Check error stream is not null before notifying error (#961)

Co-authored-by: Jeroen van Erp <jeroen@hierynomus.com>

.github/workflows/gradle.yml

@@ -14,9 +14,9 @@ jobs:
     name: Build with Java 11
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
     - name: Set up Java 11
-      uses: actions/setup-java@v3
+      uses: actions/setup-java@v4
       with:
         distribution: 'temurin'
         java-version: 11
@@ -31,9 +31,9 @@ jobs:
     name: Integration test
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - run: git fetch --depth=1 origin +refs/tags/*:refs/tags/*
-      - uses: actions/setup-java@v3
+      - uses: actions/setup-java@v4
         with:
           distribution: 'temurin'
           java-version: 11

.github/workflows/release.yml

@@ -13,11 +13,11 @@ jobs:
     name: Build with Java 12
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Set up JDK 12
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v4
         with:
           distribution: 'zulu'
           java-version: 12
@@ -30,10 +30,10 @@ jobs:
     needs: [java12]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      - uses: actions/setup-java@v2
+      - uses: actions/setup-java@v4
         with:
           distribution: 'zulu'
           java-version: 12

README.adoc

@@ -1,7 +1,7 @@
 = sshj - SSHv2 library for Java
 Jeroen van Erp
 :sshj_groupid: com.hierynomus
-:sshj_version: 0.37.0
+:sshj_version: 0.38.0
 :source-highlighter: pygments
 
 image:https://github.com/hierynomus/sshj/actions/workflows/gradle.yml/badge.svg[link="https://github.com/hierynomus/sshj/actions/workflows/gradle.yml"]
@@ -10,6 +10,8 @@ image:https://codecov.io/gh/hierynomus/sshj/branch/master/graph/badge.svg["codec
 image:http://www.javadoc.io/badge/com.hierynomus/sshj.svg?color=blue["JavaDocs", link="http://www.javadoc.io/doc/com.hierynomus/sshj"]
 image:https://maven-badges.herokuapp.com/maven-central/com.hierynomus/sshj/badge.svg["Maven Central",link="https://maven-badges.herokuapp.com/maven-central/com.hierynomus/sshj"]
 
+WARNING: SSHJ versions up to and including 0.37.0 are vulnerable to https://nvd.nist.gov/vuln/detail/CVE-2023-48795[CVE-2023-48795 - Terrapin]. Please upgrade to 0.38.0 or higher.
+
 To get started, have a look at one of the examples. Hopefully you will find the API pleasant to work with :)
 
 == Getting SSHJ
@@ -46,7 +48,7 @@ If your project is built using another build tool that uses the Maven Central re
 In the `examples` directory, there is a separate Maven project that shows how the library can be used in some sample cases. If you want to run them, follow these guidelines:
 
 . Install http://maven.apache.org/[Maven 2.2.1] or up.
-. Clone the Overthere repository.
+. Clone the SSHJ repository.
 . Go into the `examples` directory and run the command `mvn eclipse:eclipse`.
 . Import the `examples` project into Eclipse.
 . Change the login details in the example classes (address, username and password) and run them!
@@ -108,6 +110,14 @@ Issue tracker: https://github.com/hierynomus/sshj/issues
 Fork away!
 
 == Release history
+SSHJ 0.38.0 (2024-01-02)::
+* Mitigated CVE-2023-48795 - Terrapin
+  * Merged https://github.com/hierynomus/sshj/pull/917[#917]: Implement OpenSSH strict key exchange extension
+* Merged https://github.com/hierynomus/sshj/pull/903[#903]: Fix for writing known hosts key string
+* Merged https://github.com/hierynomus/sshj/pull/913[#913]: Prevent remote port forwarding buffers to grow without bounds
+* Moved tests to JUnit5
+* Merged https://github.com/hierynomus/sshj/pull/827[#827]: Fallback to posix-rename@openssh.com extension if available
+* Merged https://github.com/hierynomus/sshj/pull/904[#904]: Add ChaCha20-Poly1305 support for OpenSSH keys
 SSHJ 0.37.0 (2023-10-11)::
 * Merged https://github.com/hierynomus/sshj/pull/899[#899]: Add support for AES-GCM OpenSSH private keys
 * Merged https://github.com/hierynomus/sshj/pull/901[#901]: Fix ZLib compression bug

build.gradle

@@ -41,11 +41,11 @@ compileJava {
 
 configurations.implementation.transitive = false
 
-def bouncycastleVersion = "1.75"
-def sshdVersion = "2.10.0"
+def bouncycastleVersion = "1.78.1"
+def sshdVersion = "2.12.1"
 
 dependencies {
-  implementation "org.slf4j:slf4j-api:2.0.7"
+  implementation "org.slf4j:slf4j-api:2.0.13"
   implementation "org.bouncycastle:bcprov-jdk18on:$bouncycastleVersion"
   implementation "org.bouncycastle:bcpkix-jdk18on:$bouncycastleVersion"
   implementation "com.hierynomus:asn-one:0.6.0"
@@ -59,7 +59,6 @@ license {
     java = 'SLASHSTAR_STYLE'
   }
   excludes([
-    '**/sshj/common/Base64.java',
     '**/com/hierynomus/sshj/userauth/keyprovider/bcrypt/*.java',
     '**/files/test_file_*.txt',
   ])
@@ -86,7 +85,7 @@ testing {
     configureEach {
       useJUnitJupiter()
       dependencies {
-        implementation "org.slf4j:slf4j-api:2.0.7"
+        implementation "org.slf4j:slf4j-api:2.0.13"
         implementation 'org.spockframework:spock-core:2.3-groovy-3.0'
         implementation "org.mockito:mockito-core:4.11.0"
         implementation "org.assertj:assertj-core:3.24.2"
@@ -94,7 +93,7 @@ testing {
         implementation "org.apache.sshd:sshd-core:$sshdVersion"
         implementation "org.apache.sshd:sshd-sftp:$sshdVersion"
         implementation "org.apache.sshd:sshd-scp:$sshdVersion"
-        implementation "ch.qos.logback:logback-classic:1.3.8"
+        implementation "ch.qos.logback:logback-classic:1.3.14"
         implementation 'org.glassfish.grizzly:grizzly-http-server:3.0.1'
       }
 
@@ -130,8 +129,8 @@ testing {
     integrationTest(JvmTestSuite) {
       dependencies {
         implementation project()
-        implementation 'org.testcontainers:testcontainers:1.18.3'
-        implementation 'org.testcontainers:junit-jupiter:1.18.3'
+        implementation 'org.testcontainers:testcontainers:1.19.8'
+        implementation 'org.testcontainers:junit-jupiter:1.19.8'
       }
 
       sources {

src/itest/java/com/hierynomus/sshj/SshdContainer.java

@@ -146,8 +146,9 @@ public class SshdContainer extends GenericContainer<SshdContainer> {
                     .withFileFromString("sshd_config", sshdConfig.build());
         }
 
+        @Override
         public void accept(@NotNull DockerfileBuilder builder) {
-            builder.from("alpine:3.18.3");
+            builder.from("alpine:3.19.0");
             builder.run("apk add --no-cache openssh");
             builder.expose(22);
             builder.copy("entrypoint.sh", "/entrypoint.sh");

src/itest/java/com/hierynomus/sshj/sftp/SftpIntegrationTest.java

@@ -0,0 +1,47 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.sftp;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
+
+import org.junit.jupiter.api.Test;
+import org.testcontainers.junit.jupiter.Container;
+import org.testcontainers.junit.jupiter.Testcontainers;
+
+import com.hierynomus.sshj.SshdContainer;
+
+import net.schmizz.sshj.SSHClient;
+import net.schmizz.sshj.sftp.FileAttributes;
+import net.schmizz.sshj.sftp.SFTPClient;
+
+@Testcontainers
+public class SftpIntegrationTest {
+    @Container
+    private static SshdContainer sshd = new SshdContainer();
+
+    @Test
+    public void shouldCheckFileExistsForNonExistingFile_GH894() throws Throwable {
+        try (SSHClient client = sshd.getConnectedClient()) {
+            client.authPublickey("sshj", "src/test/resources/id_rsa");
+            try (SFTPClient sftp = client.newSFTPClient()) {
+                String file = "/home/sshj/i_do_not_exist.txt";
+                FileAttributes exists = sftp.statExistence(file);
+                assertNull(exists);
+            }
+        }
+    }
+}

src/itest/java/com/hierynomus/sshj/transport/kex/StrictKeyExchangeTest.java

@@ -0,0 +1,153 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.transport.kex;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+import ch.qos.logback.classic.Logger;
+import ch.qos.logback.classic.spi.ILoggingEvent;
+import ch.qos.logback.core.read.ListAppender;
+import com.hierynomus.sshj.SshdContainer;
+import net.schmizz.keepalive.KeepAlive;
+import net.schmizz.keepalive.KeepAliveProvider;
+import net.schmizz.sshj.Config;
+import net.schmizz.sshj.DefaultConfig;
+import net.schmizz.sshj.SSHClient;
+import net.schmizz.sshj.common.Message;
+import net.schmizz.sshj.common.SSHPacket;
+import net.schmizz.sshj.connection.ConnectionImpl;
+import net.schmizz.sshj.transport.TransportException;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.Arguments;
+import org.junit.jupiter.params.provider.MethodSource;
+import org.slf4j.LoggerFactory;
+import org.testcontainers.junit.jupiter.Container;
+import org.testcontainers.junit.jupiter.Testcontainers;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+@Testcontainers
+class StrictKeyExchangeTest {
+
+    @Container
+    private static final SshdContainer sshd = new SshdContainer();
+
+    private final List<Logger> watchedLoggers = new ArrayList<>();
+    private final ListAppender<ILoggingEvent> logWatcher = new ListAppender<>();
+
+    @BeforeEach
+    void setUpLogWatcher() {
+        logWatcher.start();
+        setUpLogger("net.schmizz.sshj.transport.Decoder");
+        setUpLogger("net.schmizz.sshj.transport.Encoder");
+        setUpLogger("net.schmizz.sshj.transport.KeyExchanger");
+    }
+
+    @AfterEach
+    void tearDown() {
+        watchedLoggers.forEach(Logger::detachAndStopAllAppenders);
+    }
+
+    private void setUpLogger(String className) {
+        Logger logger = ((Logger) LoggerFactory.getLogger(className));
+        logger.addAppender(logWatcher);
+        watchedLoggers.add(logger);
+    }
+
+    private static Stream<Arguments> strictKeyExchange() {
+        Config defaultConfig = new DefaultConfig();
+        Config heartbeaterConfig = new DefaultConfig();
+        heartbeaterConfig.setKeepAliveProvider(new KeepAliveProvider() {
+            @Override
+            public KeepAlive provide(ConnectionImpl connection) {
+                return new HotLoopHeartbeater(connection);
+            }
+        });
+        return Stream.of(defaultConfig, heartbeaterConfig).map(Arguments::of);
+    }
+
+    @MethodSource
+    @ParameterizedTest
+    void strictKeyExchange(Config config) throws Throwable {
+        try (SSHClient client = sshd.getConnectedClient(config)) {
+            client.authPublickey("sshj", "src/itest/resources/keyfiles/id_rsa_opensshv1");
+            assertTrue(client.isAuthenticated());
+        }
+        List<String> keyExchangerLogs = getLogs("KeyExchanger");
+        assertThat(keyExchangerLogs).contains(
+            "Initiating key exchange",
+            "Sending SSH_MSG_KEXINIT",
+            "Received SSH_MSG_KEXINIT",
+            "Enabling strict key exchange extension"
+        );
+        List<String> decoderLogs = getLogs("Decoder").stream()
+            .map(log -> log.split(":")[0])
+            .collect(Collectors.toList());
+        assertThat(decoderLogs).startsWith(
+            "Received packet #0",
+            "Received packet #1",
+            "Received packet #2",
+            "Received packet #0",
+            "Received packet #1",
+            "Received packet #2",
+            "Received packet #3"
+        );
+        List<String> encoderLogs = getLogs("Encoder").stream()
+            .map(log -> log.split(":")[0])
+            .collect(Collectors.toList());
+        assertThat(encoderLogs).startsWith(
+            "Encoding packet #0",
+            "Encoding packet #1",
+            "Encoding packet #2",
+            "Encoding packet #0",
+            "Encoding packet #1",
+            "Encoding packet #2",
+            "Encoding packet #3"
+        );
+    }
+
+    private List<String> getLogs(String className) {
+        return logWatcher.list.stream()
+            .filter(event -> event.getLoggerName().endsWith(className))
+            .map(ILoggingEvent::getFormattedMessage)
+            .collect(Collectors.toList());
+    }
+
+    private static class HotLoopHeartbeater extends KeepAlive {
+
+        HotLoopHeartbeater(ConnectionImpl conn) {
+            super(conn, "sshj-Heartbeater");
+        }
+
+        @Override
+        public boolean isEnabled() {
+            return true;
+        }
+
+        @Override
+        protected void doKeepAlive() throws TransportException {
+            conn.getTransport().write(new SSHPacket(Message.IGNORE));
+        }
+
+    }
+
+}

src/main/java/com/hierynomus/sshj/sftp/RemoteResourceFilterConverter.java

@@ -0,0 +1,30 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.sftp;
+
+import com.hierynomus.sshj.sftp.RemoteResourceSelector.Result;
+import net.schmizz.sshj.sftp.RemoteResourceFilter;
+
+public class RemoteResourceFilterConverter {
+
+    public static RemoteResourceSelector selectorFrom(RemoteResourceFilter filter) {
+        if (filter == null) {
+            return RemoteResourceSelector.ALL;
+        }
+
+        return resource -> filter.accept(resource) ? Result.ACCEPT : Result.CONTINUE;
+    }
+}

src/main/java/com/hierynomus/sshj/sftp/RemoteResourceSelector.java

@@ -0,0 +1,49 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.sftp;
+
+import net.schmizz.sshj.sftp.RemoteResourceInfo;
+
+public interface RemoteResourceSelector {
+    public static RemoteResourceSelector ALL = new RemoteResourceSelector() {
+        @Override
+        public Result select(RemoteResourceInfo resource) {
+            return Result.ACCEPT;
+        }
+    };
+
+    enum Result {
+        /**
+         * Accept the remote resource and add it to the result.
+         */
+        ACCEPT,
+
+        /**
+         * Do not add the remote resource to the result and continue with the next.
+         */
+        CONTINUE,
+
+        /**
+         * Do not add the remote resource to the result and stop further execution.
+         */
+        BREAK;
+    }
+
+    /**
+     * Decide whether the remote resource should be included in the result and whether execution should continue.
+     */
+    Result select(RemoteResourceInfo resource);
+}

src/main/java/com/hierynomus/sshj/transport/verification/KnownHostMatchers.java

@@ -15,6 +15,8 @@
  */
 package com.hierynomus.sshj.transport.verification;
 
+import net.schmizz.sshj.common.Base64DecodingException;
+import net.schmizz.sshj.common.Base64Decoder;
 import net.schmizz.sshj.common.IOUtils;
 import net.schmizz.sshj.common.SSHException;
 import net.schmizz.sshj.transport.mac.MAC;
@@ -26,9 +28,13 @@ import java.util.List;
 import java.util.regex.Pattern;
 
 import com.hierynomus.sshj.transport.mac.Macs;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 public class KnownHostMatchers {
 
+    private static final Logger log = LoggerFactory.getLogger(KnownHostMatchers.class);
+
     public static HostMatcher createMatcher(String hostEntry) throws SSHException {
         if (hostEntry.contains(",")) {
             return new AnyHostMatcher(hostEntry);
@@ -80,17 +86,22 @@ public class KnownHostMatchers {
 
         @Override
         public boolean match(String hostname) throws IOException {
-            return hash.equals(hashHost(hostname));
+            try {
+                return hash.equals(hashHost(hostname));
+            } catch (Base64DecodingException err) {
+                log.warn("Hostname [{}] not matched: salt decoding failed", hostname, err);
+                return false;
+            }
         }
 
-        private String hashHost(String host) throws IOException {
+        private String hashHost(String host) throws IOException, Base64DecodingException {
             sha1.init(getSaltyBytes());
             return "|1|" + salt + "|" + Base64.getEncoder().encodeToString(sha1.doFinal(host.getBytes(IOUtils.UTF8)));
         }
 
-        private byte[] getSaltyBytes() {
+        private byte[] getSaltyBytes() throws IOException, Base64DecodingException {
             if (saltyBytes == null) {
-                saltyBytes = Base64.getDecoder().decode(salt);
+                saltyBytes = Base64Decoder.decode(salt);
             }
             return saltyBytes;
         }

src/main/java/com/hierynomus/sshj/userauth/keyprovider/OpenSSHKeyFileUtil.java

@@ -15,6 +15,8 @@
  */
 package com.hierynomus.sshj.userauth.keyprovider;
 
+import net.schmizz.sshj.common.Base64DecodingException;
+import net.schmizz.sshj.common.Base64Decoder;
 import net.schmizz.sshj.common.Buffer;
 import net.schmizz.sshj.common.KeyType;
 
@@ -23,7 +25,6 @@ import java.io.File;
 import java.io.IOException;
 import java.io.Reader;
 import java.security.PublicKey;
-import java.util.Base64;
 
 public class OpenSSHKeyFileUtil {
     private OpenSSHKeyFileUtil() {
@@ -54,9 +55,10 @@ public class OpenSSHKeyFileUtil {
                 if (!keydata.isEmpty()) {
                     String[] parts = keydata.trim().split("\\s+");
                     if (parts.length >= 2) {
+                        byte[] decodedPublicKey = Base64Decoder.decode(parts[1]);
                         return new ParsedPubKey(
                                 KeyType.fromString(parts[0]),
-                                new Buffer.PlainBuffer(Base64.getDecoder().decode(parts[1])).readPublicKey()
+                                new Buffer.PlainBuffer(decodedPublicKey).readPublicKey()
                         );
                     } else {
                         throw new IOException("Got line with only one column");
@@ -64,6 +66,8 @@ public class OpenSSHKeyFileUtil {
                 }
             }
             throw new IOException("Public key file is blank");
+        } catch (Base64DecodingException err) {
+            throw new IOException("Public key decoding failed", err);
         } finally {
             br.close();
         }

src/main/java/com/hierynomus/sshj/userauth/keyprovider/OpenSSHKeyV1KeyFile.java

@@ -20,42 +20,36 @@ import com.hierynomus.sshj.common.KeyDecryptionFailedException;
 import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 import com.hierynomus.sshj.transport.cipher.ChachaPolyCiphers;
 import com.hierynomus.sshj.transport.cipher.GcmCiphers;
+import com.hierynomus.sshj.userauth.keyprovider.bcrypt.BCrypt;
 import net.i2p.crypto.eddsa.EdDSAPrivateKey;
 import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
 import net.i2p.crypto.eddsa.spec.EdDSAPrivateKeySpec;
-import net.schmizz.sshj.common.Buffer;
+import net.schmizz.sshj.common.*;
 import net.schmizz.sshj.common.Buffer.PlainBuffer;
-import net.schmizz.sshj.common.ByteArrayUtils;
-import net.schmizz.sshj.common.IOUtils;
-import net.schmizz.sshj.common.KeyType;
-import net.schmizz.sshj.common.SSHRuntimeException;
-import net.schmizz.sshj.common.SecurityUtils;
 import net.schmizz.sshj.transport.cipher.Cipher;
 import net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider;
 import net.schmizz.sshj.userauth.keyprovider.FileKeyProvider;
 import net.schmizz.sshj.userauth.keyprovider.KeyFormat;
+import net.schmizz.sshj.userauth.password.PasswordFinder;
 import org.bouncycastle.asn1.nist.NISTNamedCurves;
 import org.bouncycastle.asn1.x9.X9ECParameters;
 import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import com.hierynomus.sshj.userauth.keyprovider.bcrypt.BCrypt;
 import org.bouncycastle.openssl.EncryptionException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.io.BufferedReader;
-import java.io.File;
-import java.io.FileReader;
-import java.io.IOException;
-import java.io.Reader;
+import java.io.*;
 import java.math.BigInteger;
 import java.nio.ByteBuffer;
 import java.nio.CharBuffer;
 import java.nio.charset.StandardCharsets;
-import java.security.*;
+import java.security.GeneralSecurityException;
+import java.security.KeyPair;
+import java.security.PrivateKey;
+import java.security.PublicKey;
 import java.security.spec.ECPrivateKeySpec;
 import java.security.spec.RSAPrivateCrtKeySpec;
 import java.util.Arrays;
-import java.util.Base64;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -89,6 +83,12 @@ public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {
 
     private PublicKey pubKey;
 
