public async Task StartAsync(CancellationToken cancellationToken)
{
await Task.Run(() =>
{
try
{
AsymmetricKeyAlgorithm.Register(Curve25519.Create);
AsymmetricKeyAlgorithm.Register(Ed25519.Create);
AsymmetricKeyAlgorithm.Register(EllipticCurveAlgorithm.Create);
using (var scope = _factory.CreateScope())
{
var conf = scope.ServiceProvider.GetRequiredService <IConfiguration>();
var uow = scope.ServiceProvider.GetRequiredService <IUnitOfWork>();
if (!Enum.TryParse <LogLevel>(conf["Rebex:LogLevel"], true, out _level))
{
throw new InvalidCastException();
}
var license = uow.Settings.Get(QueryExpressionFactory.GetQueryExpression <tbl_Setting>()
.Where(x => x.ConfigKey == "RebexLicense").ToLambda()).OrderBy(x => x.Created)
.Last();
Rebex.Licensing.Key = license.ConfigValue;
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.DSS, 1024, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.RSA, 4096, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP256, 256, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP384, 384, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP521, 521, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ED25519, 256, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
var secret = conf["Databases:AuroraSecret"];
var dsaStr = SshHostKeyAlgorithm.DSS.ToString();
var dsaPrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == dsaStr && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var dsaBytes = Encoding.ASCII.GetBytes(dsaPrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(dsaBytes, AES.DecryptString(dsaPrivKey.KeyPass, secret)));
var rsaStr = SshHostKeyAlgorithm.RSA.ToString();
var rsaPrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == rsaStr && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var rsaBytes = Encoding.ASCII.GetBytes(rsaPrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(rsaBytes, AES.DecryptString(rsaPrivKey.KeyPass, secret)));
var ecdsa256Str = SshHostKeyAlgorithm.ECDsaNistP256.ToString();
var ecdsa256PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == ecdsa256Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var ecdsa256Bytes = Encoding.ASCII.GetBytes(ecdsa256PrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(ecdsa256Bytes, AES.DecryptString(ecdsa256PrivKey.KeyPass, secret)));
var ecdsa384Str = SshHostKeyAlgorithm.ECDsaNistP384.ToString();
var ecdsa384PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == ecdsa384Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var ecdsa384Bytes = Encoding.ASCII.GetBytes(ecdsa384PrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(ecdsa384Bytes, AES.DecryptString(ecdsa384PrivKey.KeyPass, secret)));
var ecdsa521Str = SshHostKeyAlgorithm.ECDsaNistP521.ToString();
var ecdsa521PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == ecdsa521Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var ecdsa521Bytes = Encoding.ASCII.GetBytes(ecdsa521PrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(ecdsa521Bytes, AES.DecryptString(ecdsa521PrivKey.KeyPass, secret)));
var ed25519Str = SshHostKeyAlgorithm.ED25519.ToString();
var ed25519PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == ed25519Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var ed25519Bytes = Encoding.ASCII.GetBytes(ed25519PrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(ed25519Bytes, AES.DecryptString(ed25519PrivKey.KeyPass, secret)));
_binding = conf.GetSection("Daemons:SftpService:Bindings").GetChildren().Select(x => x.Value);
}
foreach (var binding in _binding)
{
var pair = binding.Split("|");
_server.Bind(new IPEndPoint(IPAddress.Parse(pair[0]), int.Parse(pair[1])), FileServerProtocol.Sftp);
#if DEBUG
_server.Bind(new IPEndPoint(IPAddress.Parse(pair[0]), int.Parse(pair[1])), FileServerProtocol.Shell);
#endif
}
_server.LogWriter = new ConsoleLogWriter(_level);
