The SshService is used for data exchange via SSH. The service behaves like an SSH server that allows sending or receiving files via SFTP and SCP.

XML configuration

Important note: The availability of a service depends on the license purchased and whether the service has been registered in the configuration file ./etc/factory.xml of the Service Factory (changes require server restart!). There you will also find the responsible configuration file for a service, otherwise you can also edit the configuration file of the service directly in the GUI of the service (changes require a service restart!).

The following XML fragment sets the services to be used.

<Set name="authenticationServiceName">AuthenticationService</Set>
<Set name="communicationLogServiceName">CommunicationLogService</Set>
<Set name="messageServiceName">MessageService</Set>
<Set name="logServiceName">LogService</Set>

The values to be specified should be self-explanatory. They only need to be changed if services other than the standard ones are to be used.

The following XML fragment determines the log behaviour.

<Set name="transferLogManager">SSHLog</Set>
<Set name="appendTransferLog" type="boolean">true</Set>
<Set name="transferLogDirectoryName">SSHLog</Set>

The parameters have the following meaning.

Parameter	Description
transferLogManager	This parameter sets a LogManager to which log messages are sent. If this manager does not exist, it will be generated. By default, i.e. without specification in the XML file, a FileLogManager with the name SSHLog is generated.
appendTransferLog	With this parameter you can set, if at the start of the service the set LogManager should create a new file or attach it to an existing file.
transferLogDirectoryName	Specifies in which directory the LogManager should save the log messages.

Setting Message queue and Message context

The following XML fragment sets the values to be used for message queue and message context.

<Call name="setConsumerQueue">
	<Arg>System</Arg>
	<Arg>SSH</Arg>
</Call>

The first argument is the context, the second is the queue.

With these settings, SSH events, such as file reception or file pickup, are passed to the MessageService.

Adding list addresses

The following XML fragment adds a list address.

<Call name="addListenAddress">
	<Arg>127.0.0.0</Arg>
	<Arg type="int">21</Arg>
</Call>

Setting whitelist and blacklist

You can set a whitelist for the SshService (IP addresses of the clients that are allowed to establish a connection via SSH) and a blacklist (IP addresses of the clients that are not allowed to establish a connection via SSH). The following XML fragment sets a whitelist.

<Call name="setWhiteAccessList">
	<Arg>
		<New class="com.ebd.util.net.IpAccessList">
			<Call name="addIpAddress">
				<Arg>IP_address</Arg>
			</Call>
			<Call name="addAddressRange">
				<Arg>IP_address</Arg>
				<Arg>netmask</Arg>
			</Call>
		</New>
	</Arg>
</Call>

With "addIpAddress", a specific IP address can be added,. With "addAddressRange" (via IP and associated netmask) you can add an address range. The setting of a blacklist is analogous, with the call "setBlackAccessList".

Setting "ConnectionManager"

The following XML fragment sets the ConnectionManager.

<Set name="sSHConnectionManager">
	<New class="com.ebd.hub.services.ssh.maverick.ConnectionManager">
		<Set name="sshRoot">./ssh/</Set>
		<Set name="hostKeyFilenameRSA">./etc/ssh_host_rsa_key</Set>
		<Set name="hostKeyFilenameDSA">./etc/ssh_host_rsa_key</Set>
		<Set name="logDebugMessage" type="boolean">true</Set>
		<Set name="notifyReceivedEmptyFiles">false</Set>
		<Set name="maximumUserConnections">5</Set>
    </New>
</Set>

The parameter "sshRoot" specifies the default user directory for the SSH server.

The parameters "hostKeyFilenameRSA" and "hostKeyFilenameDSA" specify the files from which the keys to be used for the encrypted communication are to be read. If these files do not exist, new files with new keys are automatically generated.

The log behaviour of the actual SSH connection can be controlled with parameter "logDebugMessage".

"maximumUserConnections" globally defines the maximum number of parallel connections of a user, where "0" stands for unlimited.

Accepting empty files

For the service to accept empty files (0 bytes), the option "notifyReceivedEmptyFiles" must be set to "true".

General settings

images/download/attachments/189437495/Services_48_EN-version-2-modificationdate-1731488719733-api-v2.png

(1) Here you can set the services required for the operation of the SshService.

(2) Change of log behaviour.

(3) Here you can select the LogManager and the associated directory.

(4) The context and queue to which the SshService forwards SSH events.

Main interface settings

images/download/attachments/189437495/Services_49_EN-version-2-modificationdate-1731488735674-api-v2.png

(1) Here you can add or remove listening addresses.

(2) Here you can edit the whitelist.

(3) Here you can edit the blacklist.

"ConnectionManager" settings

images/download/attachments/189437495/Services_50_EN-version-2-modificationdate-1731488751162-api-v2.png

(1) Here the base directory of the ConnectionManager can be changed.

(2) The logging of debug messages for the ConnectionManger can be set here.

(3) The files to store the keys. If the files do not exist, new files with associated keys are created.

Sessions

images/download/attachments/189437495/2197-version-1-modificationdate-1731487171405-api-v2.png

Existing SSH sessions can be closed here.