+    @Override
+    public PublicKey getPublic()
+            throws IOException {
+        return pubKey != null ? pubKey : super.getPublic();
+    }
+
     public static class Factory
             implements net.schmizz.sshj.common.Factory.Named<FileKeyProvider> {
 
@@ -106,16 +106,41 @@ public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {
     protected final Logger log = LoggerFactory.getLogger(getClass());
 
     @Override
-    public void init(File location) {
+    public void init(File location, PasswordFinder pwdf) {
         File pubKey = OpenSSHKeyFileUtil.getPublicKeyFile(location);
-        if (pubKey != null)
+        if (pubKey != null) {
             try {
                 initPubKey(new FileReader(pubKey));
             } catch (IOException e) {
                 // let super provide both public & private key
                 log.warn("Error reading public key file: {}", e.toString());
             }
-        super.init(location);
+        }
+        super.init(location, pwdf);
+    }
+
+    @Override
+    public void init(String privateKey, String publicKey, PasswordFinder pwdf) {
+        if (pubKey != null) {
+            try {
+                initPubKey(new StringReader(publicKey));
+            } catch (IOException e) {
+                log.warn("Error reading public key file: {}", e.toString());
+            }
+        }
+        super.init(privateKey, null, pwdf);
+    }
+
+    @Override
+    public void init(Reader privateKey, Reader publicKey, PasswordFinder pwdf) {
+        if (pubKey != null) {
+            try {
+                initPubKey(publicKey);
+            } catch (IOException e) {
+                log.warn("Error reading public key file: {}", e.toString());
+            }
+        }
+        super.init(privateKey, null, pwdf);
     }
 
     @Override
@@ -124,7 +149,7 @@ public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {
         try {
             if (checkHeader(reader)) {
                 final String encodedPrivateKey = readEncodedKey(reader);
-                byte[] decodedPrivateKey = Base64.getDecoder().decode(encodedPrivateKey);
+                byte[] decodedPrivateKey = Base64Decoder.decode(encodedPrivateKey);
                 final PlainBuffer bufferedPrivateKey = new PlainBuffer(decodedPrivateKey);
                 return readDecodedKeyPair(bufferedPrivateKey);
             } else {
@@ -133,6 +158,8 @@ public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {
             }
         } catch (final GeneralSecurityException e) {
             throw new SSHRuntimeException("Read OpenSSH Version 1 Key failed", e);
+        } catch (Base64DecodingException e) {
+            throw new SSHRuntimeException("Private Key decoding failed", e);
         } finally {
             IOUtils.closeQuietly(reader);
         }

src/main/java/net/schmizz/concurrent/Promise.java

@@ -104,7 +104,8 @@ public class Promise<V, T extends Throwable> {
         lock.lock();
         try {
             pendingEx = null;
-            deliver(null);
+            log.debug("Clearing <<{}>>", name);
+            val = null;
         } finally {
             lock.unlock();
         }

src/main/java/net/schmizz/sshj/Config.java

@@ -200,4 +200,8 @@ public interface Config {
      * See {@link #isVerifyHostKeyCertificates()}.
      */
     void setVerifyHostKeyCertificates(boolean value);
+
+    int getMaxCircularBufferSize();
+
+    void setMaxCircularBufferSize(int maxCircularBufferSize);
 }

src/main/java/net/schmizz/sshj/ConfigImpl.java

@@ -49,6 +49,8 @@ public class ConfigImpl
     private boolean waitForServerIdentBeforeSendingClientIdent = false;
     private LoggerFactory loggerFactory;
     private boolean verifyHostKeyCertificates = true;
+    // HF-982: default to 16MB buffers.
+    private int maxCircularBufferSize = 16 * 1024 * 1024;
 
     @Override
     public List<Factory.Named<Cipher>> getCipherFactories() {
@@ -175,6 +177,16 @@ public class ConfigImpl
         return loggerFactory;
     }
 
+    @Override
+    public int getMaxCircularBufferSize() {
+        return maxCircularBufferSize;
+    }
+
+    @Override
+    public void setMaxCircularBufferSize(int maxCircularBufferSize) {
+        this.maxCircularBufferSize = maxCircularBufferSize;
+    }
+
     @Override
     public void setLoggerFactory(LoggerFactory loggerFactory) {
         this.loggerFactory = loggerFactory;

src/main/java/net/schmizz/sshj/SSHClient.java

@@ -804,12 +804,12 @@ public class SSHClient
             throws IOException {
         super.onConnect();
         trans.init(getRemoteHostname(), getRemotePort(), getInputStream(), getOutputStream());
+        doKex();
         final KeepAlive keepAliveThread = conn.getKeepAlive();
         if (keepAliveThread.isEnabled()) {
             ThreadNameProvider.setThreadName(conn.getKeepAlive(), trans);
             keepAliveThread.start();
         }
-        doKex();
     }
 
     /**

src/main/java/net/schmizz/sshj/SocketClient.java

@@ -65,7 +65,9 @@ public abstract class SocketClient {
             this.hostname = hostname;
             this.port = port;
             socket = socketFactory.createSocket();
-            socket.connect(makeInetSocketAddress(hostname, port), connectTimeout);
+            if (! socket.isConnected()) {
+                socket.connect(makeInetSocketAddress(hostname, port), connectTimeout);
+            }
             onConnect();
         }
     }
@@ -104,7 +106,9 @@ public abstract class SocketClient {
     public void connect(InetAddress host, int port) throws IOException {
         this.port = port;
         socket = socketFactory.createSocket();
-        socket.connect(new InetSocketAddress(host, port), connectTimeout);
+        if (! socket.isConnected()) {
+            socket.connect(new InetSocketAddress(host, port), connectTimeout);
+        }
         onConnect();
     }
 

src/main/java/net/schmizz/sshj/common/Base64Decoder.java

@@ -0,0 +1,47 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.schmizz.sshj.common;
+
+import java.io.IOException;
+import java.util.Base64;
+
+/**
+ * <p>Wraps {@link java.util.Base64.Decoder} in order to wrap unchecked {@code IllegalArgumentException} thrown by
+ * the default Java Base64 decoder here and there.</p>
+ *
+ * <p>Please use this class instead of {@link java.util.Base64.Decoder}.</p>
+ */
+public class Base64Decoder {
+    private Base64Decoder() {
+    }
+
+    public static byte[] decode(byte[] source) throws Base64DecodingException {
+        try {
+            return Base64.getDecoder().decode(source);
+        } catch (IllegalArgumentException err) {
+            throw new Base64DecodingException(err);
+        }
+    }
+
+    public static byte[] decode(String src) throws Base64DecodingException {
+        try {
+            return Base64.getDecoder().decode(src);
+        } catch (IllegalArgumentException err) {
+            throw new Base64DecodingException(err);
+        }
+    }
+}

src/main/java/net/schmizz/sshj/common/Base64DecodingException.java

@@ -0,0 +1,28 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.schmizz.sshj.common;
+
+/**
+ * A checked wrapper for all {@link IllegalArgumentException}, thrown by {@link java.util.Base64.Decoder}.
+ *
+ * @see Base64Decoder
+ */
+public class Base64DecodingException extends Exception {
+    public Base64DecodingException(IllegalArgumentException cause) {
+        super("Failed to decode base64: " + cause.getMessage(), cause);
+    }
+}

src/main/java/net/schmizz/sshj/common/CircularBuffer.java

@@ -0,0 +1,194 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package net.schmizz.sshj.common;
+
+public class CircularBuffer<T extends CircularBuffer<T>> {
+
+    public static class CircularBufferException
+            extends SSHException {
+
+        public CircularBufferException(String message) {
+            super(message);
+        }
+    }
+
+    public static final class PlainCircularBuffer
+            extends CircularBuffer<PlainCircularBuffer> {
+
+        public PlainCircularBuffer(int size, int maxSize) {
+            super(size, maxSize);
+        }
+    }
+
+    /**
+     * Maximum size of the internal array (one plus the maximum capacity of the buffer).
+     */
+    private final int maxSize;
+    /**
+     * Internal array for the data. All bytes minus one can be used to avoid empty vs full ambiguity when rpos == wpos.
+     */
+    private byte[] data;
+    /**
+     * Next read position. Wraps around the end of the internal array. When it reaches wpos, the buffer becomes empty.
+     * Can take the value data.length, which is equivalent to 0.
+     */
+    private int rpos;
+    /**
+     * Next write position. Wraps around the end of the internal array. If it is equal to rpos, then the buffer is
+     * empty; the code does not allow wpos to reach rpos from the left. This implies that the buffer can store up to
+     * data.length - 1 bytes. Can take the value data.length, which is equivalent to 0.
+     */
+    private int wpos;
+
+    /**
+     * Determines the size to which to grow the internal array.
+     */
+    private int getNextSize(int currentSize) {
+        // Use next power of 2.
+        int nextSize = 1;
+        while (nextSize < currentSize) {
+            nextSize <<= 1;
+            if (nextSize <= 0) {
+                return maxSize;
+            }
+        }
+        return Math.min(nextSize, maxSize); // limit to max size
+    }
+
+    /**
+     * Creates a new circular buffer of the given size. The capacity of the buffer is one less than the size/
+     */
+    public CircularBuffer(int size, int maxSize) {
+        this.maxSize = maxSize;
+        if (size > maxSize) {
+            throw new IllegalArgumentException(
+                String.format("Initial requested size %d larger than maximum size %d", size, maxSize));
+        }
+        int initialSize = getNextSize(size);
+        this.data = new byte[initialSize];
+        this.rpos = 0;
+        this.wpos = 0;
+    }
+
+    /**
+     * Data available in the buffer for reading.
+     */
+    public int available() {
+        int available = wpos - rpos;
+        return available >= 0 ? available : available + data.length; // adjust if wpos is left of rpos
+    }
+
+    private void ensureAvailable(int a)
+            throws CircularBufferException {
+        if (available() < a) {
+            throw new CircularBufferException("Underflow");
+        }
+    }
+
+    /**
+     * Returns how many more bytes this buffer can receive.
+     */
+    public int maxPossibleRemainingCapacity() {
+        // Remaining capacity is one less than remaining space to ensure that wpos does not reach rpos from the left.
+        int remaining = rpos - wpos - 1;
+        if (remaining < 0) {
+            remaining += data.length; // adjust if rpos is left of wpos
+        }
+        // Add the maximum amount the internal array can grow.
+        return remaining + maxSize - data.length;
+    }
+
+    /**
+     * If the internal array does not have room for "capacity" more bytes, resizes the array to make that room.
+     */
+    void ensureCapacity(int capacity) throws CircularBufferException {
+        int available = available();
+        int remaining = data.length - available;
+        // If capacity fits exactly in the remaining space, expand it; otherwise, wpos would reach rpos from the left.
+        if (remaining <= capacity) {
+            int neededSize = available + capacity + 1;
+            int nextSize = getNextSize(neededSize);
+            if (nextSize < neededSize) {
+                throw new CircularBufferException("Attempted overflow");
+            }
+            byte[] tmp = new byte[nextSize];
+            // Copy data to the beginning of the new array.
+            if (wpos >= rpos) {
+                System.arraycopy(data, rpos, tmp, 0, available);
+                wpos -= rpos; // wpos must be relative to the new rpos, which will be 0
+            } else {
+                int tail = data.length - rpos;
+                System.arraycopy(data, rpos, tmp, 0, tail); // segment right of rpos
+                System.arraycopy(data, 0, tmp, tail, wpos); // segment left of wpos
+                wpos += tail; // wpos must be relative to the new rpos, which will be 0
+            }
+            rpos = 0;
+            data = tmp;
+        }
+    }
+
+    /**
+     * Reads data from this buffer into the provided array.
+     */
+    public void readRawBytes(byte[] destination, int offset, int length) throws CircularBufferException {
+        ensureAvailable(length);
+
+        int rposNext = rpos + length;
+        if (rposNext <= data.length) {
+            System.arraycopy(data, rpos, destination, offset, length);
+        } else {
+            int tail = data.length - rpos;
+            System.arraycopy(data, rpos, destination, offset, tail); // segment right of rpos
+            rposNext = length - tail; // rpos wraps around the end of the buffer
+            System.arraycopy(data, 0, destination, offset + tail, rposNext); // remainder
+        }
+        // This can make rpos equal data.length, which has the same effect as wpos being 0.
+        rpos = rposNext;
+    }
+
+    /**
+     * Writes data to this buffer from the provided array.
+     */
+    @SuppressWarnings("unchecked")
+    public T putRawBytes(byte[] source, int offset, int length) throws CircularBufferException {
+        ensureCapacity(length);
+
+        int wposNext = wpos + length;
+        if (wposNext <= data.length) {
+            System.arraycopy(source, offset, data, wpos, length);
+        } else {
+            int tail = data.length - wpos;
+            System.arraycopy(source, offset, data, wpos, tail); // segment right of wpos
+            wposNext = length - tail; // wpos wraps around the end of the buffer
+            System.arraycopy(source, offset + tail, data, 0, wposNext); // remainder
+        }
+        // This can make wpos equal data.length, which has the same effect as wpos being 0.
+        wpos = wposNext;
+
+        return (T) this;
+    }
+
+    // Used only for testing.
+    int length() {
+        return data.length;
+    }
+
+    @Override
+    public String toString() {
+        return "CircularBuffer [rpos=" + rpos + ", wpos=" + wpos + ", size=" + data.length + "]";
+    }
+
+}

src/main/java/net/schmizz/sshj/connection/channel/AbstractChannel.java

@@ -164,8 +164,7 @@ public abstract class AbstractChannel
     }
 
     @Override
-    public void handle(Message msg, SSHPacket buf)
-            throws ConnectionException, TransportException {
+    public void handle(Message msg, SSHPacket buf) throws SSHException {
         switch (msg) {
 
             case CHANNEL_DATA:
@@ -354,7 +353,7 @@ public abstract class AbstractChannel
     }
 
     protected void gotExtendedData(SSHPacket buf)
-            throws ConnectionException, TransportException {
+            throws SSHException {
         throw new ConnectionException(DisconnectReason.PROTOCOL_ERROR,
                                       "Extended data not supported on " + type + " channel");
     }
@@ -375,7 +374,7 @@ public abstract class AbstractChannel
     }
 
     protected void receiveInto(ChannelInputStream stream, SSHPacket buf)
-            throws ConnectionException, TransportException {
+            throws SSHException {
         final int len;
         try {
             len = buf.readUInt32AsInt();

src/main/java/net/schmizz/sshj/connection/channel/ChannelInputStream.java

@@ -38,7 +38,7 @@ public final class ChannelInputStream
     private final Channel chan;
     private final Transport trans;
     private final Window.Local win;
-    private final Buffer.PlainBuffer buf;
+    private final CircularBuffer.PlainCircularBuffer buf;
     private final byte[] b = new byte[1];
 
     private boolean eof;
@@ -46,10 +46,11 @@ public final class ChannelInputStream
 
     public ChannelInputStream(Channel chan, Transport trans, Window.Local win) {
         this.chan = chan;
-        log = chan.getLoggerFactory().getLogger(getClass());
+        this.log = chan.getLoggerFactory().getLogger(getClass());
         this.trans = trans;
         this.win = win;
-        buf = new Buffer.PlainBuffer(chan.getLocalMaxPacketSize());
+        this.buf = new CircularBuffer.PlainCircularBuffer(
+            chan.getLocalMaxPacketSize(), trans.getConfig().getMaxCircularBufferSize());
     }
 
     @Override
@@ -113,48 +114,44 @@ public final class ChannelInputStream
                 len = buf.available();
             }
             buf.readRawBytes(b, off, len);
-            if (buf.rpos() > win.getMaxPacketSize() && buf.available() == 0) {
-                buf.clear();
-            }
-        }
 
-        if (!chan.getAutoExpand()) {
-            checkWindow();
+            if (!chan.getAutoExpand()) {
+                checkWindow();
+            }
         }
 
         return len;
     }
 
-    public void receive(byte[] data, int offset, int len)
-            throws ConnectionException, TransportException {
+    public void receive(byte[] data, int offset, int len) throws SSHException {
         if (eof) {
             throw new ConnectionException("Getting data on EOF'ed stream");
         }
         synchronized (buf) {
             buf.putRawBytes(data, offset, len);
             buf.notifyAll();
-        }
-        // Potential fix for #203 (window consumed below 0).
-        // This seems to be a race condition if we receive more data, while we're already sending a SSH_MSG_CHANNEL_WINDOW_ADJUST
-        // And the window has not expanded yet.
-        synchronized (win) {
+            // Potential fix for #203 (window consumed below 0).
+            // This seems to be a race condition if we receive more data, while we're already sending a SSH_MSG_CHANNEL_WINDOW_ADJUST
+            // And the window has not expanded yet.
             win.consume(len);
-        }
-        if (chan.getAutoExpand()) {
-            checkWindow();
+            if (chan.getAutoExpand()) {
+                checkWindow();
+            }
         }
     }
 
