{"id":21387209,"url":"https://github.com/sshtools/dbus-java-transport-ssh","last_synced_at":"2025-04-15T20:14:25.186Z","repository":{"id":84133114,"uuid":"516527932","full_name":"sshtools/dbus-java-transport-ssh","owner":"sshtools","description":"An extension to dbus-java that allows connection to a remote DBus broker over SSH","archived":false,"fork":false,"pushed_at":"2025-03-06T14:11:19.000Z","size":52,"stargazers_count":3,"open_issues_count":1,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-15T20:14:18.820Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-2.1","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sshtools.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-07-21T21:35:32.000Z","updated_at":"2025-03-06T14:11:23.000Z","dependencies_parsed_at":null,"dependency_job_id":"f7f407ed-c122-4163-926b-e3dd29cbea05","html_url":"https://github.com/sshtools/dbus-java-transport-ssh","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sshtools%2Fdbus-java-transport-ssh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sshtools%2Fdbus-java-transport-ssh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sshtools%2Fdbus-java-transport-ssh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sshtools%2Fdbus-java-transport-ssh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sshtools","download_url":"https://codeload.github.com/sshtools/dbus-java-transport-ssh/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249145419,"owners_count":21219966,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-22T12:12:10.683Z","updated_at":"2025-04-15T20:14:25.164Z","avatar_url":"https://github.com/sshtools.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# dbus-java-transport-ssh\n\nAn extension to [DBus Java](https://github.com/hypfvieh/dbus-java) that allows connection to a remote [DBus](https://en.wikipedia.org/wiki/D-Bus) broker over [SSH](https://en.wikipedia.org/wiki/Secure_Shell). It supports both TCP and Unix domain sockets on the remote side. It uses [Maverick Synergy](https://jadaptive.com/en/products/open-source-java-ssh) for unix domain socket support directly. In this case, a real local domain socket file will not need to be created, eliminating another layer and further decreasing latency.\n\nA DBus Java transport works with `SocketChannel`, so we must be able to access a `SocketChannel` from Maverick Synergy that is on the other end of the SSH session connected to a unix domain socket (or TCP socket) served by a DBus broker. This is achieved by extending Synergy's built in unix domain socket support to provide us with such a channel.\n\n\n#### Usage\n\nSimply add the `dbus-java-transport-ssh` module to your POM (or other build descriptor).\n\n```xml\n\u003cdependency\u003e\n    \u003cgroupId\u003ecom.sshtools\u003c/groupId\u003e\n    \u003cartifactId\u003edbus-java-transport-ssh\u003c/artifactId\u003e\n    \u003cversion\u003e0.9.9\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n**For SNAPSHOT version, you will need to add the OSS SNapshots Repository**\n\n```xml\n\u003crepository\u003e\n    \u003cid\u003eoss-snapshots\u003c/id\u003e\n    \u003curl\u003ehttps://oss.sonatype.org/content/repositories/snapshots\u003c/url\u003e\n    \u003csnapshots/\u003e\n    \u003creleases\u003e\n        \u003cenabled\u003efalse\u003c/enabled\u003e\n    \u003c/releases\u003e\n\u003c/repository\u003e\n```\n\nNow choose the appropriate Bus path. \n\n```java\nvar address = \"ssh:path=/path/to/dbus.socket,username=joeb,via=ssh.acme.com,viaPort=22,password=changeit\";\nvar builder = DBusConnectionBuilder.forAddress(address);\n\n// Add further configuration here, see below\n\nvar connection = builder.build();\n```\n\nThe transport supports both TCP and Unix Domain Socket tunnels. The above syntax (with a `path` parameter) initiates  a unix domain socket tunnel.\n\nThe supported parameters are :-\n\n* `via`. The hostname or IP address of the SSH server to connect to.\n* `viaPort`. The port on which the server is listening, if different from the default of 22.\n* `path`. The path to the domain socket on the remote side. If this is provided, a unix domain socket tunnel will be used.\n* `host`. The target host on the remote side where the DBus broker is running. This defaults to `localhost` (i.e. the remote host itself). If this is provided, a TCP socket tunnel will be used.\n*  `port`. The target port of the DBus broker on the remote side. Only relevant if `host` is provided.\n*  `username`. The username to authenticate as on the SSH server.\n*  `password`. The password to use for authentication. **Note, this is not recommended. See the Authentication section below.**\n*  `key`. The path to a private key file to use instead of a password.\n*  `passphrase`. If file pointed to by `key` above is passphrase protected, this parameter should specify the password. **Note, this is not recommended. See the Authentication section below.**\n\n##### SSH Configuration\n\nYou may have further SSH configuration requirements, such as setting preferred ciphers, keys, \ncompression, host key authentication and more.\n\nThis is achieved by accessing the `SshClientContext` Synergy provides. You must pass in\nthe `TransportConfig` from the `DBusConnectionBuilder`.\n\n```java\nSshTransport.setContextConfigurator((ctx) -\u003e {\n\tctx.setHostKeyVerification((host, key) -\u003e {\n\t\t// TODO Check 'key' here for validity for the host\n\t\treturn true;\n\t});\n\treturn ctx;\n}, builder.transportConfig());\n```\nSee the Maverick Synergy [documentation](https://jadaptive.com/app/manpage/agent/category/1564757) for more information on configuration.\n\n##### SSH Authentication\n\nRather than provide sensitive information such as passwords or passphrases in the address string, \nyou can again directly access the transport and configure a custom authenticator. You must pass in\nthe `TransportConfig` from the `DBusConnectionBuilder`.\n\n```java\nSshTransport.setAuthenticationConfigurator(\n\t\t(auths) -\u003e Arrays.asList(new PasswordAuthenticator(() -\u003e \"changeme\")),\n\t\tbuilder.transportConfig());\n```\n\n##### Providing Your Own Client\n\nYou can be in entirely in control of the creation of the client by using `SshTransport.setClient()`. \nYou must pass in the `TransportConfig` from the `DBusConnectionBuilder`.\n\n```java\nSshTransport.setClient(() -\u003e {\n    return SshClientBuilder.create().\n        withTarget(\"yourhost\", 22).\n        withUsername(\"joeb\").\n        withSshContext(SshTransport.createClientContext()).\n        withAuthenticators(new PasswordAuthenticator(\"asecret\")).\n        onConfigure((cctx) -\u003e {\n           cctx.getForwardingPolicy().allowForwarding();\n           cctx.getForwardingPolicy().add(ForwardingPolicy.UNIX_DOMAIN_SOCKET_FORWARDING);\n        }).\n        build();\n}, builder.transportConfig());\n```\n\nSee the Maverick Synergy [documentation](https://jadaptive.com/app/manpage/agent/category/1564757) for more information on authentication.\n\n##### DBus Authentication\n\nDBus itself has it's own authentication layer that uses [SASL](https://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer).\nThe SSH transport uses the `EXTERNAL` mechanism. Part of the SASL handshake includes the **UID** of the calling user. The DBus broker checks if the UID matches that of the connection it accepted, and will reject the connection if they do not match.\n\nIn the case of an SSH connection, the UID of the local user may be totally different to the UID of the remote user. To overcome this, you must know up-front the UID of the remote user, and provide it when configuring the local DBus connection.\n\n```java\nbuilder.transportConfig().configureSasl().withSaslUid(1000);\t\t\n```\n\n \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsshtools%2Fdbus-java-transport-ssh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsshtools%2Fdbus-java-transport-ssh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsshtools%2Fdbus-java-transport-ssh/lists"}