Java JSch SSH

JSch多层跳板机执行远程命令

Posted by youthred on August 8, 2023

仿照 JSch官网JumpHosts示例代码 编写工具类

JSchJumpHosts

POM dependencies

  • 需要注意的是,至本片文章编写之日,JSch 版本 0.1.53 及以下都已发现 漏洞 。最新 0.1.55 无漏洞。
1
2
3
4
5
6
7
8
9
10
11
12
13

<dependency>
    <groupId>org.apache.commons</groupId>
    <artifactId>commons-collections4</artifactId>
</dependency>
<dependency>
    <groupId>cn.hutool</groupId>
    <artifactId>hutool-all</artifactId>
</dependency>
<dependency>
    <groupId>com.jcraft</groupId>
    <artifactId>jsch</artifactId>
    <version>0.1.55</version>
</dependency>

工具代码

  • SshForward.java SSH映射
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

package jumphosts;

import cn.hutool.extra.ssh.JschUtil;
import com.jcraft.jsch.Session;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;

import java.nio.charset.StandardCharsets;
import java.util.List;

/**
 * SSH映射
 *
 * @author https://github.com/youthred
 */
public class SshForward implements AutoCloseable {

    private Session[] sessions;

    private SshForward() {
    }

    public SshForward(Session[] sessions) {
        this.sessions = sessions;
    }

    public SshForward(List<SshHost> hosts) {
        this.sessions = SshUtil.getSessions(hosts);
    }

    /**
     * 获取跳板机Session数组
     * <p>
     * [0]: first session
     * [-1]: target session
     *
     * @return Session[]
     */
    public Session[] getSessions() {
        return sessions;
    }

    /**
     * 获取目标主机Session
     *
     * @return target session
     */
    public Session getTarget() {
        if (ArrayUtils.isNotEmpty(sessions)) {
            return sessions[sessions.length - 1];
        }
        return null;
    }

    /**
     * 在目标主机上执行命令,并返回控制台打印信息
     *
     * @param cmd Linux命令
     * @return 执行打印
     */
    public String exec(String cmd) {
        if (StringUtils.isNotBlank(cmd)) {
            return JschUtil.exec(getTarget(), cmd, StandardCharsets.UTF_8);
        }
        return null;
    }

    /**
     * 在目标主机上执行命令,并返回控制台打印信息
     *
     * @param cmds Linux命令
     * @return 执行打印
     */
    public String[] exec(String... cmds) {
        if (ArrayUtils.isNotEmpty(cmds)) {
            String[] resultPrints = new String[cmds.length];
            for (int i = 0; i < cmds.length; i++) {
                resultPrints[i] = JschUtil.exec(getTarget(), cmds[i], StandardCharsets.UTF_8);
            }
            return resultPrints;
        }
        return null;
    }

    /**
     * 后入先出地依次关闭session连接
     */
    @Override
    public void close() {
        if (ArrayUtils.isNotEmpty(sessions)) {
            for (int i = sessions.length - 1; i >= 0; i--) {
                try {
                    sessions[i].disconnect();
                } catch (Throwable ignored) {
                }
            }
        }
    }
}
  • SshUtil.java 工具
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

package jumphosts;

import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Session;
import org.apache.commons.collections4.CollectionUtils;

import java.util.List;

/**
 * @author https://github.com/youthred
 */
public class SshUtil {

    public static Session[] getSessions(List<SshHost> hosts) {
        if (CollectionUtils.isEmpty(hosts)) {
            return null;
        }
        Session[] sessions = null;
        try {
            JSch jsch = new JSch();
            // jsch.addIdentity("~/.ssh/id_rsa");
            sessions = new Session[hosts.size()];
            Session session = null;
            for (int i = 0; i < hosts.size(); i++) {
                SshHost host = hosts.get(i);
                if (i == 0) {
                    session = jsch.getSession(host.getUsername(), host.getIp(), host.getPort());
                } else {
                    int assignedPort = session.setPortForwardingL(0, host.getIp(), host.getPort());
                    session = jsch.getSession(host.getUsername(), "127.0.0.1", assignedPort);
                }
                session.setPassword(host.getPassword());
                session.setConfig("StrictHostKeyChecking", "no");
                session.connect();
                sessions[i] = session;
            }
        } catch (JSchException e) {
            e.printStackTrace();
        }
        return sessions;
    }
}
  • SshHost.java SSH连接参数
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

package jumphosts;

import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.experimental.Accessors;

/**
 * SSH 连接参数对象
 *
 * @author https://github.com/youthred
 */
@Data
@Accessors(chain = true)
@NoArgsConstructor
@AllArgsConstructor
public class SshHost {

    private String ip;
    private Integer port;
    private String username;
    private String password;

    public SshHost(String ip, String username, String password) {
        this(ip, 22, username, password);
    }
}

使用

1
2
3
4
5
6
7
8

List<SshHost> hosts = new ArrayList<>(3);
hosts.add(new SshHost("1.2.3.4", "u", "p"));
hosts.add(new SshHost("2.3.4.5", "u", "p"));
hosts.add(new SshHost("3.4.5.6", "u", "p"));
try (SshForward forward = new SshForward(hosts)) {
    String[] exec = forward.exec("pwd", "ifconfig");
    Arrays.stream(exec).forEach(System.out::println);
}
CATALOG
    FEATURED TAGS
    demo Java SpringBoot MySQL Springboot CentOS VUE Elasticsearch Git IDEA Apache Github JAR JDK JSch LAMP Linux Logback MybatisPlus Nacos OAuth2 OpenFeign Oracle SSH Shell SpringCloud SpringCloudGateway WebFlux
    FRIENDS