-    private void checkWindow()
-            throws TransportException {
-        synchronized (win) {
-            final long adjustment = win.neededAdjustment();
-            if (adjustment > 0) {
-                log.debug("Sending SSH_MSG_CHANNEL_WINDOW_ADJUST to #{} for {} bytes", chan.getRecipient(), adjustment);
-                trans.write(new SSHPacket(Message.CHANNEL_WINDOW_ADJUST)
-                        .putUInt32FromInt(chan.getRecipient()).putUInt32(adjustment));
-                win.expand(adjustment);
-            }
+    private void checkWindow() throws TransportException {
+        /*
+         * Window must fit in remaining buffer capacity. We already expect win.size() amount of data to arrive. The
+         * difference between that and the remaining capacity is the maximum adjustment we can make to the window.
+         */
+        final long maxAdjustment = buf.maxPossibleRemainingCapacity() - win.getSize();
+        final long adjustment = Math.min(win.neededAdjustment(), maxAdjustment);
+        if (adjustment > 0) {
+            log.debug("Sending SSH_MSG_CHANNEL_WINDOW_ADJUST to #{} for {} bytes", chan.getRecipient(), adjustment);
+            trans.write(new SSHPacket(Message.CHANNEL_WINDOW_ADJUST)
+                    .putUInt32FromInt(chan.getRecipient()).putUInt32(adjustment));
+            win.expand(adjustment);
         }
     }
 

src/main/java/net/schmizz/sshj/connection/channel/direct/SessionChannel.java

@@ -210,7 +210,7 @@ public class SessionChannel
 
     @Override
     protected void gotExtendedData(SSHPacket buf)
-            throws ConnectionException, TransportException {
+            throws SSHException {
         try {
             final int dataTypeCode = buf.readUInt32AsInt();
             if (dataTypeCode == 1)
@@ -225,7 +225,9 @@ public class SessionChannel
 
     @Override
     public void notifyError(SSHException error) {
-        err.notifyError(error);
+        if (err != null) {
+            err.notifyError(error);
+        }
         super.notifyError(error);
     }
 

src/main/java/net/schmizz/sshj/sftp/RemoteDirectory.java

@@ -15,6 +15,7 @@
  */
 package net.schmizz.sshj.sftp;
 
+import com.hierynomus.sshj.sftp.RemoteResourceSelector;
 import net.schmizz.sshj.sftp.Response.StatusCode;
 
 import java.io.IOException;
@@ -22,6 +23,8 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.concurrent.TimeUnit;
 
+import static com.hierynomus.sshj.sftp.RemoteResourceFilterConverter.selectorFrom;
+
 public class RemoteDirectory
         extends RemoteResource {
 
@@ -31,37 +34,55 @@ public class RemoteDirectory
 
     public List<RemoteResourceInfo> scan(RemoteResourceFilter filter)
             throws IOException {
-        List<RemoteResourceInfo> rri = new LinkedList<RemoteResourceInfo>();
-        // TODO: Remove GOTO! 
-        loop:
-        for (; ; ) {
-            final Response res = requester.request(newRequest(PacketType.READDIR))
-                    .retrieve(requester.getTimeoutMs(), TimeUnit.MILLISECONDS);
-            switch (res.getType()) {
+        return scan(selectorFrom(filter));
+    }
 
+    public List<RemoteResourceInfo> scan(RemoteResourceSelector selector)
+            throws IOException {
+        if (selector == null) {
+            selector = RemoteResourceSelector.ALL;
+        }
+
+        List<RemoteResourceInfo> remoteResourceInfos = new LinkedList<>();
+
+        while (true) {
+            final Response response = requester.request(newRequest(PacketType.READDIR))
+                    .retrieve(requester.getTimeoutMs(), TimeUnit.MILLISECONDS);
+
+            switch (response.getType()) {
                 case NAME:
-                    final int count = res.readUInt32AsInt();
+                    final int count = response.readUInt32AsInt();
                     for (int i = 0; i < count; i++) {
-                        final String name = res.readString(requester.sub.getRemoteCharset());
-                        res.readString(); // long name - IGNORED - shdve never been in the protocol
-                        final FileAttributes attrs = res.readFileAttributes();
+                        final String name = response.readString(requester.sub.getRemoteCharset());
+                        response.readString(); // long name - IGNORED - shdve never been in the protocol
+                        final FileAttributes attrs = response.readFileAttributes();
                         final PathComponents comps = requester.getPathHelper().getComponents(path, name);
                         final RemoteResourceInfo inf = new RemoteResourceInfo(comps, attrs);
-                        if (!(".".equals(name) || "..".equals(name)) && (filter == null || filter.accept(inf))) {
-                            rri.add(inf);
+
+                        if (".".equals(name) || "..".equals(name)) {
+                            continue;
+                        }
+
+                        final RemoteResourceSelector.Result selectionResult = selector.select(inf);
+                        switch (selectionResult) {
+                            case ACCEPT:
+                                remoteResourceInfos.add(inf);
+                                break;
+                            case CONTINUE:
+                                continue;
+                            case BREAK:
+                                return remoteResourceInfos;
                         }
                     }
                     break;
 
                 case STATUS:
-                    res.ensureStatusIs(StatusCode.EOF);
-                    break loop;
+                    response.ensureStatusIs(StatusCode.EOF);
+                    return remoteResourceInfos;
 
                 default:
-                    throw new SFTPException("Unexpected packet: " + res.getType());
+                    throw new SFTPException("Unexpected packet: " + response.getType());
             }
         }
-        return rri;
     }
-
 }

src/main/java/net/schmizz/sshj/sftp/SFTPClient.java

@@ -15,6 +15,7 @@
  */
 package net.schmizz.sshj.sftp;
 
+import com.hierynomus.sshj.sftp.RemoteResourceSelector;
 import net.schmizz.sshj.connection.channel.direct.SessionFactory;
 import net.schmizz.sshj.xfer.FilePermission;
 import net.schmizz.sshj.xfer.LocalDestFile;
@@ -25,6 +26,8 @@ import java.io.Closeable;
 import java.io.IOException;
 import java.util.*;
 
+import static com.hierynomus.sshj.sftp.RemoteResourceFilterConverter.selectorFrom;
+
 public class SFTPClient
         implements Closeable {
 
@@ -57,16 +60,18 @@ public class SFTPClient
 
     public List<RemoteResourceInfo> ls(String path)
             throws IOException {
-        return ls(path, null);
+        return ls(path, RemoteResourceSelector.ALL);
     }
 
     public List<RemoteResourceInfo> ls(String path, RemoteResourceFilter filter)
             throws IOException {
-        final RemoteDirectory dir = engine.openDir(path);
-        try {
-            return dir.scan(filter);
-        } finally {
-            dir.close();
+        return ls(path, selectorFrom(filter));
+    }
+
+    public List<RemoteResourceInfo> ls(String path, RemoteResourceSelector selector)
+            throws IOException {
+        try (RemoteDirectory dir = engine.openDir(path)) {
+            return dir.scan(selector == null ? RemoteResourceSelector.ALL : selector);
         }
     }
 

src/main/java/net/schmizz/sshj/sftp/SFTPEngine.java

@@ -48,6 +48,7 @@ public class SFTPEngine
 
     protected final PathHelper pathHelper;
 
+    private final Session session;
     protected final Session.Subsystem sub;
     protected final PacketReader reader;
     protected final OutputStream out;
@@ -63,7 +64,7 @@ public class SFTPEngine
 
     public SFTPEngine(SessionFactory ssh, String pathSep)
             throws SSHException {
-        Session session = ssh.startSession();
+        session = ssh.startSession();
         loggerFactory = session.getLoggerFactory();
         log = loggerFactory.getLogger(getClass());
         sub = session.startSubsystem("sftp");
@@ -346,6 +347,7 @@ public class SFTPEngine
             throws IOException {
         sub.close();
         reader.interrupt();
+        session.close();
     }
 
     protected LoggerFactory getLoggerFactory() {

src/main/java/net/schmizz/sshj/sftp/StatefulSFTPClient.java

@@ -15,6 +15,7 @@
  */
 package net.schmizz.sshj.sftp;
 
+import com.hierynomus.sshj.sftp.RemoteResourceSelector;
 import net.schmizz.sshj.connection.channel.direct.SessionFactory;
 import net.schmizz.sshj.xfer.LocalDestFile;
 import net.schmizz.sshj.xfer.LocalSourceFile;
@@ -23,6 +24,8 @@ import java.io.IOException;
 import java.util.List;
 import java.util.Set;
 
+import static com.hierynomus.sshj.sftp.RemoteResourceFilterConverter.selectorFrom;
+
 public class StatefulSFTPClient
         extends SFTPClient {
 
@@ -57,7 +60,7 @@ public class StatefulSFTPClient
 
     public synchronized List<RemoteResourceInfo> ls()
             throws IOException {
-        return ls(cwd, null);
+        return ls(cwd, RemoteResourceSelector.ALL);
     }
 
     public synchronized List<RemoteResourceInfo> ls(RemoteResourceFilter filter)
@@ -70,20 +73,21 @@ public class StatefulSFTPClient
         return super.canonicalize(cwd);
     }
 
-    @Override
     public List<RemoteResourceInfo> ls(String path)
             throws IOException {
-        return ls(path, null);
+        return ls(path, RemoteResourceSelector.ALL);
+    }
+
+    public List<RemoteResourceInfo> ls(String path, RemoteResourceFilter filter)
+            throws IOException {
+        return ls(path, selectorFrom(filter));
     }
 
     @Override
-    public List<RemoteResourceInfo> ls(String path, RemoteResourceFilter filter)
+    public List<RemoteResourceInfo> ls(String path, RemoteResourceSelector selector)
             throws IOException {
-        final RemoteDirectory dir = getSFTPEngine().openDir(cwdify(path));
-        try {
-            return dir.scan(filter);
-        } finally {
-            dir.close();
+        try (RemoteDirectory dir = getSFTPEngine().openDir(cwdify(path))) {
+            return dir.scan(selector == null ? RemoteResourceSelector.ALL : selector);
         }
     }
 

src/main/java/net/schmizz/sshj/transport/Converter.java

@@ -51,6 +51,14 @@ abstract class Converter {
         return seq;
     }
 
+    void resetSequenceNumber() {
+        seq = -1;
+    }
+
+    boolean isSequenceNumberAtMax() {
+        return seq == 0xffffffffL;
+    }
+
     void setAlgorithms(Cipher cipher, MAC mac, Compression compression) {
         this.cipher = cipher;
         this.mac = mac;

src/main/java/net/schmizz/sshj/transport/KeyExchanger.java

@@ -60,6 +60,10 @@ final class KeyExchanger
 
     private final AtomicBoolean kexOngoing = new AtomicBoolean();
 
+    private final AtomicBoolean initialKex = new AtomicBoolean(true);
+
+    private final AtomicBoolean strictKex = new AtomicBoolean();
+
     /** What we are expecting from the next packet */
     private Expected expected = Expected.KEXINIT;
 
@@ -123,6 +127,14 @@ final class KeyExchanger
         return kexOngoing.get();
     }
 
+    boolean isStrictKex() {
+        return strictKex.get();
+    }
+
+    boolean isInitialKex() {
+        return initialKex.get();
+    }
+
     /**
      * Starts key exchange by sending a {@code SSH_MSG_KEXINIT} packet. Key exchange needs to be done once mandatorily
      * after initializing the {@link Transport} for it to be usable and may be initiated at any later point e.g. if
@@ -183,7 +195,7 @@ final class KeyExchanger
             throws TransportException {
         log.debug("Sending SSH_MSG_KEXINIT");
         List<String> knownHostAlgs = findKnownHostAlgs(transport.getRemoteHost(), transport.getRemotePort());
-        clientProposal = new Proposal(transport.getConfig(), knownHostAlgs);
+        clientProposal = new Proposal(transport.getConfig(), knownHostAlgs, initialKex.get());
         transport.write(clientProposal.getPacket());
         kexInitSent.set();
     }
@@ -202,6 +214,9 @@ final class KeyExchanger
             throws TransportException {
         log.debug("Sending SSH_MSG_NEWKEYS");
         transport.write(new SSHPacket(Message.NEWKEYS));
+        if (strictKex.get()) {
+            transport.getEncoder().resetSequenceNumber();
+        }
     }
 
     /**
@@ -234,6 +249,10 @@ final class KeyExchanger
 
     private void setKexDone() {
         kexOngoing.set(false);
+        initialKex.set(false);
+        if (strictKex.get()) {
+            transport.getDecoder().resetSequenceNumber();
+        }
         kexInitSent.clear();
         done.set();
     }
@@ -242,6 +261,7 @@ final class KeyExchanger
             throws TransportException {
         buf.rpos(buf.rpos() - 1);
         final Proposal serverProposal = new Proposal(buf);
+        gotStrictKexInfo(serverProposal);
         negotiatedAlgs = clientProposal.negotiate(serverProposal);
         log.debug("Negotiated algorithms: {}", negotiatedAlgs);
         for(AlgorithmsVerifier v: algorithmVerifiers) {
@@ -265,6 +285,18 @@ final class KeyExchanger
         }
     }
 
+    private void gotStrictKexInfo(Proposal serverProposal) throws TransportException {
+        if (initialKex.get() && serverProposal.isStrictKeyExchangeSupportedByServer()) {
+            strictKex.set(true);
+            log.debug("Enabling strict key exchange extension");
+            if (transport.getDecoder().getSequenceNumber() != 0) {
+                throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED,
+                    "SSH_MSG_KEXINIT was not first package during strict key exchange"
+                );
+            }
+        }
+    }
+
     /**
      * Private method used while putting new keys into use that will resize the key used to initialize the cipher to the
      * needed length.

src/main/java/net/schmizz/sshj/transport/Proposal.java

@@ -37,8 +37,11 @@ class Proposal {
     private final List<String> s2cComp;
     private final SSHPacket packet;
 
-    public Proposal(Config config, List<String> knownHostAlgs) {
+    public Proposal(Config config, List<String> knownHostAlgs, boolean initialKex) {
         kex = Factory.Named.Util.getNames(config.getKeyExchangeFactories());
+        if (initialKex) {
+            kex.add("kex-strict-c-v00@openssh.com");
+        }
         sig = filterKnownHostKeyAlgorithms(Factory.Named.Util.getNames(config.getKeyAlgorithms()), knownHostAlgs);
         c2sCipher = s2cCipher = Factory.Named.Util.getNames(config.getCipherFactories());
         c2sMAC = s2cMAC = Factory.Named.Util.getNames(config.getMACFactories());
@@ -91,6 +94,10 @@ class Proposal {
         return kex;
     }
 
+    public boolean isStrictKeyExchangeSupportedByServer() {
+        return kex.contains("kex-strict-s-v00@openssh.com");
+    }
+
     public List<String> getHostKeyAlgorithms() {
         return sig;
     }

src/main/java/net/schmizz/sshj/transport/TransportImpl.java

@@ -420,13 +420,13 @@ public final class TransportImpl
         try {
 
             if (kexer.isKexOngoing()) {
-                // Only transport layer packets (1 to 49) allowed except SERVICE_REQUEST
+                // Only transport layer packets (1 to 49) allowed except SERVICE_REQUEST and IGNORE
                 final Message m = Message.fromByte(payload.array()[payload.rpos()]);
-                if (!m.in(1, 49) || m == Message.SERVICE_REQUEST) {
+                if (!m.in(1, 49) || m == Message.SERVICE_REQUEST || m == Message.IGNORE) {
                     assert m != Message.KEXINIT;
                     kexer.waitForDone();
                 }
-            } else if (encoder.getSequenceNumber() == 0) // We get here every 2**32th packet
+            } else if (encoder.isSequenceNumberAtMax()) // We get here every 2**32th packet
                 kexer.startKex(true);
 
             final long seq = encoder.encode(payload);
@@ -479,9 +479,20 @@ public final class TransportImpl
 
         log.trace("Received packet {}", msg);
 
+        if (kexer.isInitialKex()) {
+            if (decoder.isSequenceNumberAtMax()) {
+                throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED,
+                    "Sequence number of decoder is about to wrap during initial key exchange");
+            }
+            if (kexer.isStrictKex() && !isKexerPacket(msg) && msg != Message.DISCONNECT) {
+                throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED,
+                    "Unexpected packet type during initial strict key exchange");
+            }
+        }
+
         if (msg.geq(50)) { // not a transport layer packet
             service.handle(msg, buf);
-        } else if (msg.in(20, 21) || msg.in(30, 49)) { // kex packet
+        } else if (isKexerPacket(msg)) {
             kexer.handle(msg, buf);
         } else {
             switch (msg) {
@@ -513,6 +524,10 @@ public final class TransportImpl
         }
     }
 
+    private static boolean isKexerPacket(Message msg) {
+        return msg.in(20, 21) || msg.in(30, 49);
+    }
+
     private void gotDebug(SSHPacket buf)
             throws TransportException {
         try {

src/main/java/net/schmizz/sshj/transport/kex/Curve25519DH.java

@@ -34,13 +34,14 @@ public class Curve25519DH extends DHBase {
 
     private static final String ALGORITHM = "X25519";
 
-    private static final int ENCODED_ALGORITHM_ID_KEY_LENGTH = 44;
-
-    private static final int ALGORITHM_ID_LENGTH = 12;
-
     private static final int KEY_LENGTH = 32;
 
-    private final byte[] algorithmId = new byte[ALGORITHM_ID_LENGTH];
+    private int encodedKeyLength;
+
+    private int algorithmIdLength;
+
+    // Algorithm Identifier is set on Key Agreement Initialization
+    private byte[] algorithmId = new byte[KEY_LENGTH];
 
     public Curve25519DH() {
         super(ALGORITHM, ALGORITHM);
@@ -81,23 +82,24 @@ public class Curve25519DH extends DHBase {
     private void setPublicKey(final PublicKey publicKey) {
         final byte[] encoded = publicKey.getEncoded();
 
-        // Encoded public key consists of the algorithm identifier and public key
-        if (encoded.length == ENCODED_ALGORITHM_ID_KEY_LENGTH) {
-            final byte[] publicKeyEncoded = new byte[KEY_LENGTH];
-            System.arraycopy(encoded, ALGORITHM_ID_LENGTH, publicKeyEncoded, 0, KEY_LENGTH);
-            setE(publicKeyEncoded);
+        // Set key and algorithm identifier lengths based on initialized Public Key
+        encodedKeyLength = encoded.length;
+        algorithmIdLength = encodedKeyLength - KEY_LENGTH;
+        algorithmId = new byte[algorithmIdLength];
 
-            // Save Algorithm Identifier byte array
-            System.arraycopy(encoded, 0, algorithmId, 0, ALGORITHM_ID_LENGTH);
-        } else {
-            throw new IllegalArgumentException(String.format("X25519 unsupported public key length [%d]", encoded.length));
-        }
+        // Encoded public key consists of the algorithm identifier and public key
+        final byte[] publicKeyEncoded = new byte[KEY_LENGTH];
+        System.arraycopy(encoded, algorithmIdLength, publicKeyEncoded, 0, KEY_LENGTH);
+        setE(publicKeyEncoded);
+
+        // Save Algorithm Identifier byte array
+        System.arraycopy(encoded, 0, algorithmId, 0, algorithmIdLength);
     }
 
     private KeySpec getPeerPublicKeySpec(final byte[] peerPublicKey) {
-        final byte[] encodedKeySpec = new byte[ENCODED_ALGORITHM_ID_KEY_LENGTH];
-        System.arraycopy(algorithmId, 0, encodedKeySpec, 0, ALGORITHM_ID_LENGTH);
-        System.arraycopy(peerPublicKey, 0, encodedKeySpec, ALGORITHM_ID_LENGTH, KEY_LENGTH);
+        final byte[] encodedKeySpec = new byte[encodedKeyLength];
+        System.arraycopy(algorithmId, 0, encodedKeySpec, 0, algorithmIdLength);
+        System.arraycopy(peerPublicKey, 0, encodedKeySpec, algorithmIdLength, KEY_LENGTH);
         return new X509EncodedKeySpec(encodedKeySpec);
     }
 }

src/main/java/net/schmizz/sshj/transport/verification/OpenSSHKnownHosts.java

@@ -18,13 +18,7 @@ package net.schmizz.sshj.transport.verification;
 import com.hierynomus.sshj.common.KeyAlgorithm;
 import com.hierynomus.sshj.transport.verification.KnownHostMatchers;
 import com.hierynomus.sshj.userauth.certificate.Certificate;
-import net.schmizz.sshj.common.Buffer;
-import net.schmizz.sshj.common.IOUtils;
-import net.schmizz.sshj.common.KeyType;
-import net.schmizz.sshj.common.LoggerFactory;
-import net.schmizz.sshj.common.SSHException;
-import net.schmizz.sshj.common.SSHRuntimeException;
-import net.schmizz.sshj.common.SecurityUtils;
+import net.schmizz.sshj.common.*;
 import org.slf4j.Logger;
 
 import java.io.BufferedOutputStream;
@@ -41,6 +35,7 @@ import java.security.KeyFactory;
 import java.security.PublicKey;
 import java.security.spec.RSAPublicKeySpec;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Base64;
 import java.util.List;
 
