

Frequently Asked Questions

      °    Where do I start?

Take a look at the API specifications, most notably the SshConnector class as this provides the entry point for making SSH connections. There are also a number of examples provided in the examples subdirectory of the distribution file.

To execute an example client:

  1. Execute the ant script “build.xml” this will create a jar called examples.jar
  2. Alternatively run “javacclasspath ..\dist\java\maverick-all.jar *.java” from the examples folder to compile the classes and then “jar –cvf examples.jar *.class” to build the jar file
  3. Run one of the jarred examples as the following Windows command line example printout shows (your inputs are bolded, and values specific to your situation are italicized):

C:\maverick\examples>java -classpath ..\dist\java\maverick-all.jar;examples.jar PasswordConnect

Hostname: your-ssh-host-dn

Username [Enter for curr-windows-user]: root

Connecting to your-ssh-host-dn

The host your-ssh-host-dn is currently unknown to the system

The host key (ssh-dss) fingerprint is: 6a:b7:66:c1:98:85:f1:26:51:5e:bd:e1:62:a9:8d:a1:df:8d:b2:e2

Do you want to allow this host key? [Yes|No|Always]: yes

your-ssh-host-dn is an SSH2 server

Password: xxxxxxxx

Last login: Sat Apr 16 16:44:33 2005 from your-windows-workstation

[root@local root]#

At this point, your ssh session is in progress and you can enter any unix/linux commands you want


      °    Is J2SSH Maverick available on an open source license?

No. J2SSH Maverick is proprietary software. We still provide the original open source version of J2SSH through our website however due to time constraints we no longer support the open source API. We recommend that commercial users use Maverick as the license fee is great value and provides a year's worth of upgrades and unlimited support.

      °    What version of SSH does J2SSH Maverick Support?

Maverick supports both versions of the SSH protocol, SSH1 and SSH2.

      °    What version of SFTP does J2SSH Maverick Support?

Maverick currently supports up to version 3 of the SFTP protocol. We will be releasing updates in the near future that will provide support for versions 4 and 5.

      °    The available() method on the Maverick InputStreams always return zero before I attempt to block, why?

The Maverick API is single threaded, which means there are no background threads to load data into local buffers. When a thread calls the read method it actually blocks on the underlying transport mechanism (usually a Socket) and processes data until it finds some data of its own. Because channels are multiplexed into a single connection, data for multiple channels could be arriving at the same time so using the transports available method is not appropraite. The only way to determine if data is available is to actually block so our available method simply returns the number of bytes available in the local buffer.

You can get around this limitation by using the com.sshtools.util.BufferedSession class. This class implements the com.maverick.ssh.SshSession interface so can be used in place of an ordinary session. It spawns a couple of threads to load all the channels data into local buffers so that the available method will return the correct number of bytes available at any time.

      °    Is Maverick thread-safe?

Yes, each session or connection can be used from multiple threads.


Copyright © 2003-2004, 3SP Ltd.
The Manse, 2 Third Avenue, Nottingham, NG7 6JH.
All rights reserved.

The Java 2 SDK, Standard Edition, is a product of Sun MicrosystemsTM, Inc.