public void Start() { Licensing.Key = VecteurSettings.Default.SftpLicenseKey; fileServer = new FileServer { LogWriter = new SerilogWriter() }; var port = (int)VecteurSettings.Default.SftpPort; var rsaKey = ServerKey.GetServerPrivateKey(); fileServer.Keys.Add(rsaKey); var dirInfo = new DirectoryInfo(VecteurSettings.Default.BaseDirectory); if (!dirInfo.Exists) { dirInfo.Create(); } var fs = CreateFileSystem(dirInfo.FullName); var user = new FileServerUser("vecteur", VecteurSettings.Default.SftpPassword); fileServer.Users.Add(user); user.SetFileSystem(fs); fileServer.Settings.SshParameters.EncryptionModes &= ~SshEncryptionMode.CBC; // Disable CBC algorithm (security vulnerability) fileServer.Bind(port, FileServerProtocol.Sftp); fileServer.Start(); }
private void ConfigureAndStartFileServer() { Log.Information("About to configure and start sftp server."); try { port = DocumentConverterSettings.Default.Port; baseAddress = DocumentConverterSettings.Default.BaseAddress.Replace("{MachineName}", Environment.MachineName); Log.Information( "Using the following settings for SFTP server: port = {port}, baseAddress = {baseAddress}, baseDirectory = {settings.BaseDirectory}", port, baseAddress, DocumentConverterSettings.Default.BaseDirectory); lock (fileServerLock) { fileServer = new FileServer { LogWriter = new SerilogWriter(), Keys = { ServerKey.GetServerPrivateKey() } }; fileServer.Settings.SshParameters.EncryptionModes &= ~SshEncryptionMode.CBC; // Disable CBC algorithm (security vulnerability) fileServer.FileUploaded += (sender, e) => { Log.Information("File successfully uploaded: user={User}, full path={FullPath}, file name={Path}", e.User, e.FullPath, e.Path); }; fileServer.FileDownloaded += FileServerOnFileDownloaded; fileServer.Bind(port, FileServerProtocol.Sftp); fileServer.Start(); } Log.Information($"Sftp server is listening on port '{port}'"); } catch (Exception e) { Log.Error(e, e.Message); throw; } }
private void StartServer() { Configure(); Log.Write("Binding SFTP server to port {0}...", Config.ServerPort); try { Server.Bind(Config.ServerPort, FileServerProtocol.Sftp); } catch (InvalidOperationException x) { Log.Write(LogColor.Error, "Unable to bind to port {0}: ", x.Message); Log.Write(LogColor.Important, "Unable to bind to port {0}. Try changing it in the configuration file.", Config.ServerPort); return; } Log.Write("Starting..."); Server.Start(); Log.Write(LogColor.Success, "SFTP server has started and is ready to accept connections."); IsStarted = true; }
public void Start() { Licensing.Key = Properties.CacheSettings.Default.SftpLicenseKey; fileServer = new FileServer { LogWriter = new SerilogWriter() }; var port = ((long?)Properties.CacheSettings.Default.Port).Value; var rsaKey = ServerKey.GetServerPrivateKey(); fileServer.Keys.Add(rsaKey); foreach (var category in Enum.GetNames(typeof(CacheRetentionCategory))) { var dirInfo = new DirectoryInfo(Path.Combine(Properties.CacheSettings.Default.BaseDirectory, category)); if (!dirInfo.Exists) { dirInfo.Create(); } var fs = CreateFileSystem(dirInfo.FullName); var user = new FileServerUser(category, Password.Current); fileServer.Users.Add(user); user.SetFileSystem(fs); } fileServer.Settings.SshParameters.EncryptionModes &= ~SshEncryptionMode.CBC; // Disable CBC algorithm (security vulnerability) fileServer.FileUploaded += FileServerOnFileUploaded; fileServer.FileDownloaded += FileServerOnFileDownloaded; fileServer.Bind((int)port, FileServerProtocol.Sftp); fileServer.Start(); }