@@ -289,10 +284,10 @@ public class OpenSSHKnownHosts
             if (type != KeyType.UNKNOWN) {
                 final String sKey = split[i++];
                 try {
-                    byte[] keyBytes = Base64.getDecoder().decode(sKey);
+                    byte[] keyBytes = Base64Decoder.decode(sKey);
                     key = new Buffer.PlainBuffer(keyBytes).readPublicKey();
-                } catch (IOException ioe) {
-                    log.warn("Error decoding Base64 key bytes", ioe);
+                } catch (IOException | Base64DecodingException exception) {
+                    log.warn("Error decoding Base64 key bytes", exception);
                     return new BadHostEntry(line);
                 }
             } else if (isBits(sType)) {
@@ -468,7 +463,8 @@ public class OpenSSHKnownHosts
         }
 
         private String getKeyString(PublicKey pk) {
-            return Base64.getEncoder().encodeToString(pk.getEncoded());
+            final Buffer.PlainBuffer buf = new Buffer.PlainBuffer().putPublicKey(pk);
+            return Base64.getEncoder().encodeToString(Arrays.copyOfRange(buf.array(), buf.rpos(), buf.available()));
         }
 
         protected String getHostPart() {

src/main/java/net/schmizz/sshj/userauth/keyprovider/BaseFileKeyProvider.java

@@ -34,38 +34,47 @@ public abstract class BaseFileKeyProvider implements FileKeyProvider {
 
     @Override
     public void init(Reader location) {
-        assert location != null;
-        resource = new PrivateKeyReaderResource(location);
+        this.init(location, (PasswordFinder) null);
     }
 
     @Override
     public void init(Reader location, PasswordFinder pwdf) {
-        init(location);
+        this.init(location, null, pwdf);
+    }
+
+    @Override
+    public void init(Reader privateKey, Reader publicKey) {
+        this.init(privateKey, publicKey, null);
+    }
+
+    @Override
+    public void init(Reader privateKey, Reader publicKey, PasswordFinder pwdf) {
+        assert publicKey == null;
+        this.resource = new PrivateKeyReaderResource(privateKey);
         this.pwdf = pwdf;
     }
 
     @Override
     public void init(File location) {
-        assert location != null;
-        resource = new PrivateKeyFileResource(location.getAbsoluteFile());
+        this.init(location, null);
     }
 
     @Override
     public void init(File location, PasswordFinder pwdf) {
-        init(location);
+        this.resource = new PrivateKeyFileResource(location.getAbsoluteFile());
         this.pwdf = pwdf;
     }
 
     @Override
     public void init(String privateKey, String publicKey) {
-        assert privateKey != null;
-        assert publicKey == null;
-        resource = new PrivateKeyStringResource(privateKey);
+        this.init(privateKey, publicKey, null);
     }
 
     @Override
     public void init(String privateKey, String publicKey, PasswordFinder pwdf) {
-        init(privateKey, publicKey);
+        assert privateKey != null;
+        assert publicKey == null;
+        this.resource = new PrivateKeyStringResource(privateKey);
         this.pwdf = pwdf;
     }
 

src/main/java/net/schmizz/sshj/userauth/keyprovider/FileKeyProvider.java

@@ -30,6 +30,10 @@ public interface FileKeyProvider
 
     void init(Reader location);
 
+    void init(Reader privateKey, Reader publicKey);
+
+    void init(Reader privateKey, Reader publicKey, PasswordFinder pwdf);
+
     void init(Reader location, PasswordFinder pwdf);
 
     void init(String privateKey, String publicKey);

src/main/java/net/schmizz/sshj/userauth/keyprovider/OpenSSHKeyFile.java

@@ -16,6 +16,7 @@
 package net.schmizz.sshj.userauth.keyprovider;
 
 import com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyFileUtil;
+import net.schmizz.sshj.userauth.password.PasswordFinder;
 
 import java.io.*;
 import java.security.PublicKey;
@@ -54,21 +55,22 @@ public class OpenSSHKeyFile
     }
 
     @Override
-    public void init(File location) {
+    public void init(File location, PasswordFinder pwdf) {
         // try cert key location first
         File pubKey = OpenSSHKeyFileUtil.getPublicKeyFile(location);
-        if (pubKey != null)
+        if (pubKey != null) {
             try {
                 initPubKey(new FileReader(pubKey));
             } catch (IOException e) {
                 // let super provide both public & private key
                 log.warn("Error reading public key file: {}", e.toString());
             }
-        super.init(location);
+        }
+        super.init(location, pwdf);
     }
 
     @Override
-    public void init(String privateKey, String publicKey) {
+    public void init(String privateKey, String publicKey, PasswordFinder pwdf) {
         if (publicKey != null) {
             try {
                 initPubKey(new StringReader(publicKey));
@@ -77,7 +79,20 @@ public class OpenSSHKeyFile
                 log.warn("Error reading public key: {}", e.toString());
             }
         }
-        super.init(privateKey, null);
+        super.init(privateKey, null, pwdf);
+    }
+
+    @Override
+    public void init(Reader privateKey, Reader publicKey, PasswordFinder pwdf) {
+        if (publicKey != null) {
+            try {
+                initPubKey(publicKey);
+            } catch (IOException e) {
+                // let super provide both public & private key
+                log.warn("Error reading public key: {}", e.toString());
+            }
+        }
+        super.init(privateKey, null, pwdf);
     }
 
     /**

src/main/java/net/schmizz/sshj/userauth/keyprovider/PuTTYKeyFile.java

@@ -22,9 +22,7 @@ import net.i2p.crypto.eddsa.spec.EdDSANamedCurveSpec;
 import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
 import net.i2p.crypto.eddsa.spec.EdDSAPrivateKeySpec;
 import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec;
-import net.schmizz.sshj.common.Buffer;
-import net.schmizz.sshj.common.KeyType;
-import net.schmizz.sshj.common.SecurityUtils;
+import net.schmizz.sshj.common.*;
 import net.schmizz.sshj.userauth.password.PasswordUtils;
 import org.bouncycastle.asn1.nist.NISTNamedCurves;
 import org.bouncycastle.asn1.x9.X9ECParameters;
@@ -42,7 +40,6 @@ import java.math.BigInteger;
 import java.security.*;
 import java.security.spec.*;
 import java.util.Arrays;
-import java.util.Base64;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -240,29 +237,34 @@ public class PuTTYKeyFile extends BaseFileKeyProvider {
         if (this.keyFileVersion == null) {
             throw new IOException("Invalid key file format: missing \"PuTTY-User-Key-File-?\" entry");
         }
-        // Retrieve keys from payload
-        publicKey = Base64.getDecoder().decode(payload.get("Public-Lines"));
-        if (this.isEncrypted()) {
-            final char[] passphrase;
-            if (pwdf != null) {
-                passphrase = pwdf.reqPassword(resource);
-            } else {
-                passphrase = "".toCharArray();
-            }
-            try {
-                privateKey = this.decrypt(Base64.getDecoder().decode(payload.get("Private-Lines")), passphrase);
-                Mac mac;
-                if (this.keyFileVersion <= 2) {
-                    mac = this.prepareVerifyMacV2(passphrase);
+        try {
+            // Retrieve keys from payload
+            publicKey = Base64Decoder.decode(payload.get("Public-Lines"));
+            if (this.isEncrypted()) {
+                final char[] passphrase;
+                if (pwdf != null) {
+                    passphrase = pwdf.reqPassword(resource);
                 } else {
-                    mac = this.prepareVerifyMacV3();
+                    passphrase = "".toCharArray();
                 }
-                this.verify(mac);
-            } finally {
-                PasswordUtils.blankOut(passphrase);
+                try {
+                    privateKey = this.decrypt(Base64Decoder.decode(payload.get("Private-Lines")), passphrase);
+                    Mac mac;
+                    if (this.keyFileVersion <= 2) {
+                        mac = this.prepareVerifyMacV2(passphrase);
+                    } else {
+                        mac = this.prepareVerifyMacV3();
+                    }
+                    this.verify(mac);
+                } finally {
+                    PasswordUtils.blankOut(passphrase);
+                }
+            } else {
+                privateKey = Base64Decoder.decode(payload.get("Private-Lines"));
             }
-        } else {
-            privateKey = Base64.getDecoder().decode(payload.get("Private-Lines"));
+        }
+        catch (Base64DecodingException e) {
+            throw new IOException("PuTTY key decoding failed", e);
         }
     }
 

src/main/java/net/schmizz/sshj/xfer/scp/SCPDownloadClient.java

@@ -45,9 +45,20 @@ public class SCPDownloadClient extends AbstractSCPClient {
 
     public synchronized int copy(String sourcePath, LocalDestFile targetFile, ScpCommandLine.EscapeMode escapeMode)
             throws IOException {
+        ScpCommandLine commandLine = ScpCommandLine.with(ScpCommandLine.Arg.SOURCE)
+                                                   .and(ScpCommandLine.Arg.QUIET)
+                                                   .and(ScpCommandLine.Arg.PRESERVE_TIMES)
+                                                   .and(ScpCommandLine.Arg.RECURSIVE, recursiveMode)
+                                                   .and(ScpCommandLine.Arg.LIMIT, String.valueOf(bandwidthLimit), (bandwidthLimit > 0));
+        return copy(sourcePath, targetFile, escapeMode, commandLine);
+    }
+
+    public synchronized int copy(String sourcePath, LocalDestFile targetFile, ScpCommandLine.EscapeMode escapeMode, ScpCommandLine commandLine)
+            throws IOException {
         engine.cleanSlate();
         try {
-            startCopy(sourcePath, targetFile, escapeMode);
+            commandLine.withPath(sourcePath, escapeMode);
+            startCopy(targetFile, commandLine);
         } finally {
             engine.exit();
         }
@@ -62,14 +73,7 @@ public class SCPDownloadClient extends AbstractSCPClient {
         this.recursiveMode = recursive;
     }
 
-    private void startCopy(String sourcePath, LocalDestFile targetFile, ScpCommandLine.EscapeMode escapeMode)
-            throws IOException {
-        ScpCommandLine commandLine = ScpCommandLine.with(ScpCommandLine.Arg.SOURCE)
-                            .and(ScpCommandLine.Arg.QUIET)
-                            .and(ScpCommandLine.Arg.PRESERVE_TIMES)
-                            .and(ScpCommandLine.Arg.RECURSIVE, recursiveMode)
-                            .and(ScpCommandLine.Arg.LIMIT, String.valueOf(bandwidthLimit), (bandwidthLimit > 0));
-        commandLine.withPath(sourcePath, escapeMode);
+    private void startCopy(LocalDestFile targetFile, ScpCommandLine commandLine) throws IOException {
         engine.execSCPWith(commandLine);
 
         engine.signal("Start status OK");

src/main/java/net/schmizz/sshj/xfer/scp/SCPEngine.java

@@ -19,6 +19,7 @@ import net.schmizz.sshj.common.IOUtils;
 import net.schmizz.sshj.common.LoggerFactory;
 import net.schmizz.sshj.common.SSHException;
 import net.schmizz.sshj.common.StreamCopier;
+import net.schmizz.sshj.connection.channel.direct.Session;
 import net.schmizz.sshj.connection.channel.direct.Session.Command;
 import net.schmizz.sshj.connection.channel.direct.SessionFactory;
 import net.schmizz.sshj.xfer.TransferListener;
@@ -41,6 +42,7 @@ class SCPEngine {
     private final SessionFactory host;
     private final TransferListener listener;
 
+    private Session session;
     private Command scp;
     private int exitStatus;
 
@@ -82,7 +84,8 @@ class SCPEngine {
 
     void execSCPWith(ScpCommandLine commandLine)
             throws SSHException {
-        scp = host.startSession().exec(commandLine.toCommandLine());
+        session = host.startSession();
+        scp = session.exec(commandLine.toCommandLine());
     }
 
     void exit() {
@@ -102,6 +105,10 @@ class SCPEngine {
                 log.warn("SCP exit signal: {}", scp.getExitSignal());
             }
         }
+        if(session != null) {
+            IOUtils.closeQuietly(session);
+            session = null;
+        }
 
         scp = null;
     }

src/main/java/net/schmizz/sshj/xfer/scp/SCPUploadClient.java

@@ -20,6 +20,7 @@ import net.schmizz.sshj.common.StreamCopier;
 import net.schmizz.sshj.xfer.LocalFileFilter;
 import net.schmizz.sshj.xfer.LocalSourceFile;
 import net.schmizz.sshj.xfer.TransferListener;
+import net.schmizz.sshj.xfer.scp.ScpCommandLine.Arg;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -43,37 +44,44 @@ public class SCPUploadClient extends AbstractSCPClient {
         return copy(sourceFile, remotePath, ScpCommandLine.EscapeMode.SingleQuote);
     }
 
-    public synchronized int copy (LocalSourceFile sourceFile, String remotePath, ScpCommandLine.EscapeMode escapeMode) throws IOException {
+    public synchronized int copy(LocalSourceFile sourceFile, String remotePath, ScpCommandLine.EscapeMode escapeMode)
+            throws IOException {
         return copy(sourceFile, remotePath, escapeMode, true);
     }
 
     public synchronized int copy(LocalSourceFile sourceFile, String remotePath, ScpCommandLine.EscapeMode escapeMode, boolean preserveTimes)
-        throws IOException {
+            throws IOException {
+        ScpCommandLine commandLine = ScpCommandLine.with(ScpCommandLine.Arg.SINK)
+                .and(ScpCommandLine.Arg.RECURSIVE)
+                .and(ScpCommandLine.Arg.LIMIT, String.valueOf(bandwidthLimit), (bandwidthLimit > 0));
+        if (preserveTimes) {
+            commandLine.and(ScpCommandLine.Arg.PRESERVE_TIMES, sourceFile.providesAtimeMtime());
+        }
+        return copy(sourceFile, remotePath, escapeMode, commandLine);
+    }
+
+    public synchronized int copy(LocalSourceFile sourceFile, String remotePath, ScpCommandLine.EscapeMode escapeMode, ScpCommandLine commandLine)
+            throws IOException {
         engine.cleanSlate();
         try {
-            startCopy(sourceFile, remotePath, escapeMode, preserveTimes);
+            commandLine.withPath(remotePath, escapeMode);
+            startCopy(sourceFile, commandLine);
         } finally {
             engine.exit();
         }
         return engine.getExitStatus();
     }
 
+
     public void setUploadFilter(LocalFileFilter uploadFilter) {
         this.uploadFilter = uploadFilter;
     }
 
-    private void startCopy(LocalSourceFile sourceFile, String targetPath, ScpCommandLine.EscapeMode escapeMode, boolean preserveTimes)
+    private void startCopy(LocalSourceFile sourceFile, ScpCommandLine commandLine)
         throws IOException {
-        ScpCommandLine commandLine = ScpCommandLine.with(ScpCommandLine.Arg.SINK)
-            .and(ScpCommandLine.Arg.RECURSIVE)
-            .and(ScpCommandLine.Arg.LIMIT, String.valueOf(bandwidthLimit), (bandwidthLimit > 0));
-        if (preserveTimes) {
-            commandLine.and(ScpCommandLine.Arg.PRESERVE_TIMES, sourceFile.providesAtimeMtime());
-        }
-        commandLine.withPath(targetPath, escapeMode);
         engine.execSCPWith(commandLine);
         engine.check("Start status OK");
-        process(engine.getTransferListener(), sourceFile, preserveTimes);
+        process(engine.getTransferListener(), sourceFile, commandLine.has(Arg.PRESERVE_TIMES));
     }
 
     private void process(TransferListener listener, LocalSourceFile f, boolean preserveTimes)

src/main/java/net/schmizz/sshj/xfer/scp/ScpCommandLine.java

@@ -24,7 +24,7 @@ public class ScpCommandLine {
     private static final String SCP_COMMAND = "scp";
     private EscapeMode mode;
 
-    enum Arg {
+    public enum Arg {
         SOURCE('f'),
         SINK('t'),
         RECURSIVE('r'),
@@ -77,19 +77,19 @@ public class ScpCommandLine {
     ScpCommandLine() {
     }
 
-    static ScpCommandLine with(Arg name) {
+    public static ScpCommandLine with(Arg name) {
         return with(name, null, true);
     }
 
-    static ScpCommandLine with(Arg name, String value) {
+    public static ScpCommandLine with(Arg name, String value) {
         return with(name, value, true);
     }
 
-    static ScpCommandLine with(Arg name, boolean accept) {
+    public static ScpCommandLine with(Arg name, boolean accept) {
         return with(name, null, accept);
     }
 
-    static ScpCommandLine with(Arg name, String value, boolean accept) {
+    public static ScpCommandLine with(Arg name, String value, boolean accept) {
         ScpCommandLine commandLine = new ScpCommandLine();
         commandLine.addArgument(name, value, accept);
         return commandLine;
@@ -101,22 +101,22 @@ public class ScpCommandLine {
         }
     }
 
-    ScpCommandLine and(Arg name) {
+    public ScpCommandLine and(Arg name) {
         addArgument(name, null, true);
         return this;
     }
 
-    ScpCommandLine and(Arg name, String value) {
+    public ScpCommandLine and(Arg name, String value) {
         addArgument(name, value, true);
         return this;
     }
 
-    ScpCommandLine and(Arg name, boolean accept) {
+    public ScpCommandLine and(Arg name, boolean accept) {
         addArgument(name, null, accept);
         return this;
     }
 
-    ScpCommandLine and(Arg name, String value, boolean accept) {
+    public ScpCommandLine and(Arg name, String value, boolean accept) {
         addArgument(name, value, accept);
         return this;
     }
@@ -127,6 +127,10 @@ public class ScpCommandLine {
         return this;
     }
 