_server.Settings.AllowedAuthenticationMethods = AuthenticationMethods.PublicKey | AuthenticationMethods.Password;
_server.Settings.SshParameters.EncryptionAlgorithms = SshEncryptionAlgorithm.Any;
_server.Settings.SshParameters.EncryptionModes = SshEncryptionMode.Any;
_server.Settings.SshParameters.KeyExchangeAlgorithms = SshKeyExchangeAlgorithm.Any;
_server.Settings.SshParameters.HostKeyAlgorithms = SshHostKeyAlgorithm.Any;
_server.Settings.SshParameters.MacAlgorithms = SshMacAlgorithm.Any;
_server.Authentication += FsUser_Authentication;
_server.Connecting += FsUser_Connecting;
_server.Disconnected += FsUser_Disconnected;
_server.FileDownloaded += FsUser_FileDownloaded;
_server.FileUploaded += FsUser_FileUploaded;
_server.PreAuthentication += FsUser_PreAuthentication;
_server.Start();
}
catch (Exception ex)
{
Log.Error(ex.ToString());
}
}, cancellationToken);
}
public void Create()
{
if (_uow.InstanceType == InstanceContext.DeployedOrLocal)
{
throw new InvalidOperationException();
}
/*
* create key pairs for daemons
*/
KeyHelper.CheckPrivKey(_conf, _uow, SshHostKeyAlgorithm.DSS, 1024, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(_conf, _uow, SshHostKeyAlgorithm.RSA, 4096, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(_conf, _uow, SshHostKeyAlgorithm.ECDsaNistP256, 256, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(_conf, _uow, SshHostKeyAlgorithm.ECDsaNistP384, 384, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(_conf, _uow, SshHostKeyAlgorithm.ECDsaNistP521, 521, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(_conf, _uow, SshHostKeyAlgorithm.ED25519, 256, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
/*
* create composite test users
*/
var foundCompositeUser = _uow.Users.Get(QueryExpressionFactory.GetQueryExpression <tbl_User>()
.Where(x => x.IdentityAlias == Constants.TestCompositeUser).ToLambda())
.SingleOrDefault();
if (foundCompositeUser == null)
{
foundCompositeUser = _uow.Users.Create(
new tbl_User()
{
IdentityId = Guid.NewGuid(),
IdentityAlias = Constants.TestCompositeUser,
RequirePassword = true,
RequirePublicKey = false,
FileSystemType = FileSystemTypes.Composite.ToString(),
Created = DateTime.Now,
Enabled = true,
Deletable = true,
});
_uow.Commit();
KeyHelper.CreatePrivKey(_conf, _uow, foundCompositeUser, SshHostKeyAlgorithm.RSA, 2048,
AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256, Dns.GetHostName());
}
/*
* create memory test users
*/
var foundMemoryUser = _uow.Users.Get(QueryExpressionFactory.GetQueryExpression <tbl_User>()
.Where(x => x.IdentityAlias == Constants.TestMemoryUser).ToLambda())
.SingleOrDefault();
if (foundMemoryUser == null)
{
foundMemoryUser = _uow.Users.Create(
new tbl_User()
{
IdentityId = Guid.NewGuid(),
IdentityAlias = Constants.TestMemoryUser,
RequirePassword = true,
RequirePublicKey = false,
FileSystemType = FileSystemTypes.Memory.ToString(),
Created = DateTime.Now,
Enabled = true,
Deletable = true,
});
_uow.Commit();
KeyHelper.CreatePrivKey(_conf, _uow, foundMemoryUser, SshHostKeyAlgorithm.RSA, 2048,
AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256, Dns.GetHostName());
}
/*
* create smb test users
*/
var foundSmbUser = _uow.Users.Get(QueryExpressionFactory.GetQueryExpression <tbl_User>()
.Where(x => x.IdentityAlias == Constants.TestSmbUser).ToLambda())
.SingleOrDefault();
if (foundSmbUser == null)
{
foundSmbUser = _uow.Users.Create(
new tbl_User()
{
IdentityId = Guid.NewGuid(),
IdentityAlias = Constants.TestSmbUser,
RequirePassword = true,
RequirePublicKey = false,
FileSystemType = FileSystemTypes.SMB.ToString(),
Created = DateTime.Now,
Enabled = true,
Deletable = true,
});
_uow.Commit();
KeyHelper.CreatePrivKey(_conf, _uow, foundSmbUser, SshHostKeyAlgorithm.RSA, 2048,
AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256, Dns.GetHostName());
}
}