Search code examples
javaosgiapache-felixgogo-shell

Apache Felix shell with SSH


I'm interested how I can use Apache Felix with SSH? I want to access Felix shell from remote computer using SSH. I know that there is a telnet support but it's too unsafe. Is there any solution?


Solution

  • Yes, there is one, as described here (the guide is relative to eclipse's equinox but it doesn't matter) using a combination of gogo shell, apache mina sshd server and three equinox console bundles (core+ssh plugin+jaas plugin for ssh authentication) you will be able to connect to mina's ssh server and your commands related to OSGi will be executed by the gogo shell.

    You'll need these bundles:

    • GoGo Shell: org.apache.felix.gogo.command.jar, org.apache.felix.gogo.runtime.jar, org.apache.felix.gogo.shell.jar
    • Equinox console Bundles: org.eclipse.equinox.console.jar, org.eclipse.equinox.console.supportability.jar, org.eclipse.equinox.console.jaas.fragment.jar
    • Apache Mina: org.apache.mina.core.jar, org.apache.sshd.core.jar
    • And for logging slf4j-api.jar and a slf4j-api_impl.jar

    As described here, you will also need these properties in your Felix configuration file:

    osgi.console.enable.builtin=false 
    osgi.console.ssh=<port> 
    osgi.console.ssh.useDefaultSecureStorage=true 
    

    The equinox JAAS bundle will search for a org.eclipse.equinox.console.authentication.config file, that will enable the login module:

    equinox_console { 
        org.eclipse.equinox.console.jaas.SecureStorageLoginModule REQUIRED; 
    }; 
    

    I'm not quite sure where this will be searched using Felix (i'm not sure this is done in a standard OSGi way), but the conf directory is a good guess.

    The user equinox/equinox will already be present, other users can be created with the console commands provided.

    Edit: For the equinox console/supportability bundle you can get the Mars release from here expanding the section Add-on Bundles:

    org.eclipse.equinox.console_1.1.100.v20141023-1406.jar

    You'll also need the supportability bundle that you can get from here(the last version is from 2011).