+    boolean has(Arg arg) {
+        return arguments.containsKey(arg);
+    }
+
     String toCommandLine() {
         final StringBuilder cmd = new StringBuilder(SCP_COMMAND);
         for (Arg arg : arguments.keySet()) {

src/test/groovy/com/hierynomus/sshj/sftp/SFTPClientSpec.groovy

@@ -19,6 +19,7 @@ import com.hierynomus.sshj.test.SshServerExtension
 import com.hierynomus.sshj.test.util.FileUtil
 import net.schmizz.sshj.SSHClient
 import net.schmizz.sshj.sftp.FileMode
+import net.schmizz.sshj.sftp.RemoteResourceInfo
 import net.schmizz.sshj.sftp.SFTPClient
 import org.junit.jupiter.api.extension.RegisterExtension
 import spock.lang.Specification
@@ -206,6 +207,60 @@ class SFTPClientSpec extends Specification {
         attrs.type == FileMode.Type.DIRECTORY
     }
 
+    def "should support premature termination of listing"() {
+        given:
+        SSHClient sshClient = fixture.setupConnectedDefaultClient()
+        sshClient.authPassword("test", "test")
+        SFTPClient sftpClient = sshClient.newSFTPClient()
+
+        final Path source = Files.createDirectory(temp.resolve("source")).toAbsolutePath()
+        final Path destination = Files.createDirectory(temp.resolve("destination")).toAbsolutePath()
+        final Path firstFile = Files.writeString(source.resolve("a_first.txt"), "first")
+        final Path secondFile = Files.writeString(source.resolve("b_second.txt"), "second")
+        final Path thirdFile = Files.writeString(source.resolve("c_third.txt"), "third")
+        final Path fourthFile = Files.writeString(source.resolve("d_fourth.txt"), "fourth")
+        sftpClient.put(firstFile.toString(), destination.resolve(firstFile.fileName).toString())
+        sftpClient.put(secondFile.toString(), destination.resolve(secondFile.fileName).toString())
+        sftpClient.put(thirdFile.toString(), destination.resolve(thirdFile.fileName).toString())
+        sftpClient.put(fourthFile.toString(), destination.resolve(fourthFile.fileName).toString())
+
+        def filesListed = 0
+        RemoteResourceInfo expectedFile = null
+        RemoteResourceSelector limitingSelector = new RemoteResourceSelector() {
+            @Override
+            RemoteResourceSelector.Result select(RemoteResourceInfo resource) {
+                filesListed += 1
+
+                switch(filesListed) {
+                    case 1:
+                        return RemoteResourceSelector.Result.CONTINUE
+                    case 2:
+                        expectedFile = resource
+                        return RemoteResourceSelector.Result.ACCEPT
+                    case 3:
+                        return RemoteResourceSelector.Result.BREAK
+                    default:
+                        throw new AssertionError((Object) "Should NOT select any more resources")
+                }
+            }
+        }
+
+        when:
+        def listingResult = sftpClient
+                .ls(destination.toString(), limitingSelector);
+
+        then:
+        // first should be skipped by CONTINUE
+        listingResult.contains(expectedFile) // second should be included by ACCEPT
+        // third should be skipped by BREAK
+        // fourth should be skipped by preceding BREAK
+        listingResult.size() == 1
+
+        cleanup:
+        sftpClient.close()
+        sshClient.disconnect()
+    }
+
     private void doUpload(File src, File dest) throws IOException {
         SSHClient sshClient = fixture.setupConnectedDefaultClient()
         sshClient.authPassword("test", "test")

src/test/groovy/com/hierynomus/sshj/transport/verification/KnownHostMatchersSpec.groovy

@@ -1,59 +0,0 @@
-/*
- * Copyright (C)2009 - SSHJ Contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.hierynomus.sshj.transport.verification
-
-import spock.lang.Specification
-import spock.lang.Unroll
-
-class KnownHostMatchersSpec extends Specification {
-
-    @Unroll
-    def "should #yesno match host #host with pattern #pattern"() {
-        given:
-        def matcher = KnownHostMatchers.createMatcher(pattern)
-
-        expect:
-        match == matcher.match(host)
-
-        where:
-        pattern       | host          | match
-        "aaa.bbb.com" | "aaa.bbb.com" | true
-        "aaa.bbb.com" | "aaa.ccc.com" | false
-        "*.bbb.com"   | "aaa.bbb.com" | true
-        "*.bbb.com"   | "aaa.ccc.com" | false
-        "aaa.*.com"   | "aaa.bbb.com" | true
-        "aaa.*.com"   | "aaa.ccc.com" | true
-        "aaa.bbb.*" | "aaa.bbb.com" | true
-        "aaa.bbb.*" | "aaa.ccc.com" | false
-        "!*.bbb.com" | "aaa.bbb.com" | false
-        "!*.bbb.com" | "aaa.ccc.com" | true
-        "aaa.bbb.com,!*.ccc.com" | "xxx.yyy.com" | true
-        "aaa.bbb.com,!*.ccc.com" | "aaa.bbb.com" | true
-        "aaa.bbb.com,!*.ccc.com" | "aaa.ccc.com" | false
-        "aaa.b??.com" | "aaa.bbb.com" | true
-        "aaa.b??.com" | "aaa.bcd.com" | true
-        "aaa.b??.com" | "aaa.ccd.com" | false
-        "aaa.b??.com" | "aaa.bccd.com" | false
-        "|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg=" | "192.168.1.61" | true
-        "|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg=" | "192.168.2.61" | false
-        "[aaa.bbb.com]:2222" | "aaa.bbb.com" | false
-        "[aaa.bbb.com]:2222" | "[aaa.bbb.com]:2222" | true
-        "[aaa.?bb.com]:2222" | "[aaa.dbb.com]:2222" | true
-        "[aaa.?xb.com]:2222" | "[aaa.dbb.com]:2222" | false
-        "[*.bbb.com]:2222" | "[aaa.bbb.com]:2222" | true
-        yesno = match ? "" : "no"
-    }
-}

src/test/groovy/com/hierynomus/sshj/transport/verification/OpenSSHKnownHostsSpec.groovy

@@ -1,221 +0,0 @@
-/*
- * Copyright (C)2009 - SSHJ Contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.hierynomus.sshj.transport.verification
-
-import net.schmizz.sshj.common.Buffer
-import net.schmizz.sshj.transport.verification.OpenSSHKnownHosts
-import net.schmizz.sshj.util.KeyUtil
-import spock.lang.Specification
-import spock.lang.TempDir
-import spock.lang.Unroll
-
-import java.nio.file.Files
-import java.security.PublicKey
-
-class OpenSSHKnownHostsSpec extends Specification {
-
-    @TempDir def temp
-
-    def "should parse and verify hashed host entry"() {
-        given:
-        def f = knownHosts("|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ==");
-        final PublicKey key = KeyUtil
-                .newRSAPublicKey(
-                "e8ff4797075a861db9d2319960a836b2746ada3da514955d2921f2c6a6c9895cbd557f604e43772b6303e3cab2ad82d83b21acdef4edb72524f9c2bef893335115acacfe2989bcbb2e978e4fedc8abc090363e205d975c1fdc35e55ba4daa4b5d5ab7a22c40f547a4a0fd1c683dfff10551c708ff8c34ea4e175cb9bf2313865308fa23601e5a610e2f76838be7ded3b4d3a2c49d2d40fa20db51d1cc8ab20d330bb0dadb88b1a12853f0ecb7c7632947b098dcf435a54566bcf92befd55e03ee2a57d17524cd3d59d6e800c66059067e5eb6edb81946b3286950748240ec9afa4389f9b62bc92f94ec0fba9e64d6dc2f455f816016a4c5f3d507382ed5d3365",
-                "23");
-
-        when:
-        OpenSSHKnownHosts openSSHKnownHosts = new OpenSSHKnownHosts(f)
-
-        then:
-        openSSHKnownHosts.verify("192.168.1.61", 22, key)
-        !openSSHKnownHosts.verify("192.168.1.2", 22, key)
-    }
-
-    def "should parse and verify v1 host entry"() {
-        given:
-        def f = knownHosts("test.com,1.1.1.1 2048 35 22017496617994656680820635966392838863613340434802393112245951008866692373218840197754553998457793202561151141246686162285550121243768846314646395880632789308110750881198697743542374668273149584280424505890648953477691795864456749782348425425954366277600319096366690719901119774784695056100331902394094537054256611668966698242432417382422091372756244612839068092471592121759862971414741954991375710930168229171638843329213652899594987626853020377726482288618521941129157643483558764875338089684351824791983007780922947554898825663693324944982594850256042689880090306493029526546183035567296830604572253312294059766327")
-        def key = KeyUtil.newRSAPublicKey("ae6983ed63a33afc69fe0b88b4ba14393120a0b66e1460916a8390ff109139cd14f4e1701ab5c5feeb479441fe2091d04c0ba7d3fa1756b80ed103657ab53b5d7daa38af22f59f9cbfc16892d4ef1f8fd3ae49663c295be1f568a160d54328fbc2c0598f48d32296b1b9942336234952c440cda1bfac904e3391db98e52f9b1de229adc18fc34a9a569717aa9a5b1145e73b8a8394354028d02054ca760243fb8fc1575490607dd098e698e02b5d8bdf22d55ec958245222ef4c65b8836b9f13674a2d2895a587bfd4423b4eeb6d3ef98451640e3d63d2fc6a761ffd34446abab028494caf36d67ffd65298d69f19f2d90bae4c207b671db563a08f1bb9bf237",
-                    "23")
-        when:
-        OpenSSHKnownHosts knownHosts = new OpenSSHKnownHosts(f)
-
-        then:
-        knownHosts.verify("test.com", 22, key)
-    }
-
-    def "should check all host entries for key"() {
-        given:
-        def f = knownHosts("""
-host1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCiYp2IDgzDFhl8T4TRLIhEljvEixz1YN0XWh4dYh0REGK9T4QKiyb28EztPMdcOtz1uyX5rUGYXX9hj99S4SiU=
-host1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLTjA7hduYGmvV9smEEsIdGLdghSPD7kL8QarIIOkeXmBh+LTtT/T1K+Ot/rmXCZsP8hoUXxbvN+Tks440Ci0ck=
-""")
-        def pk = new Buffer.PlainBuffer(Base64.getDecoder().decode("AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLTjA7hduYGmvV9smEEsIdGLdghSPD7kL8QarIIOkeXmBh+LTtT/T1K+Ot/rmXCZsP8hoUXxbvN+Tks440Ci0ck=")).readPublicKey()
-        when:
-        def knownhosts = new OpenSSHKnownHosts(f)
-
-        then:
-        knownhosts.verify("host1", 22, pk)
-    }
-
-    def "should not fail on bad base64 entry"() {
-        given:
-        def f = knownHosts("""
-host1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTIDgzDFhl8T4TRLIhEljvEixz1YN0XWh4dYh0REGK9T4QKiyb28EztPMdcOtz1uyX5rUGYXX9hj99S4SiU=
-host1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLTjA7hduYGmvV9smEEsIdGLdghSPD7kL8QarIIOkeXmBh+LTtT/T1K+Ot/rmXCZsP8hoUXxbvN+Tks440Ci0ck=
-""")
-        def pk = new Buffer.PlainBuffer(Base64.getDecoder().decode("AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLTjA7hduYGmvV9smEEsIdGLdghSPD7kL8QarIIOkeXmBh+LTtT/T1K+Ot/rmXCZsP8hoUXxbvN+Tks440Ci0ck=")).readPublicKey()
-        when:
-        def knownhosts = new OpenSSHKnownHosts(f)
-
-        then:
-        knownhosts.verify("host1", 22, pk)
-    }
-
-    def "should mark bad line and not fail"() {
-        given:
-        def f = knownHosts("M36Lo+Ik5ukNugvvoNFlpnyiHMmtKxt3FpyEfYuryXjNqMNWHn/ARVnpUIl5jRLTB7WBzyLYMG7X5nuoFL9zYqKGtHxChbDunxMVbspw5WXI9VN+qxcLwmITmpEvI9ApyS/Ox2ZyN7zw==\n")
-
-        when:
-        def knownhosts = new OpenSSHKnownHosts(f)
-
-        then:
-        knownhosts.entries().size() == 1
-        knownhosts.entries().get(0) instanceof OpenSSHKnownHosts.BadHostEntry
-    }
-
-    @Unroll
-    def "should add comment for #type line"() {
-        given:
-        def f = knownHosts(s)
-
-        when:
-        def knownHosts = new OpenSSHKnownHosts(f)
-
-        then:
-        knownHosts.entries().size() == 1
-        knownHosts.entries().get(0) instanceof OpenSSHKnownHosts.CommentEntry
-
-        where:
-        type << ["newline", "comment"]
-        s << ["\n", "#comment\n"]
-    }
-
-    @Unroll
-    def "should contain comment at end of line"() {
-        given:
-        def f = knownHosts(host)
-        when:
-        OpenSSHKnownHosts knownHosts = new OpenSSHKnownHosts(f)
-
-        then:
-        knownHosts.entries().size() == 1
-        def entry = knownHosts.entries().get(0)
-        entry instanceof OpenSSHKnownHosts.HostEntry
-        entry.comment == comment
-
-        where:
-        host << [
-"|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ== this is a comment",
-"test.com,1.1.1.1 2048 35 22017496617994656680820635966392838863613340434802393112245951008866692373218840197754553998457793202561151141246686162285550121243768846314646395880632789308110750881198697743542374668273149584280424505890648953477691795864456749782348425425954366277600319096366690719901119774784695056100331902394094537054256611668966698242432417382422091372756244612839068092471592121759862971414741954991375710930168229171638843329213652899594987626853020377726482288618521941129157643483558764875338089684351824791983007780922947554898825663693324944982594850256042689880090306493029526546183035567296830604572253312294059766327 single",
-"schmizz.net,69.163.155.180 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ==",
-"schmizz.net,69.163.155.180 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ== ",
-"schmizz.net,69.163.155.180 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ== extra   space"
-        ]
-        comment << [
-            "this is a comment",
-            "single",
-            null,
-            null,
-            "extra   space"
-        ]
-    }
-
-    @Unroll
-    def "should match any host name from multi-host line"() {
-        given:
-        def f = knownHosts("schmizz.net,69.163.155.180 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ==")
-        def pk = new Buffer.PlainBuffer(Base64.getDecoder().decode("AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ==")).readPublicKey()
-
-        when:
-        def knownHosts = new OpenSSHKnownHosts(f)
-
-        then:
-        knownHosts.verify(h, 22, pk)
-
-        where:
-        h << ["schmizz.net", "69.163.155.180"]
-    }
-
-    def "should produce meaningful toString()"() {
-        given:
-        def f = knownHosts("schmizz.net,69.163.155.180 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ==")
-
-        when:
-        def knownhosts = new OpenSSHKnownHosts(f)
-
-        def toStringValue = knownhosts.toString()
-        then:
-        toStringValue == "OpenSSHKnownHosts{khFile='" + f + "'}"
-    }
-
-    def "should forgive redundant spaces like OpenSSH does"() {
-        given:
-        def key = "AAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG"
-        def f = knownHosts("""
-          |host1 ssh-ed25519 $key
-          |
-          | host2   ssh-ed25519   $key  ,./gargage\\.,
-          |\t\t\t\t\t
-          |\t@revoked   host3\tssh-ed25519\t \t$key\t
-          """.stripMargin())
-        def pk = new Buffer.PlainBuffer(Base64.getDecoder().decode(key)).readPublicKey()
-
-        when:
-        def knownhosts = new OpenSSHKnownHosts(f)
-
-        then:
-        ["host1", "host2", "host3"].forEach {
-            knownhosts.verify(it, 22, pk)
-        }
-    }
-
-    def "should not throw errors while parsing corrupted records"() {
-        given:
-        def key = "AAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG"
-        def f = knownHosts(
-                "\n"  // empty line
-                + "    \n"  // blank line
-                + "bad-host1\n"  // absent key type and key contents
-                + "bad-host2 ssh-ed25519\n"  // absent key contents
-                + "  bad-host3 ssh-ed25519\n"  // absent key contents, with leading spaces
-                + "@revoked  bad-host5 ssh-ed25519\n"  // absent key contents, with marker
-                + "good-host ssh-ed25519 $key"  // the only good host at the end
-        )
-
-        when:
-        def knownhosts = new OpenSSHKnownHosts(f)
-
-        then:
-        knownhosts.verify("good-host", 22, new Buffer.PlainBuffer(Base64.getDecoder().decode(key)).readPublicKey())
-    }
-
-    def knownHosts(String s) {
-        def f = Files.createFile(temp.resolve("known_hosts")).toFile()
-        f.write(s)
-        return f
-    }
-}

src/test/java/com/hierynomus/sshj/connection/channel/forwarded/RemotePFPerformanceTest.java

