v0.2.1

What's Changed

• Allow to set a Logger per JSch-instance rather than a VM-wide one by @kimmerin in #128
• Preliminary changes prior to Javadoc work by @norrisjeremy in #126
• remove check to allow setting any filename encoding with any server version #137 by @mwiede in #142

New Contributors

• @kimmerin made their first contribution in #128

Full Changelog: jsch-0.2.0...jsch-0.2.1

v0.2.0

• Disable RSA/SHA1 signature algorithm by default #75
• Add basic Logger implementations that can be optionally utilized with JSch.setLogger():
  • JulLogger, using java.util.logging.Logger
  • JplLogger, using Java 9's JEP 264
  • Log4j2Logger, using Apache Log4j 2
  • Slf4jLogger, using SLF4J
• Fix client version to be compliant with RFC 4253 section 4.2 by not including minus sign characters #115
• Add java.util.zip based compression implementation #114
  • This is based upon the CompressionJUZ implementation posted to the JSch-users mailing list in 2012 by the original JSch author
  • The existing JZlib implementation remains the default to maintain strict RFC 4253 section 6.2 compliance
    • To use the new implementation globally, execute JSch.setConfig("[email protected]", "com.jcraft.jsch.juz.Compression") + JSch.setConfig("zlib", "com.jcraft.jsch.juz.Compression")
    • To use the new implementation per session, execute session.setConfig("[email protected]", "com.jcraft.jsch.juz.Compression") + session.setConfig("zlib", "com.jcraft.jsch.juz.Compression")

v0.1.72

• Switch [email protected] algorithm to a pure Bouncy Castle based implementation
• implement openssh config behavior to handle append, prepend and removal of algorithms #104

v0.1.71

• Address #98 by restoring JSch.VERSION

v0.1.70

• Address #89 by fixing rare ECDSA signature validation issue
• Address #93 by always setting the "want reply" flag for "env" type channel requests to false

v0.1.69

• Address #83 by sending CR LF at the end of the identification string
• Fix earlier change for #76 that failed to correctly make the "Host" keyword case-insensitive
• Fix PageantConnector struct class visibility #86

v0.1.68

• Added support for the [email protected] algorithm
• Added support for the hmac-ripemd160, [email protected] and [email protected] algorithms using Bouncy Castle
• Added support for various algorithms from RFC 4253 and RFC 4344 using Bouncy Castle
  • cast128-cbc
  • cast128-ctr
  • twofish-cbc
  • twofish128-cbc
  • twofish128-ctr
  • twofish192-cbc
  • twofish192-ctr
  • twofish256-cbc
  • twofish256-ctr
• Added support for the [email protected] algorithm using Bouncy Castle

v0.1.67

• Added support for the blowfish-ctr algorithm from RFC 4344
• Fix bug where ext-info-c was incorrectly advertised during rekeying
  • According to RFC 8308 section 2.1, ext-info-c should only advertised during the first key exchange
• Address #77 by attempting to add compatibility with older Bouncy Castle releases

v0.1.66

• Added support for RFC 8308 extension negotiation and server-sig-algs extension
  • This support is enabled by default, but can be controlled via the enable_server_sig_algs config option (or jsch.enable_server_sig_algs system property)
  • When enabled and a server-sig-algs message is received from the server, the algorithms included by the server and also present in the PubkeyAcceptedKeyTypes config option will be attempted first when using publickey authentication
  • Additionally if the server is detected as OpenSSH version 7.4, the rsa-sha2-256 & rsa-sha2-512 algorithms will be added to the received server-sig-algs as a workaround for OpenSSH bug 2680
• Added support for various algorithms supported by Tectia (ssh.com):
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
• Added support for SHA224 to FingerprintHash
• Fixing #52
• Deprecate void setFilenameEncoding(String encoding) in favor of void setFilenameEncoding(Charset encoding) in ChannelSftp
• Added support for rsa-sha2-256 & rsa-rsa2-512 algorithms to ChannelAgentForwarding
• Address #65 by adding ssh-agent support derived from jsch-agent-proxy
  • See examples/JSchWithAgentProxy.java for simple example
  • ssh-agent support requires either Java 16's JEP 380 or the addition of junixsocket to classpath
  • Pageant support is untested & requires the addition of JNA to classpath
• Added support for the following algorithms with older Java releases by using Bouncy Castle:
  • ssh-ed25519
  • ssh-ed448
  • curve25519-sha256
  • [email protected]
  • curve448-sha512
  • [email protected]

v0.1.65

• Added system properties to allow manipulation of various crypto algorithms used by default
• Integrated JZlib, allowing use of [email protected] & zlib compressions without the need to provide the JZlib jar-file
• Modularized the jar-file for use with Java 9 or newer
• Added runtime controls for the min/max/preferred sizes used for diffie-hellman-group-exchange-sha256 & diffie-hellman-group-exchange-sha1
• Renamed PubkeyAcceptedKeyTypes config to PubkeyAcceptedAlgorithms to match recent changes in OpenSSH (PubkeyAcceptedKeyTypes is still accepted for backward compatibility)
• Reduced number of algorithms that are runtime checked by default via CheckCiphers, CheckMacs, CheckKExes & CheckSignatures to improve runtime performance