Releases: mwiede/jsch
Releases · mwiede/jsch
v0.2.0
- Disable RSA/SHA1 signature algorithm by default #75
- Add basic Logger implementations that can be optionally utilized with
JSch.setLogger()
:- JulLogger, using
java.util.logging.Logger
- JplLogger, using Java 9's JEP 264
- Log4j2Logger, using Apache Log4j 2
- Slf4jLogger, using SLF4J
- JulLogger, using
- Fix client version to be compliant with RFC 4253 section 4.2 by not including minus sign characters #115
- Add
java.util.zip
based compression implementation #114- This is based upon the CompressionJUZ implementation posted to the JSch-users mailing list in 2012 by the original JSch author
- The existing JZlib implementation remains the default to maintain strict RFC 4253 section 6.2 compliance
- To use the new implementation globally, execute
JSch.setConfig("zlib@openssh.com", "com.jcraft.jsch.juz.Compression")
+JSch.setConfig("zlib", "com.jcraft.jsch.juz.Compression")
- To use the new implementation per session, execute
session.setConfig("zlib@openssh.com", "com.jcraft.jsch.juz.Compression")
+session.setConfig("zlib", "com.jcraft.jsch.juz.Compression")
- To use the new implementation globally, execute
v0.1.72
- Switch chacha20-poly1305@openssh.com algorithm to a pure Bouncy Castle based implementation
- implement openssh config behavior to handle append, prepend and removal of algorithms #104
v0.1.71
v0.1.70
v0.1.69
v0.1.68
- Added support for the rijndael-cbc@lysator.liu.se algorithm
- Added support for the hmac-ripemd160, hmac-ripemd160@openssh.com and hmac-ripemd160-etm@openssh.com algorithms using Bouncy Castle
- Added support for various algorithms from RFC 4253 and RFC 4344 using Bouncy Castle
- cast128-cbc
- cast128-ctr
- twofish-cbc
- twofish128-cbc
- twofish128-ctr
- twofish192-cbc
- twofish192-ctr
- twofish256-cbc
- twofish256-ctr
- Added support for the seed-cbc@ssh.com algorithm using Bouncy Castle
v0.1.67
- Added support for the blowfish-ctr algorithm from RFC 4344
- Fix bug where ext-info-c was incorrectly advertised during rekeying
- According to RFC 8308 section 2.1, ext-info-c should only advertised during the first key exchange
- Address #77 by attempting to add compatibility with older Bouncy Castle releases
v0.1.66
- Added support for RFC 8308 extension negotiation and server-sig-algs extension
- This support is enabled by default, but can be controlled via the enable_server_sig_algs config option (or
jsch.enable_server_sig_algs
system property) - When enabled and a server-sig-algs message is received from the server, the algorithms included by the server and also present in the PubkeyAcceptedKeyTypes config option will be attempted first when using publickey authentication
- Additionally if the server is detected as OpenSSH version 7.4, the rsa-sha2-256 & rsa-sha2-512 algorithms will be added to the received server-sig-algs as a workaround for OpenSSH bug 2680
- This support is enabled by default, but can be controlled via the enable_server_sig_algs config option (or
- Added support for various algorithms supported by Tectia (ssh.com):
- diffie-hellman-group14-sha224@ssh.com
- diffie-hellman-group14-sha256@ssh.com
- diffie-hellman-group15-sha256@ssh.com
- diffie-hellman-group15-sha384@ssh.com
- diffie-hellman-group16-sha384@ssh.com
- diffie-hellman-group16-sha512@ssh.com
- diffie-hellman-group18-sha512@ssh.com
- diffie-hellman-group-exchange-sha224@ssh.com
- diffie-hellman-group-exchange-sha384@ssh.com
- diffie-hellman-group-exchange-sha512@ssh.com
- hmac-sha224@ssh.com
- hmac-sha256@ssh.com
- hmac-sha256-2@ssh.com
- hmac-sha384@ssh.com
- hmac-sha512@ssh.com
- ssh-rsa-sha224@ssh.com
- ssh-rsa-sha256@ssh.com
- ssh-rsa-sha384@ssh.com
- ssh-rsa-sha512@ssh.com
- Added support for SHA224 to FingerprintHash
- Fixing #52
- Deprecate
void setFilenameEncoding(String encoding)
in favor ofvoid setFilenameEncoding(Charset encoding)
inChannelSftp
- Added support for rsa-sha2-256 & rsa-rsa2-512 algorithms to
ChannelAgentForwarding
- Address #65 by adding ssh-agent support derived from jsch-agent-proxy
- See
examples/JSchWithAgentProxy.java
for simple example - ssh-agent support requires either Java 16's JEP 380 or the addition of junixsocket to classpath
- Pageant support is untested & requires the addition of JNA to classpath
- See
- Added support for the following algorithms with older Java releases by using Bouncy Castle:
- ssh-ed25519
- ssh-ed448
- curve25519-sha256
- curve25519-sha256@libssh.org
- curve448-sha512
- chacha20-poly1305@openssh.com
v0.1.65
- Added system properties to allow manipulation of various crypto algorithms used by default
- Integrated JZlib, allowing use of zlib@openssh.com & zlib compressions without the need to provide the JZlib jar-file
- Modularized the jar-file for use with Java 9 or newer
- Added runtime controls for the min/max/preferred sizes used for diffie-hellman-group-exchange-sha256 & diffie-hellman-group-exchange-sha1
- Renamed PubkeyAcceptedKeyTypes config to PubkeyAcceptedAlgorithms to match recent changes in OpenSSH (PubkeyAcceptedKeyTypes is still accepted for backward compatibility)
- Reduced number of algorithms that are runtime checked by default via CheckCiphers, CheckMacs, CheckKExes & CheckSignatures to improve runtime performance