@@ -0,0 +1,188 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.connection.channel.forwarded;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetSocketAddress;
+import java.net.ServerSocket;
+import java.net.Socket;
+import net.schmizz.sshj.DefaultConfig;
+import net.schmizz.sshj.SSHClient;
+import net.schmizz.sshj.connection.channel.forwarded.RemotePortForwarder.Forward;
+import net.schmizz.sshj.connection.channel.forwarded.SocketForwardingConnectListener;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class RemotePFPerformanceTest {
+
+    private static final Logger log = LoggerFactory.getLogger(RemotePFPerformanceTest.class);
+
+    @Test
+    @Disabled
+    public void startPF() throws IOException, InterruptedException {
+        DefaultConfig config = new DefaultConfig();
+        config.setMaxCircularBufferSize(16 * 1024 * 1024);
+        SSHClient client = new SSHClient(config);
+        client.loadKnownHosts();
+        client.addHostKeyVerifier("5c:0c:8e:9d:1c:50:a9:ba:a7:05:f6:b1:2b:0b:5f:ba");
+
+        client.getConnection().getKeepAlive().setKeepAliveInterval(5);
+        client.connect("localhost");
+        client.getConnection().getKeepAlive().setKeepAliveInterval(5);
+
+        Object consumerReadyMonitor = new Object();
+        ConsumerThread consumerThread = new ConsumerThread(consumerReadyMonitor);
+        ProducerThread producerThread = new ProducerThread();
+        try {
+
+            client.authPassword(System.getenv().get("USERNAME"), System.getenv().get("PASSWORD"));
+
+            /*
+            * We make _server_ listen on port 8080, which forwards all connections to us as a channel, and we further
+            * forward all such channels to google.com:80
+            */
+            client.getRemotePortForwarder().bind(
+                    // where the server should listen
+                    new Forward(8888),
+                    // what we do with incoming connections that are forwarded to us
+                    new SocketForwardingConnectListener(new InetSocketAddress("localhost", 12345)));
+
+            consumerThread.start();
+            synchronized (consumerReadyMonitor) {
+                consumerReadyMonitor.wait();
+            }
+            producerThread.start();
+
+            // Wait for consumer to finish receiving data.
+            synchronized (consumerReadyMonitor) {
+                consumerReadyMonitor.wait();
+            }
+
+        } finally {
+            producerThread.interrupt();
+            consumerThread.interrupt();
+            client.disconnect();
+        }
+    }
+
+    private static class ConsumerThread extends Thread {
+        private final Object consumerReadyMonitor;
+
+        private ConsumerThread(Object consumerReadyMonitor) {
+            super("Consumer");
+            this.consumerReadyMonitor = consumerReadyMonitor;
+        }
+
+        @Override
+        public void run() {
+            try (ServerSocket serverSocket = new ServerSocket(12345)) {
+                synchronized (consumerReadyMonitor) {
+                    consumerReadyMonitor.notifyAll();
+                }
+                try (Socket acceptedSocket = serverSocket.accept()) {
+                    InputStream in = acceptedSocket.getInputStream();
+                    int numRead;
+                    byte[] buf = new byte[40000];
+                    //byte[] buf = new byte[255 * 4 * 1000];
+                    byte expectedNext = 1;
+                    while ((numRead = in.read(buf)) != 0) {
+                        if (Thread.interrupted()) {
+                            log.info("Consumer thread interrupted");
+                            return;
+                        }
+                        log.info(String.format("Read %d characters; values from %d to %d", numRead, buf[0], buf[numRead - 1]));
+                        if (buf[numRead - 1] == 0) {
+                            verifyData(buf, numRead - 1, expectedNext);
+                            break;
+                        }
+                        expectedNext = verifyData(buf, numRead, expectedNext);
+                        // Slow down consumer to test buffering.
+                        Thread.sleep(Long.parseLong(System.getenv().get("DELAY_MS")));
+                    }
+                    log.info("Consumer read end of stream value: " + numRead);
+                    synchronized (consumerReadyMonitor) {
+                        consumerReadyMonitor.notifyAll();
+                    }
+                }
+            } catch (Exception e) {
+                synchronized (consumerReadyMonitor) {
+                    consumerReadyMonitor.notifyAll();
+                }
+                e.printStackTrace();
+            }
+        }
+
+        private byte verifyData(byte[] buf, int numRead, byte expectedNext) {
+            for (int i = 0; i < numRead; ++i) {
+                if (buf[i] != expectedNext) {
+                    fail("Expected buf[" + i + "]=" + buf[i] + " to be " + expectedNext);
+                }
+                if (++expectedNext == 0) {
+                    expectedNext = 1;
+                }
+            }
+            return expectedNext;
+        }
+    }
+
+    private static class ProducerThread extends Thread {
+        private ProducerThread() {
+            super("Producer");
+        }
+
+        @Override
+        public void run() {
+            try (Socket clientSocket = new Socket("127.0.0.1", 8888);
+                 OutputStream writer = clientSocket.getOutputStream()) {
+                byte[] buf = getData();
+                assertEquals(buf[0], 1);
+                assertEquals(buf[buf.length - 1], -1);
+                for (int i = 0; i < 1000; ++i) {
+                    writer.write(buf);
+                    if (Thread.interrupted()) {
+                        log.info("Consumer thread interrupted");
+                        return;
+                    }
+                    log.info(String.format("Wrote %d characters; values from %d to %d", buf.length, buf[0], buf[buf.length - 1]));
+                }
+                writer.write(0); // end of stream value
+                log.info("Producer finished sending data");
+            } catch (Exception e) {
+                e.printStackTrace();
+            }
+        }
+
+        private byte[] getData() {
+            byte[] buf = new byte[255 * 4 * 1000];
+            byte nextValue = 1;
+            for (int i = 0; i < buf.length; ++i) {
+                buf[i] = nextValue++;
+                // reserve 0 for end of stream
+                if (nextValue == 0) {
+                    nextValue = 1;
+                }
+            }
+            return buf;
+        }
+    }
+
+}

src/test/java/com/hierynomus/sshj/transport/verification/KnownHostMatchersTest.java

@@ -0,0 +1,62 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.transport.verification;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import java.util.stream.Stream;
+
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.Arguments;
+import org.junit.jupiter.params.provider.MethodSource;
+
+public class KnownHostMatchersTest {
+    @MethodSource("com.hierynomus.sshj.transport.verification.KnownHostMatchersTest#patterns")
+    @ParameterizedTest
+    public void shouldMatchHostnameToPattern(String pattern, String hostname, boolean match) throws Exception {
+        KnownHostMatchers.HostMatcher matcher = KnownHostMatchers.createMatcher(pattern);
+        assertEquals(match, matcher.match(hostname));
+    }
+
+    public static Stream<Arguments> patterns() {
+        return Stream.of(
+            Arguments.of("aaa.bbb.com", "aaa.bbb.com", true),
+            Arguments.of("aaa.bbb.com", "aaa.ccc.com", false),
+            Arguments.of("*.bbb.com"  , "aaa.bbb.com", true),
+            Arguments.of("*.bbb.com"  , "aaa.ccc.com", false),
+            Arguments.of("aaa.*.com"  , "aaa.bbb.com", true),
+            Arguments.of("aaa.*.com"  , "aaa.ccc.com", true),
+            Arguments.of("aaa.bbb.*", "aaa.bbb.com", true),
+            Arguments.of("aaa.bbb.*", "aaa.ccc.com", false),
+            Arguments.of("!*.bbb.com", "aaa.bbb.com", false),
+            Arguments.of("!*.bbb.com", "aaa.ccc.com", true),
+            Arguments.of("aaa.bbb.com,!*.ccc.com", "xxx.yyy.com", true),
+            Arguments.of("aaa.bbb.com,!*.ccc.com", "aaa.bbb.com", true),
+            Arguments.of("aaa.bbb.com,!*.ccc.com", "aaa.ccc.com", false),
+            Arguments.of("aaa.b??.com", "aaa.bbb.com", true),
+            Arguments.of("aaa.b??.com", "aaa.bcd.com", true),
+            Arguments.of("aaa.b??.com", "aaa.ccd.com", false),
+            Arguments.of("aaa.b??.com", "aaa.bccd.com", false),
+            Arguments.of("|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg=", "192.168.1.61", true),
+            Arguments.of("|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg=", "192.168.2.61", false),
+            Arguments.of("[aaa.bbb.com]:2222", "aaa.bbb.com", false),
+            Arguments.of("[aaa.bbb.com]:2222", "[aaa.bbb.com]:2222", true),
+            Arguments.of("[aaa.?bb.com]:2222", "[aaa.dbb.com]:2222", true),
+            Arguments.of("[aaa.?xb.com]:2222", "[aaa.dbb.com]:2222", false),
+            Arguments.of("[*.bbb.com]:2222", "[aaa.bbb.com]:2222", true)
+        );
+    }
+}

src/test/java/com/hierynomus/sshj/transport/verification/OpenSSHKnownHostsTest.java

@@ -0,0 +1,243 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.transport.verification;
+
+import net.schmizz.sshj.common.Buffer;
+import net.schmizz.sshj.common.SecurityUtils;
+import net.schmizz.sshj.transport.verification.OpenSSHKnownHosts;
+import net.schmizz.sshj.util.KeyUtil;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.io.TempDir;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.Arguments;
+import org.junit.jupiter.params.provider.MethodSource;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.security.PublicKey;
+import java.util.Base64;
+import java.util.stream.Stream;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.*;
+
+public class OpenSSHKnownHostsTest {
+    @TempDir
+    public File tempDir;
+
+    @BeforeAll
+    public static void setup() {
+        SecurityUtils.registerSecurityProvider("org.bouncycastle.jce.provider.BouncyCastleProvider");
+    }
+
+    @Test
+    public void shouldParseAndVerifyHashedHostEntry() throws Exception {
+        File knownHosts = knownHosts(
+                "|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ==");
+        PublicKey k = KeyUtil.newRSAPublicKey(
+                "e8ff4797075a861db9d2319960a836b2746ada3da514955d2921f2c6a6c9895cbd557f604e43772b6303e3cab2ad82d83b21acdef4edb72524f9c2bef893335115acacfe2989bcbb2e978e4fedc8abc090363e205d975c1fdc35e55ba4daa4b5d5ab7a22c40f547a4a0fd1c683dfff10551c708ff8c34ea4e175cb9bf2313865308fa23601e5a610e2f76838be7ded3b4d3a2c49d2d40fa20db51d1cc8ab20d330bb0dadb88b1a12853f0ecb7c7632947b098dcf435a54566bcf92befd55e03ee2a57d17524cd3d59d6e800c66059067e5eb6edb81946b3286950748240ec9afa4389f9b62bc92f94ec0fba9e64d6dc2f455f816016a4c5f3d507382ed5d3365",
+                "23");
+
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+        assertTrue(ohk.verify("192.168.1.61", 22, k));
+        assertFalse(ohk.verify("192.168.1.2", 22, k));
+        ohk.write();
+        for (OpenSSHKnownHosts.KnownHostEntry entry : ohk.entries()) {
+            assertEquals("|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ==",
+                    entry.getLine());
+        }
+    }
+
+    @Test
+    public void shouldParseAndVerifyV1HostEntry() throws Exception {
+        File knownHosts = knownHosts(
+                "test.com,1.1.1.1 2048 35 22017496617994656680820635966392838863613340434802393112245951008866692373218840197754553998457793202561151141246686162285550121243768846314646395880632789308110750881198697743542374668273149584280424505890648953477691795864456749782348425425954366277600319096366690719901119774784695056100331902394094537054256611668966698242432417382422091372756244612839068092471592121759862971414741954991375710930168229171638843329213652899594987626853020377726482288618521941129157643483558764875338089684351824791983007780922947554898825663693324944982594850256042689880090306493029526546183035567296830604572253312294059766327");
+        PublicKey k = KeyUtil.newRSAPublicKey(
+                "ae6983ed63a33afc69fe0b88b4ba14393120a0b66e1460916a8390ff109139cd14f4e1701ab5c5feeb479441fe2091d04c0ba7d3fa1756b80ed103657ab53b5d7daa38af22f59f9cbfc16892d4ef1f8fd3ae49663c295be1f568a160d54328fbc2c0598f48d32296b1b9942336234952c440cda1bfac904e3391db98e52f9b1de229adc18fc34a9a569717aa9a5b1145e73b8a8394354028d02054ca760243fb8fc1575490607dd098e698e02b5d8bdf22d55ec958245222ef4c65b8836b9f13674a2d2895a587bfd4423b4eeb6d3ef98451640e3d63d2fc6a761ffd34446abab028494caf36d67ffd65298d69f19f2d90bae4c207b671db563a08f1bb9bf237",
+                "23");
+
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+        assertTrue(ohk.verify("test.com", 22, k));
+    }
+
+    @Test
+    public void shouldTestAllHostEntriesForKey() throws Exception {
+        File knownHosts = knownHosts(
+                "host1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCiYp2IDgzDFhl8T4TRLIhEljvEixz1YN0XWh4dYh0REGK9T4QKiyb28EztPMdcOtz1uyX5rUGYXX9hj99S4SiU=\n"
+                        +
+                        "host1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLTjA7hduYGmvV9smEEsIdGLdghSPD7kL8QarIIOkeXmBh+LTtT/T1K+Ot/rmXCZsP8hoUXxbvN+Tks440Ci0ck=\n");
+        PublicKey k = new Buffer.PlainBuffer(Base64.getDecoder().decode(
+                "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLTjA7hduYGmvV9smEEsIdGLdghSPD7kL8QarIIOkeXmBh+LTtT/T1K+Ot/rmXCZsP8hoUXxbvN+Tks440Ci0ck="))
+                .readPublicKey();
+
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+        assertTrue(ohk.verify("host1", 22, k));
+    }
+
+    @Test
+    public void shouldNotFailOnBadBase64Entry() throws Exception {
+        File knownHosts = knownHosts(
+                "host1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTIDgzDFhl8T4TRLIhEljvEixz1YN0XWh4dYh0REGK9T4QKiyb28EztPMdcOtz1uyX5rUGYXX9hj99S4SiU=\n"
+                        +
+                        "host1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLTjA7hduYGmvV9smEEsIdGLdghSPD7kL8QarIIOkeXmBh+LTtT/T1K+Ot/rmXCZsP8hoUXxbvN+Tks440Ci0ck=\n");
+        PublicKey k = new Buffer.PlainBuffer(Base64.getDecoder().decode(
+                "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLTjA7hduYGmvV9smEEsIdGLdghSPD7kL8QarIIOkeXmBh+LTtT/T1K+Ot/rmXCZsP8hoUXxbvN+Tks440Ci0ck="))
+                .readPublicKey();
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+
+        assertTrue(ohk.verify("host1", 22, k));
+    }
+
+    @Test
+    public void shouldNotFailOnMalformedBase64String() throws IOException {
+        File knownHosts = knownHosts(
+                "1.1.1.1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA/CkqWXSlbdo7jPshvIWT/m3FAdpSIKUx/uTmz87ObpBxXsfF8aMSiwGMKHjqviTV4cG6F7vFf28ll+9CbGsbs=192\n"
+        );
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+        assertEquals(1, ohk.entries().size());
+        assertThat(ohk.entries().get(0)).isInstanceOf(OpenSSHKnownHosts.BadHostEntry.class);
+    }
+
+    @Test
+    public void shouldNotFailOnMalformeSaltBase64String() throws IOException {
+        // A record with broken base64 inside the salt part of the hash.
+        // No matter how it could be generated, such broken strings must not cause unexpected errors.
+        String hostName = "example.com";
+        File knownHosts = knownHosts(
+                "|1|2gujgGa6gJnK7wGPCX8zuGttvCMXX|Oqkbjtxd9RFxKQv6y3l3GIxLNiU= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGVVnyoAD5/uWiiuTSM3RuW8dEWRrqOXYobAMKHhAA6kuOBoPK+LoAYyUcN26bdMiCxg+VOaLHxPNWv5SlhbMWw=\n"
+        );
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+        assertEquals(1, ohk.entries().size());
+
+        // Some random valid public key. It doesn't matter for the test if it matches the broken host key record or not.
+        PublicKey k = new Buffer.PlainBuffer(Base64.getDecoder().decode(
+                "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLTjA7hduYGmvV9smEEsIdGLdghSPD7kL8QarIIOkeXmBh+LTtT/T1K+Ot/rmXCZsP8hoUXxbvN+Tks440Ci0ck="))
+                .readPublicKey();
+        assertFalse(ohk.verify(hostName, 22, k));
+    }
+
+    @Test
+    public void shouldMarkBadLineAndNotFail() throws Exception {
+        File knownHosts = knownHosts(
+                "M36Lo+Ik5ukNugvvoNFlpnyiHMmtKxt3FpyEfYuryXjNqMNWHn/ARVnpUIl5jRLTB7WBzyLYMG7X5nuoFL9zYqKGtHxChbDunxMVbspw5WXI9VN+qxcLwmITmpEvI9ApyS/Ox2ZyN7zw==\n");
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+        assertEquals(1, ohk.entries().size());
+        assertInstanceOf(OpenSSHKnownHosts.BadHostEntry.class, ohk.entries().get(0));
+    }
+
+    @Test
+    public void shouldAddCommentForSpecificLines() throws Exception {
+        File knownHosts = knownHosts("#comment\n\n");
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+        assertEquals(2, ohk.entries().size());
+        assertInstanceOf(OpenSSHKnownHosts.CommentEntry.class, ohk.entries().get(0));
+        assertInstanceOf(OpenSSHKnownHosts.CommentEntry.class, ohk.entries().get(1));
+    }
+
+    @Test
+    public void shouldNotVerifyRevokedEntries() throws Exception {
+        File knownHosts = knownHosts("host1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG\n" +
+                "@revoked revoked-host ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG\n");
+
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+        PublicKey k = new Buffer.PlainBuffer(Base64.getDecoder().decode(
+                "AAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG"))
+                .readPublicKey();
+
+        assertTrue(ohk.verify("host1", 22, k));
+        assertFalse(ohk.verify("revoked-host", 22, k));
+    }
+
+    @Test
+    public void shouldForgiveRedundantSpacesLikeOpenSSH() throws Exception {
+        File knownHosts = knownHosts(
+                "host1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG\n" +
+                "\n" +
+                " host2   ssh-ed25519  AAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG   ,./gargage\\.,\n" +
+                "\t\t\t\t\t\t\n" +
+                        "\t  host3\tssh-ed25519\t \tAAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG\t\n");
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+
+        PublicKey pk = new Buffer.PlainBuffer(
+                Base64.getDecoder().decode("AAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG"))
+                .readPublicKey();
+
+        assertTrue(ohk.verify("host1", 22, pk));
+        assertTrue(ohk.verify("host2", 22, pk));
+        assertTrue(ohk.verify("host3", 22, pk));
+    }
+
+    @Test
+    public void shouldNotThrowErrorsWhileParsingCorruptRecords() throws Exception {
+        File knownHosts = knownHosts(
+                "\n" // empty line
+                        + "    \n" // blank line
+                        + "bad-host1\n" // absent key type and key contents
+                        + "bad-host2 ssh-ed25519\n" // absent key contents
+                        + "  bad-host3 ssh-ed25519\n" // absent key contents, with leading spaces
+                        + "@revoked  bad-host5 ssh-ed25519\n" // absent key contents, with marker
+                        + "good-host ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG" // the only good host at the end
+        );
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+
+        assertTrue(ohk.verify("good-host", 22,
+                new Buffer.PlainBuffer(Base64.getDecoder()
+                        .decode("AAAAC3NzaC1lZDI1NTE5AAAAIIRsJi92NJJTQwXHZiRiARoEy4n1jYsNTQePHFTSl7tG"))
+                        .readPublicKey()));
+    }
+
+    @Test
+    public void shouldMatchAnyHostFromMultiHostLine() throws Exception {
+        File knownHosts = knownHosts(
+                "schmizz.net,69.163.155.180 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ==");
+        PublicKey k = new Buffer.PlainBuffer(Base64.getDecoder().decode(
+                "AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ=="))
+                .readPublicKey();
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+
+        assertTrue(ohk.verify("schmizz.net", 22, k));
+        assertTrue(ohk.verify("69.163.155.180", 22, k));
+    }
+
+    @ParameterizedTest
+    @MethodSource("com.hierynomus.sshj.transport.verification.OpenSSHKnownHostsTest#commentedHostEntries")
+    public void shouldRetainCommentAtEndOfLine(String entry, String comment) throws Exception {
+        File knownHosts = knownHosts(entry);
+        OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
+        assertEquals(1, ohk.entries().size());
+        assertThat(ohk.entries().get(0)).extracting("comment").isEqualTo(comment);
+    }
+
+    public static Stream<Arguments> commentedHostEntries() {
+        return Stream.of(
+            Arguments.of("|1|F1E1KeoE/eEWhi10WpGv4OdiO6Y=|3988QV0VE8wmZL7suNrYQLITLCg= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ== this is a comment", "this is a comment"),
+            Arguments.of("test.com,1.1.1.1 2048 35 22017496617994656680820635966392838863613340434802393112245951008866692373218840197754553998457793202561151141246686162285550121243768846314646395880632789308110750881198697743542374668273149584280424505890648953477691795864456749782348425425954366277600319096366690719901119774784695056100331902394094537054256611668966698242432417382422091372756244612839068092471592121759862971414741954991375710930168229171638843329213652899594987626853020377726482288618521941129157643483558764875338089684351824791983007780922947554898825663693324944982594850256042689880090306493029526546183035567296830604572253312294059766327 single",
+                "single"),
+            Arguments.of("schmizz.net,69.163.155.180 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ==", null),
+            Arguments.of("schmizz.net,69.163.155.180 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ== ", null),
+            Arguments.of("schmizz.net,69.163.155.180 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6P9Hlwdahh250jGZYKg2snRq2j2lFJVdKSHyxqbJiVy9VX9gTkN3K2MD48qyrYLYOyGs3vTttyUk+cK++JMzURWsrP4piby7LpeOT+3Iq8CQNj4gXZdcH9w15Vuk2qS11at6IsQPVHpKD9HGg9//EFUccI/4w06k4XXLm/IxOGUwj6I2AeWmEOL3aDi+fe07TTosSdLUD6INtR0cyKsg0zC7Da24ixoShT8Oy3x2MpR7CY3PQ1pUVmvPkr79VeA+4qV9F1JM09WdboAMZgWQZ+XrbtuBlGsyhpUHSCQOya+kOJ+bYryS+U7A+6nmTW3C9FX4FgFqTF89UHOC7V0zZQ== extra   space", "extra   space")
+        );
+    }
+
+    private File knownHosts(String contents) throws IOException {
+        File knownHosts = new File(tempDir, "known_hosts");
+        Files.write(knownHosts.toPath(), contents.getBytes(StandardCharsets.UTF_8));
+        return knownHosts;
+    }
+}

