Search code examples
javaunit-testingauthenticationsshapache-mina

In memory/embedded SFTP server for test with private key authentication in Java


The scenario is that I need to write tests for an application that does SFTP file transfers and I need an in memory/embedded SFTP server with private key authentication implementation so that I can test that file transfers run okay with the embedded/ in memory server with private key (.pem) file authentication.

I have raked through the guts of internet the closest I came to was Apache Mina Server as discussed in this S.O. question

Currently I am using a username and password authentication as below:

SshServer sshd = SshServer.setUpDefaultServer();
sshd.setPort(22999);

sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider());
sshd.setPasswordAuthenticator(new PasswordAuthenticator() {

    public boolean authenticate(String username, String password,
                                ServerSession session) {
        // TODO Auto-generated method stub
        return true;
    }
});

I tried finding a way to implement private key authentication but it seems there is only one authenticator but that is a public key authenticator as below:

public void setPublickeyAuthenticator(PublickeyAuthenticator publickeyAuthenticator) {
    this.publickeyAuthenticator = publickeyAuthenticator;
}

Is there a way to implement private key authenticator with Apache Mina? or if it's impossible there is there any other mock SFTP server I could use for my testing scenario?


Solution

  • You are actually looking for a public key authenticator.

    The client/user authenticates with its public key. The server never sees the private key.


    So you implement the PublickeyAuthenticator interface to check if the PublicKey key argument of the authenticate method matches the public part of the key pair you are using in your client to authenticate.

    You can start with AuthorizedKeysAuthenticator implementation that uses the OpenSSH .ssh/authorized_keys-like configuration file.