public async Task StartAsync(CancellationToken cancellationToken) { await Task.Run(() => { try { AsymmetricKeyAlgorithm.Register(Curve25519.Create); AsymmetricKeyAlgorithm.Register(Ed25519.Create); AsymmetricKeyAlgorithm.Register(EllipticCurveAlgorithm.Create); using (var scope = _factory.CreateScope()) { var conf = scope.ServiceProvider.GetRequiredService <IConfiguration>(); var uow = scope.ServiceProvider.GetRequiredService <IUnitOfWork>(); if (!Enum.TryParse <LogLevel>(conf["Rebex:LogLevel"], true, out _level)) { throw new InvalidCastException(); } var license = uow.Settings.Get(QueryExpressionFactory.GetQueryExpression <tbl_Setting>() .Where(x => x.ConfigKey == "RebexLicense").ToLambda()).OrderBy(x => x.Created) .Last(); Rebex.Licensing.Key = license.ConfigValue; KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.DSS, 1024, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.RSA, 4096, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP256, 256, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP384, 384, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP521, 521, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ED25519, 256, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); var secret = conf["Databases:AuroraSecret"]; var dsaStr = SshHostKeyAlgorithm.DSS.ToString(); var dsaPrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == dsaStr && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var dsaBytes = Encoding.ASCII.GetBytes(dsaPrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(dsaBytes, AES.DecryptString(dsaPrivKey.KeyPass, secret))); var rsaStr = SshHostKeyAlgorithm.RSA.ToString(); var rsaPrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == rsaStr && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var rsaBytes = Encoding.ASCII.GetBytes(rsaPrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(rsaBytes, AES.DecryptString(rsaPrivKey.KeyPass, secret))); var ecdsa256Str = SshHostKeyAlgorithm.ECDsaNistP256.ToString(); var ecdsa256PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == ecdsa256Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var ecdsa256Bytes = Encoding.ASCII.GetBytes(ecdsa256PrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(ecdsa256Bytes, AES.DecryptString(ecdsa256PrivKey.KeyPass, secret))); var ecdsa384Str = SshHostKeyAlgorithm.ECDsaNistP384.ToString(); var ecdsa384PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == ecdsa384Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var ecdsa384Bytes = Encoding.ASCII.GetBytes(ecdsa384PrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(ecdsa384Bytes, AES.DecryptString(ecdsa384PrivKey.KeyPass, secret))); var ecdsa521Str = SshHostKeyAlgorithm.ECDsaNistP521.ToString(); var ecdsa521PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == ecdsa521Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var ecdsa521Bytes = Encoding.ASCII.GetBytes(ecdsa521PrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(ecdsa521Bytes, AES.DecryptString(ecdsa521PrivKey.KeyPass, secret))); var ed25519Str = SshHostKeyAlgorithm.ED25519.ToString(); var ed25519PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == ed25519Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var ed25519Bytes = Encoding.ASCII.GetBytes(ed25519PrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(ed25519Bytes, AES.DecryptString(ed25519PrivKey.KeyPass, secret))); _binding = conf.GetSection("Daemons:SftpService:Bindings").GetChildren().Select(x => x.Value); } foreach (var binding in _binding) { var pair = binding.Split("|"); _server.Bind(new IPEndPoint(IPAddress.Parse(pair[0]), int.Parse(pair[1])), FileServerProtocol.Sftp); #if DEBUG _server.Bind(new IPEndPoint(IPAddress.Parse(pair[0]), int.Parse(pair[1])), FileServerProtocol.Shell); #endif } _server.LogWriter = new ConsoleLogWriter(_level); _server.Settings.AllowedAuthenticationMethods = AuthenticationMethods.PublicKey | AuthenticationMethods.Password; _server.Settings.SshParameters.EncryptionAlgorithms = SshEncryptionAlgorithm.Any; _server.Settings.SshParameters.EncryptionModes = SshEncryptionMode.Any; _server.Settings.SshParameters.KeyExchangeAlgorithms = SshKeyExchangeAlgorithm.Any; _server.Settings.SshParameters.HostKeyAlgorithms = SshHostKeyAlgorithm.Any; _server.Settings.SshParameters.MacAlgorithms = SshMacAlgorithm.Any; _server.Authentication += FsUser_Authentication; _server.Connecting += FsUser_Connecting; _server.Disconnected += FsUser_Disconnected; _server.FileDownloaded += FsUser_FileDownloaded; _server.FileUploaded += FsUser_FileUploaded; _server.PreAuthentication += FsUser_PreAuthentication; _server.Start(); } catch (Exception ex) { Log.Error(ex.ToString()); } }, cancellationToken); }