src/test/java/net/schmizz/sshj/ConnectedSocketTest.java

@@ -0,0 +1,105 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package net.schmizz.sshj;
+
+import com.hierynomus.sshj.test.SshServerExtension;
+import net.schmizz.sshj.SSHClient;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.RegisterExtension;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.MethodSource;
+
+import org.apache.sshd.server.SshServer;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.util.stream.Stream;
+
+import javax.net.SocketFactory;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+
+
+public class ConnectedSocketTest {
+    @RegisterExtension
+    public SshServerExtension fixture = new SshServerExtension();
+
+    @BeforeEach
+    public void setupClient() throws IOException {
+        SSHClient defaultClient = fixture.setupDefaultClient();
+    }
+
+    private static interface Connector {
+        void connect(SshServerExtension fx) throws IOException;
+    }
+
+    private static void connectViaHostname(SshServerExtension fx) throws IOException {
+        SshServer server = fx.getServer();
+        fx.getClient().connect("localhost", server.getPort());
+    }
+
+    private static void connectViaAddr(SshServerExtension fx) throws IOException {
+        SshServer server = fx.getServer();
+        InetAddress addr = InetAddress.getByName(server.getHost());
+        fx.getClient().connect(addr, server.getPort());
+    }
+
+    private static Stream<Connector> connectMethods() {
+        return Stream.of(fx -> connectViaHostname(fx), fx -> connectViaAddr(fx));
+    }
+
+    @ParameterizedTest
+    @MethodSource("connectMethods")
+    public void connectsIfUnconnected(Connector connector) {
+        assertDoesNotThrow(() -> connector.connect(fixture));
+    }
+
+    @ParameterizedTest
+    @MethodSource("connectMethods")
+    public void handlesConnected(Connector connector) throws IOException {
+        Socket socket = SocketFactory.getDefault().createSocket();
+        SocketFactory factory = new SocketFactory() {
+                @Override
+                public Socket createSocket() {
+                    return socket;
+                }
+                @Override
+                public Socket createSocket(InetAddress host, int port) {
+                    return socket;
+                }
+                @Override
+                public Socket createSocket(InetAddress address, int port,
+                                           InetAddress localAddress, int localPort) {
+                    return socket;
+                }
+                @Override
+                public Socket createSocket(String host, int port) {
+                    return socket;
+                }
+                @Override
+                public Socket createSocket(String host, int port,
+                                           InetAddress localHost, int localPort) {
+                    return socket;
+                }
+            };
+        socket.connect(new InetSocketAddress("localhost", fixture.getServer().getPort()));
+        fixture.getClient().setSocketFactory(factory);
+        assertDoesNotThrow(() -> connector.connect(fixture));
+    }
+}

src/test/java/net/schmizz/sshj/common/CircularBufferTest.java

@@ -0,0 +1,221 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package net.schmizz.sshj.common;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+import net.schmizz.sshj.common.CircularBuffer.CircularBufferException;
+import net.schmizz.sshj.common.CircularBuffer.PlainCircularBuffer;
+import org.junit.jupiter.api.Test;
+
+public class CircularBufferTest {
+
+    @Test
+    public void shouldStoreDataCorrectlyWithoutResizing() throws CircularBufferException {
+        PlainCircularBuffer buffer = new PlainCircularBuffer(256, Integer.MAX_VALUE);
+
+        byte[] dataToWrite = getData(500);
+        buffer.putRawBytes(dataToWrite, 0, 100);
+        buffer.putRawBytes(dataToWrite, 100, 100);
+
+        byte[] dataToRead = new byte[500];
+        buffer.readRawBytes(dataToRead, 0, 80);
+        buffer.readRawBytes(dataToRead, 80, 80);
+
+        buffer.putRawBytes(dataToWrite, 200, 100);
+        buffer.readRawBytes(dataToRead, 160, 80);
+
+        buffer.putRawBytes(dataToWrite, 300, 100);
+        buffer.readRawBytes(dataToRead, 240, 80);
+
+        buffer.putRawBytes(dataToWrite, 400, 100);
+        buffer.readRawBytes(dataToRead, 320, 80);
+        buffer.readRawBytes(dataToRead, 400, 100);
+
+        assertEquals(256, buffer.length());
+        assertArrayEquals(dataToWrite, dataToRead);
+    }
+
+    @Test
+    public void shouldStoreDataCorrectlyWithResizing() throws CircularBufferException {
+        PlainCircularBuffer buffer = new PlainCircularBuffer(64, Integer.MAX_VALUE);
+
+        byte[] dataToWrite = getData(500);
+        buffer.putRawBytes(dataToWrite, 0, 100);
+        buffer.putRawBytes(dataToWrite, 100, 100);
+
+        byte[] dataToRead = new byte[500];
+        buffer.readRawBytes(dataToRead, 0, 80);
+        buffer.readRawBytes(dataToRead, 80, 80);
+
+        buffer.putRawBytes(dataToWrite, 200, 100);
+        buffer.readRawBytes(dataToRead, 160, 80);
+
+        buffer.putRawBytes(dataToWrite, 300, 100);
+        buffer.readRawBytes(dataToRead, 240, 80);
+
+        buffer.putRawBytes(dataToWrite, 400, 100);
+        buffer.readRawBytes(dataToRead, 320, 80);
+
+        buffer.readRawBytes(dataToRead, 400, 100);
+
+        assertEquals(256, buffer.length());
+        assertArrayEquals(dataToWrite, dataToRead);
+    }
+
+    @Test
+    public void shouldNotOverflowWhenWritingFullLengthToTheEnd() throws CircularBufferException {
+        PlainCircularBuffer buffer = new PlainCircularBuffer(64, Integer.MAX_VALUE);
+
+        byte[] dataToWrite = getData(64);
+        buffer.putRawBytes(dataToWrite, 0, dataToWrite.length); // should write to the end
+
+        assertEquals(64, buffer.available());
+        assertEquals(64 * 2, buffer.length());
+    }
+
+    @Test
+    public void shouldNotOverflowWhenWritingFullLengthWrapsAround() throws CircularBufferException {
+        PlainCircularBuffer buffer = new PlainCircularBuffer(64, Integer.MAX_VALUE);
+
+        // Move 1 byte forward.
+        buffer.putRawBytes(new byte[1], 0, 1);
+        buffer.readRawBytes(new byte[1], 0, 1);
+
+        // Force writes to wrap around.
+        byte[] dataToWrite = getData(64);
+        buffer.putRawBytes(dataToWrite, 0, dataToWrite.length); // should wrap around the end
+
+        assertEquals(64, buffer.available());
+        assertEquals(64 * 2, buffer.length());
+    }
+
+    @Test
+    public void shouldAllowWritingMaxCapacityFromZero() throws CircularBufferException {
+        PlainCircularBuffer buffer = new PlainCircularBuffer(64, 64);
+
+        // Max capacity is always one less than the buffer size.
+        int maxCapacity = buffer.maxPossibleRemainingCapacity();
+        assertEquals(buffer.length() - 1, maxCapacity);
+
+        byte[] dataToWrite = getData(maxCapacity);
+        buffer.putRawBytes(dataToWrite, 0, dataToWrite.length);
+
+        assertEquals(dataToWrite.length, buffer.available());
+        assertEquals(64, buffer.length());
+    }
+
+    @Test
+    public void shouldAllowWritingMaxRemainingCapacity() throws CircularBufferException {
+        PlainCircularBuffer buffer = new PlainCircularBuffer(64, 64);
+
+        final int initiallyWritten = 10;
+        buffer.putRawBytes(new byte[initiallyWritten], 0, initiallyWritten);
+
+        // Max remaining capacity is always one less than the remaining buffer size.
+        int maxRemainingCapacity = buffer.maxPossibleRemainingCapacity();
+        assertEquals(buffer.length() - 1 - initiallyWritten, maxRemainingCapacity);
+
+        byte[] dataToWrite = getData(maxRemainingCapacity);
+        buffer.putRawBytes(dataToWrite, 0, dataToWrite.length);
+
+        assertEquals(dataToWrite.length + initiallyWritten, buffer.available());
+        assertEquals(64, buffer.length());
+    }
+
+    @Test
+    public void shouldAllowWritingMaxRemainingCapacityAfterWrappingAround() throws CircularBufferException {
+        PlainCircularBuffer buffer = new PlainCircularBuffer(64, 64);
+
+        // Cause the internal write pointer to wrap around and be left of the read pointer.
+        final int initiallyWritten = 40;
+        buffer.putRawBytes(new byte[initiallyWritten], 0, initiallyWritten);
+        buffer.readRawBytes(new byte[initiallyWritten], 0, initiallyWritten);
+        buffer.putRawBytes(new byte[initiallyWritten], 0, initiallyWritten);
+
+        // Max remaining capacity is always one less than the remaining buffer size.
+        int maxRemainingCapacity = buffer.maxPossibleRemainingCapacity();
+        assertEquals(buffer.length() - 1 - initiallyWritten, maxRemainingCapacity);
+
+        byte[] dataToWrite = getData(maxRemainingCapacity);
+        buffer.putRawBytes(dataToWrite, 0, dataToWrite.length);
+
+        assertEquals(dataToWrite.length + initiallyWritten, buffer.available());
+        assertEquals(64, buffer.length());
+    }
+
+    @Test
+    public void shouldOverflowWhenWritingOverMaxRemainingCapacity() throws CircularBufferException {
+        PlainCircularBuffer buffer = new PlainCircularBuffer(64, 64);
+
+        final int initiallyWritten = 10;
+        buffer.putRawBytes(new byte[initiallyWritten], 0, initiallyWritten);
+
+        // Max remaining capacity is always one less than the remaining buffer size.
+        int maxRemainingCapacity = buffer.maxPossibleRemainingCapacity();
+        assertEquals(buffer.length() - 1 - initiallyWritten, maxRemainingCapacity);
+
+        byte[] dataToWrite = getData(maxRemainingCapacity + 1);
+        assertThrows(CircularBufferException.class, () -> buffer.putRawBytes(dataToWrite, 0, dataToWrite.length));
+    }
+
+    @Test
+    public void shouldThrowWhenReadingEmptyBuffer() {
+        PlainCircularBuffer buffer = new PlainCircularBuffer(64, Integer.MAX_VALUE);
+        assertThrows(CircularBufferException.class, () -> buffer.readRawBytes(new byte[1], 0, 1));
+    }
+
+    @Test
+    public void shouldThrowWhenReadingMoreThanAvailable() throws CircularBufferException {
+        PlainCircularBuffer buffer = new PlainCircularBuffer(64, Integer.MAX_VALUE);
+        buffer.putRawBytes(new byte[1], 0, 1);
+        assertThrows(CircularBufferException.class, () -> buffer.readRawBytes(new byte[2], 0, 2));
+    }
+
+    @Test
+    public void shouldThrowOnAboveMaximumInitialSize() {
+        assertThrows(IllegalArgumentException.class, () -> new PlainCircularBuffer(65, 64));
+    }
+
+    @Test
+    public void shouldThrowOnMaximumInitialSize() {
+        assertThrows(IllegalArgumentException.class, () -> new PlainCircularBuffer(Integer.MAX_VALUE, 64));
+    }
+
+    @Test
+    public void shouldAllowFullCapacity() throws CircularBufferException {
+        int maxSize = 1024;
+        PlainCircularBuffer buffer = new PlainCircularBuffer(256, maxSize);
+        buffer.ensureCapacity(maxSize - 1);
+        assertEquals(maxSize - 1, buffer.maxPossibleRemainingCapacity());
+    }
+
+    @Test
+    public void shouldThrowOnTooLargeRequestedCapacity() {
+        int maxSize = 1024;
+        PlainCircularBuffer buffer = new PlainCircularBuffer(256, maxSize);
+        assertThrows(CircularBufferException.class, () -> buffer.ensureCapacity(maxSize));
+    }
+
+    private static byte[] getData(int length) {
+        byte[] data = new byte[length];
+        byte nextValue = 0;
+        for (int i = 0; i < length; ++i) {
+            data[i] = nextValue++;
+        }
+        return data;
+    }
+}

src/test/java/net/schmizz/sshj/keyprovider/CorruptedPublicKeyTest.java

@@ -0,0 +1,73 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.schmizz.sshj.keyprovider;
+
+import net.schmizz.sshj.SSHClient;
+import net.schmizz.sshj.util.CorruptBase64;
+import org.junit.jupiter.api.io.TempDir;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.CsvSource;
+
+import java.io.BufferedReader;
+import java.io.FileReader;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.util.Optional;
+
+public class CorruptedPublicKeyTest {
+    private final Path keyRoot = Path.of("src/test/resources");
+
+    @TempDir
+    public Path tempDir;
+
+    @ParameterizedTest
+    @CsvSource({
+            "keyformats/ecdsa_opensshv1,",
+            "keyformats/openssh,",
+            "keytypes/test_ecdsa_nistp521_2,",
+            "keytypes/ed25519_protected, sshjtest",
+    })
+    public void corruptedPublicKey(String privateKeyFileName, String passphrase) throws IOException {
+        Files.createDirectories(tempDir.resolve(privateKeyFileName).getParent());
+        Files.copy(keyRoot.resolve(privateKeyFileName), tempDir.resolve(privateKeyFileName));
+
+        {
+            String publicKeyText;
+            try (var reader = new BufferedReader(new FileReader(
+                    keyRoot.resolve(privateKeyFileName + ".pub").toFile()))) {
+                publicKeyText = reader.readLine();
+            }
+
+            String[] parts = publicKeyText.split("\\s+");
+            parts[1] = CorruptBase64.corruptBase64(parts[1]);
+
+            try (var writer = new FileWriter(tempDir.resolve(privateKeyFileName + ".pub").toFile())) {
+                writer.write(String.join(" ", parts));
+            }
+        }
+
+        // Must not throw an exception.
+        try (var sshClient = new SSHClient()) {
+            sshClient.loadKeys(
+                    tempDir.resolve(privateKeyFileName).toString(),
+                    Optional.ofNullable(passphrase).map(String::toCharArray).orElse(null)
+            ).getPublic();
+        }
+    }
+}

src/test/java/net/schmizz/sshj/keyprovider/OpenSSHKeyFileTest.java

@@ -381,6 +381,18 @@ public class OpenSSHKeyFileTest {
 
     }
 
+    @Test
+    public void shouldSuccessfullyLoadSignedRSAPublicKeyFromStream() throws IOException {
+        FileKeyProvider keyFile = new OpenSSHKeyFile();
+        keyFile.init(new FileReader("src/test/resources/keytypes/certificate/test_rsa"),
+                new FileReader("src/test/resources/keytypes/certificate/test_rsa.pub"),
+                PasswordUtils.createOneOff(correctPassphrase));
+        assertNotNull(keyFile.getPrivate());
+        PublicKey pubKey = keyFile.getPublic();
+        assertNotNull(pubKey);
+        assertEquals("RSA", pubKey.getAlgorithm());
+    }
+
     @Test
     public void shouldSuccessfullyLoadSignedRSAPublicKeyWithMaxDate() throws IOException {
         FileKeyProvider keyFile = new OpenSSHKeyFile();
@@ -422,6 +434,17 @@ public class OpenSSHKeyFileTest {
         assertEquals("", certificate.getExtensions().get("permit-pty"));
     }
 
+    @Test
+    public void shouldSuccessfullyLoadSignedDSAPublicKeyFromStream() throws IOException {
+        FileKeyProvider keyFile = new OpenSSHKeyFile();
+        keyFile.init(new FileReader("src/test/resources/keytypes/certificate/test_dsa"),
+                new FileReader("src/test/resources/keytypes/certificate/test_dsa-cert.pub"),
+                PasswordUtils.createOneOff(correctPassphrase));
+        assertNotNull(keyFile.getPrivate());
+        PublicKey pubKey = keyFile.getPublic();
+        assertEquals("DSA", pubKey.getAlgorithm());
+    }
+
     /**
      * Sometimes users copy-pastes private and public keys in text editors. It leads to redundant
      * spaces and newlines. OpenSSH can easily read such keys, so users expect from SSHJ the same.

src/test/java/net/schmizz/sshj/keyprovider/PuTTYKeyFileTest.java

@@ -18,15 +18,19 @@ package net.schmizz.sshj.keyprovider;
 import com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile;
 import net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile;
 import net.schmizz.sshj.userauth.keyprovider.PuTTYKeyFile;
+import net.schmizz.sshj.util.CorruptBase64;
 import net.schmizz.sshj.util.UnitTestPasswordFinder;
 import org.junit.jupiter.api.Test;
 
+import java.io.BufferedReader;
 import java.io.File;
 import java.io.IOException;
 import java.io.StringReader;
 import java.security.interfaces.RSAPrivateKey;
 import java.security.interfaces.RSAPublicKey;
+import java.util.Objects;
 
+import static java.lang.Math.min;
 import static org.junit.jupiter.api.Assertions.*;
 
 public class PuTTYKeyFileTest {
@@ -558,4 +562,61 @@ public class PuTTYKeyFileTest {
             assertNull(key.getPrivate());
         });
     }
+
+    @Test
+    public void corruptedPublicLines() throws Exception {
+        assertThrows(IOException.class, () -> {
+            PuTTYKeyFile key = new PuTTYKeyFile();
+            key.init(new StringReader(corruptBase64InPuttyKey(ppk2048, "Public-Lines: ")));
+            key.getPublic();
+        });
+    }
+
+    @Test
+    public void corruptedPrivateLines() throws Exception {
+        assertThrows(IOException.class, () -> {
+            PuTTYKeyFile key = new PuTTYKeyFile();
+            key.init(new StringReader(corruptBase64InPuttyKey(ppk2048, "Private-Lines: ")));
+            key.getPublic();
+        });
+    }
+
+    private String corruptBase64InPuttyKey(
+            @SuppressWarnings("SameParameterValue") String source,
+            String sectionPrefix
+    ) throws IOException {
+        try (var reader = new BufferedReader(new StringReader(source))) {
+            StringBuilder result = new StringBuilder();
+            while (true) {
+                String line = reader.readLine();
+                if (line == null) {
+                    break;
+                } else if (line.startsWith(sectionPrefix)) {
+                    int base64LineCount = Integer.parseInt(line.substring(sectionPrefix.length()));
+                    StringBuilder base64 = new StringBuilder();
+                    for (int i = 0; i < base64LineCount; ++i) {
+                        base64.append(Objects.requireNonNull(reader.readLine()));
+                    }
+                    String corruptedBase64 = CorruptBase64.corruptBase64(base64.toString());
+
+                    // 64 is the length of base64 lines in PuTTY keys generated by puttygen.
+                    // It's not clear if it's some standard or not.
+                    // It doesn't match the MIME Base64 standard.
+                    int chunkSize = 64;
+
+                    result.append(sectionPrefix);
+                    result.append((corruptedBase64.length() + chunkSize - 1) / chunkSize);
+                    result.append('\n');
+                    for (int offset = 0; offset < corruptedBase64.length(); offset += chunkSize) {
+                        result.append(corruptedBase64, offset, min(corruptedBase64.length(), offset + chunkSize));
+                        result.append('\n');
+                    }
+                } else {
+                    result.append(line);
+                    result.append('\n');
+                }
+            }
+            return result.toString();
+        }
+    }
 }

src/test/java/net/schmizz/sshj/transport/KeyExchangeRepeatTest.java

@@ -112,7 +112,7 @@ public class KeyExchangeRepeatTest {
     }
 
     private SSHPacket getKexinitPacket() {
-        SSHPacket kexinitPacket = new Proposal(config, Collections.emptyList()).getPacket();
+        SSHPacket kexinitPacket = new Proposal(config, Collections.emptyList(), false).getPacket();
         kexinitPacket.rpos(kexinitPacket.rpos() + 1);
         return kexinitPacket;
     }

src/test/java/net/schmizz/sshj/transport/KeyExchangerStrictKeyExchangeTest.java

@@ -0,0 +1,236 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package net.schmizz.sshj.transport;
+
+import java.math.BigInteger;
+import java.util.Collections;
+import java.util.List;
+
+import net.schmizz.sshj.DefaultConfig;
+import net.schmizz.sshj.common.DisconnectReason;
+import net.schmizz.sshj.common.Factory;
+import net.schmizz.sshj.common.Message;
+import net.schmizz.sshj.common.SSHPacket;
+import net.schmizz.sshj.transport.kex.KeyExchange;
+import net.schmizz.sshj.transport.verification.PromiscuousVerifier;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.ArgumentCaptor;
+import org.mockito.Mockito;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+class KeyExchangerStrictKeyExchangeTest {
+
+    private TransportImpl transport;
+    private DefaultConfig config;
+    private KeyExchanger keyExchanger;
+
+    @BeforeEach
+    void setUp() throws Exception {
+        KeyExchange kex = mock(KeyExchange.class, Mockito.RETURNS_DEEP_STUBS);
+        transport = mock(TransportImpl.class, Mockito.RETURNS_DEEP_STUBS);
+        config = new DefaultConfig() {
+            @Override
+            protected void initKeyExchangeFactories() {
+                setKeyExchangeFactories(Collections.singletonList(new Factory.Named<>() {
+                    @Override
+                    public KeyExchange create() {
+                        return kex;
+                    }
+
+                    @Override
+                    public String getName() {
+                        return "mock-kex";
+                    }
+                }));
+            }
+        };
+        when(transport.getConfig()).thenReturn(config);
+        when(transport.getServerID()).thenReturn("some server id");
+        when(transport.getClientID()).thenReturn("some client id");
+        when(kex.next(any(), any())).thenReturn(true);
+        when(kex.getH()).thenReturn(new byte[0]);
+        when(kex.getK()).thenReturn(BigInteger.ZERO);
+        when(kex.getHash().digest()).thenReturn(new byte[10]);
+
+        keyExchanger = new KeyExchanger(transport);
+        keyExchanger.addHostKeyVerifier(new PromiscuousVerifier());
+    }
+
+    @Test
+    void initialConditions() {
+        assertThat(keyExchanger.isKexDone()).isFalse();
+        assertThat(keyExchanger.isKexOngoing()).isFalse();
+        assertThat(keyExchanger.isStrictKex()).isFalse();
+        assertThat(keyExchanger.isInitialKex()).isTrue();
+    }
+
+    @Test
+    void startInitialKex() throws Exception {
+        ArgumentCaptor<SSHPacket> sshPacketCaptor = ArgumentCaptor.forClass(SSHPacket.class);
+        when(transport.write(sshPacketCaptor.capture())).thenReturn(0L);
+
+        keyExchanger.startKex(false);
+
+        assertThat(keyExchanger.isKexDone()).isFalse();
+        assertThat(keyExchanger.isKexOngoing()).isTrue();
+        assertThat(keyExchanger.isStrictKex()).isFalse();
+        assertThat(keyExchanger.isInitialKex()).isTrue();
+
+        SSHPacket sshPacket = sshPacketCaptor.getValue();
+        List<String> kex = new Proposal(sshPacket).getKeyExchangeAlgorithms();
+        assertThat(kex).endsWith("kex-strict-c-v00@openssh.com");
+    }
+
+    @Test
+    void receiveKexInitWithoutServerFlag() throws Exception {
+        keyExchanger.startKex(false);
+
+        keyExchanger.handle(Message.KEXINIT, getKexInitPacket(false));
+
+        assertThat(keyExchanger.isKexDone()).isFalse();
+        assertThat(keyExchanger.isKexOngoing()).isTrue();
+        assertThat(keyExchanger.isStrictKex()).isFalse();
+        assertThat(keyExchanger.isInitialKex()).isTrue();
+    }
+
+    @Test
+    void finishNonStrictKex() throws Exception {
+        keyExchanger.startKex(false);
+
+        keyExchanger.handle(Message.KEXINIT, getKexInitPacket(false));
+        keyExchanger.handle(Message.KEXDH_31, new SSHPacket(Message.KEXDH_31));
+        keyExchanger.handle(Message.NEWKEYS, new SSHPacket(Message.NEWKEYS));
+
+        assertThat(keyExchanger.isKexDone()).isTrue();
+        assertThat(keyExchanger.isKexOngoing()).isFalse();
+        assertThat(keyExchanger.isStrictKex()).isFalse();
+        assertThat(keyExchanger.isInitialKex()).isFalse();
+
+        verify(transport.getEncoder(), never()).resetSequenceNumber();
+        verify(transport.getDecoder(), never()).resetSequenceNumber();
+    }
+
+    @Test
+    void receiveKexInitWithServerFlag() throws Exception {
+        keyExchanger.startKex(false);
+
+        keyExchanger.handle(Message.KEXINIT, getKexInitPacket(true));
+
+        assertThat(keyExchanger.isKexDone()).isFalse();
+        assertThat(keyExchanger.isKexOngoing()).isTrue();
+        assertThat(keyExchanger.isStrictKex()).isTrue();
+        assertThat(keyExchanger.isInitialKex()).isTrue();
+    }
+
+    @Test
+    void strictKexInitIsNotFirstPacket() throws Exception {
+        when(transport.getDecoder().getSequenceNumber()).thenReturn(1L);
+        keyExchanger.startKex(false);
+
+        assertThatExceptionOfType(TransportException.class).isThrownBy(
+                () -> keyExchanger.handle(Message.KEXINIT, getKexInitPacket(true))
+        ).satisfies(e -> {
+            assertThat(e.getDisconnectReason()).isEqualTo(DisconnectReason.KEY_EXCHANGE_FAILED);
+            assertThat(e.getMessage()).isEqualTo("SSH_MSG_KEXINIT was not first package during strict key exchange");
+        });
+    }
+
+    @Test
+    void finishStrictKex() throws Exception {
+        keyExchanger.startKex(false);
+
+        keyExchanger.handle(Message.KEXINIT, getKexInitPacket(true));
+        verify(transport.getEncoder(), never()).resetSequenceNumber();
+        keyExchanger.handle(Message.KEXDH_31, new SSHPacket(Message.KEXDH_31));
+        verify(transport.getEncoder()).resetSequenceNumber();
+        verify(transport.getDecoder(), never()).resetSequenceNumber();
+        keyExchanger.handle(Message.NEWKEYS, new SSHPacket(Message.NEWKEYS));
+        verify(transport.getDecoder()).resetSequenceNumber();
+
+        assertThat(keyExchanger.isKexDone()).isTrue();
+        assertThat(keyExchanger.isKexOngoing()).isFalse();
+        assertThat(keyExchanger.isStrictKex()).isTrue();
+        assertThat(keyExchanger.isInitialKex()).isFalse();
+    }
+
+    @Test
+    void noClientFlagInSecondStrictKex() throws Exception {
+        keyExchanger.startKex(false);
+        keyExchanger.handle(Message.KEXINIT, getKexInitPacket(true));
+        keyExchanger.handle(Message.KEXDH_31, new SSHPacket(Message.KEXDH_31));
+        keyExchanger.handle(Message.NEWKEYS, new SSHPacket(Message.NEWKEYS));
+
+        ArgumentCaptor<SSHPacket> sshPacketCaptor = ArgumentCaptor.forClass(SSHPacket.class);
+        when(transport.write(sshPacketCaptor.capture())).thenReturn(0L);
+        when(transport.isAuthenticated()).thenReturn(true);
+
+        keyExchanger.startKex(false);
+
+        assertThat(keyExchanger.isKexDone()).isFalse();
+        assertThat(keyExchanger.isKexOngoing()).isTrue();
+        assertThat(keyExchanger.isStrictKex()).isTrue();
+        assertThat(keyExchanger.isInitialKex()).isFalse();
+
+        SSHPacket sshPacket = sshPacketCaptor.getValue();
+        List<String> kex = new Proposal(sshPacket).getKeyExchangeAlgorithms();
+        assertThat(kex).doesNotContain("kex-strict-c-v00@openssh.com");
+    }
+
+    @Test
+    void serverFlagIsIgnoredInSecondKex() throws Exception {
+        keyExchanger.startKex(false);
+        keyExchanger.handle(Message.KEXINIT, getKexInitPacket(false));
+        keyExchanger.handle(Message.KEXDH_31, new SSHPacket(Message.KEXDH_31));
+        keyExchanger.handle(Message.NEWKEYS, new SSHPacket(Message.NEWKEYS));
+
+        ArgumentCaptor<SSHPacket> sshPacketCaptor = ArgumentCaptor.forClass(SSHPacket.class);
+        when(transport.write(sshPacketCaptor.capture())).thenReturn(0L);
+        when(transport.isAuthenticated()).thenReturn(true);
+
+        keyExchanger.startKex(false);
+        keyExchanger.handle(Message.KEXINIT, getKexInitPacket(true));
+
+        assertThat(keyExchanger.isKexDone()).isFalse();
+        assertThat(keyExchanger.isKexOngoing()).isTrue();
+        assertThat(keyExchanger.isStrictKex()).isFalse();
+        assertThat(keyExchanger.isInitialKex()).isFalse();
+
+        SSHPacket sshPacket = sshPacketCaptor.getValue();
+        List<String> kex = new Proposal(sshPacket).getKeyExchangeAlgorithms();
+        assertThat(kex).doesNotContain("kex-strict-c-v00@openssh.com");
+    }
+
+    private SSHPacket getKexInitPacket(boolean withServerFlag) {
+        SSHPacket kexinitPacket = new Proposal(config, Collections.emptyList(), true).getPacket();
+        if (withServerFlag) {
+            int finalWpos = kexinitPacket.wpos();
+            kexinitPacket.wpos(22);
+            kexinitPacket.putString("mock-kex,kex-strict-s-v00@openssh.com");
+            kexinitPacket.wpos(finalWpos);
+        }
+        kexinitPacket.rpos(kexinitPacket.rpos() + 1);
+        return kexinitPacket;
+    }
+
+}

src/test/java/net/schmizz/sshj/transport/TransportImplStrictKeyExchangeTest.java

@@ -0,0 +1,120 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package net.schmizz.sshj.transport;
+
+import java.lang.reflect.Field;
+
+import net.schmizz.sshj.Config;
+import net.schmizz.sshj.DefaultConfig;
+import net.schmizz.sshj.common.DisconnectReason;
+import net.schmizz.sshj.common.Message;
+import net.schmizz.sshj.common.SSHPacket;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.EnumSource;
+import org.junit.jupiter.params.provider.EnumSource.Mode;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatCode;
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+class TransportImplStrictKeyExchangeTest {
+
+    private final Config config = new DefaultConfig();
+    private final Transport transport = new TransportImpl(config);
+    private final KeyExchanger kexer = mock(KeyExchanger.class);
+    private final Decoder decoder = mock(Decoder.class);
+
+    @BeforeEach
+    void setUp() throws Exception {
+        Field kexerField = TransportImpl.class.getDeclaredField("kexer");
+        kexerField.setAccessible(true);
+        kexerField.set(transport, kexer);
+        Field decoderField = TransportImpl.class.getDeclaredField("decoder");
+        decoderField.setAccessible(true);
+        decoderField.set(transport, decoder);
+    }
+
+    @Test
+    void throwExceptionOnWrapDuringInitialKex() {
+        when(kexer.isInitialKex()).thenReturn(true);
+        when(decoder.isSequenceNumberAtMax()).thenReturn(true);
+
+        assertThatExceptionOfType(TransportException.class).isThrownBy(
+                () -> transport.handle(Message.KEXINIT, new SSHPacket(Message.KEXINIT))
+        ).satisfies(e -> {
+            assertThat(e.getDisconnectReason()).isEqualTo(DisconnectReason.KEY_EXCHANGE_FAILED);
+            assertThat(e.getMessage()).isEqualTo("Sequence number of decoder is about to wrap during initial key exchange");
+        });
+    }
+
+    @ParameterizedTest
+    @EnumSource(value = Message.class, mode = Mode.EXCLUDE, names = {
+        "DISCONNECT", "KEXINIT", "NEWKEYS", "KEXDH_INIT", "KEXDH_31", "KEX_DH_GEX_INIT", "KEX_DH_GEX_REPLY", "KEX_DH_GEX_REQUEST"
+    })
+    void forbidUnexpectedPacketsDuringStrictKeyExchange(Message message) {
+        when(kexer.isInitialKex()).thenReturn(true);
+        when(decoder.isSequenceNumberAtMax()).thenReturn(false);
+        when(kexer.isStrictKex()).thenReturn(true);
+
+        assertThatExceptionOfType(TransportException.class).isThrownBy(
+                () -> transport.handle(message, new SSHPacket(message))
+        ).satisfies(e -> {
+            assertThat(e.getDisconnectReason()).isEqualTo(DisconnectReason.KEY_EXCHANGE_FAILED);
+            assertThat(e.getMessage()).isEqualTo("Unexpected packet type during initial strict key exchange");
+        });
+    }
+
+    @ParameterizedTest
+    @EnumSource(value = Message.class, mode = Mode.INCLUDE, names = {
+        "KEXINIT", "NEWKEYS", "KEXDH_INIT", "KEXDH_31", "KEX_DH_GEX_INIT", "KEX_DH_GEX_REPLY", "KEX_DH_GEX_REQUEST"
+    })
+    void expectedPacketsDuringStrictKeyExchangeAreHandled(Message message) throws Exception {
+        when(kexer.isInitialKex()).thenReturn(true);
+        when(decoder.isSequenceNumberAtMax()).thenReturn(false);
+        when(kexer.isStrictKex()).thenReturn(true);
+        SSHPacket sshPacket = new SSHPacket(message);
+
+        assertThatCode(
+                () -> transport.handle(message, sshPacket)
+        ).doesNotThrowAnyException();
+
+        verify(kexer).handle(message, sshPacket);
+    }
+
+    @Test
+    void disconnectIsAllowedDuringStrictKeyExchange() {
+        when(kexer.isInitialKex()).thenReturn(true);
+        when(decoder.isSequenceNumberAtMax()).thenReturn(false);
+        when(kexer.isStrictKex()).thenReturn(true);
+
+        SSHPacket sshPacket = new SSHPacket();
+        sshPacket.putUInt32(DisconnectReason.SERVICE_NOT_AVAILABLE.toInt());
+        sshPacket.putString("service is down for maintenance");
+
+        assertThatExceptionOfType(TransportException.class).isThrownBy(
+                () -> transport.handle(Message.DISCONNECT, sshPacket)
+        ).satisfies(e -> {
+            assertThat(e.getDisconnectReason()).isEqualTo(DisconnectReason.SERVICE_NOT_AVAILABLE);
+            assertThat(e.getMessage()).isEqualTo("service is down for maintenance");
+        });
+    }
+
+}

src/test/java/net/schmizz/sshj/transport/kex/Curve25519DHTest.java

@@ -15,17 +15,24 @@
  */
 package net.schmizz.sshj.transport.kex;
 
+import net.schmizz.sshj.common.SecurityUtils;
 import net.schmizz.sshj.transport.random.JCERandom;
+import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 
 import java.math.BigInteger;
 import java.security.GeneralSecurityException;
+import java.security.KeyPairGenerator;
+import java.security.Provider;
+import java.security.Security;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 
 public class Curve25519DHTest {
 
+    private static final String ALGORITHM_FILTER = "KeyPairGenerator.X25519";
+
     private static final int KEY_LENGTH = 32;
 
     private static final byte[] PEER_PUBLIC_KEY = {
@@ -35,8 +42,16 @@ public class Curve25519DHTest {
         1, 2, 3, 4, 5, 6, 7, 8
     };
 
+    @BeforeEach
+    public void clearSecurityProvider() {
+        SecurityUtils.setSecurityProvider(null);
+    }
+
     @Test
     public void testInitPublicKeyLength() throws GeneralSecurityException {
+        final boolean bouncyCastleRegistrationRequired = isAlgorithmUnsupported();
+        SecurityUtils.setRegisterBouncyCastle(bouncyCastleRegistrationRequired);
+
         final Curve25519DH dh = new Curve25519DH();
         dh.init(null, new JCERandom.Factory());
 
@@ -48,6 +63,8 @@ public class Curve25519DHTest {
 
     @Test
     public void testInitComputeSharedSecretKey() throws GeneralSecurityException {
+        SecurityUtils.setRegisterBouncyCastle(true);
+
         final Curve25519DH dh = new Curve25519DH();
         dh.init(null, new JCERandom.Factory());
 
@@ -57,4 +74,9 @@ public class Curve25519DHTest {
         assertNotNull(sharedSecretKey);
         assertEquals(BigInteger.ONE.signum(), sharedSecretKey.signum());
     }
+
+    private boolean isAlgorithmUnsupported() {
+        final Provider[] providers = Security.getProviders(ALGORITHM_FILTER);
+        return providers == null || providers.length == 0;
+    }
 }

src/test/java/net/schmizz/sshj/util/CorruptBase64.java

@@ -0,0 +1,42 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.schmizz.sshj.util;
+
+import net.schmizz.sshj.common.Base64DecodingException;
+import net.schmizz.sshj.common.Base64Decoder;
+
+import java.io.IOException;
+
+public class CorruptBase64 {
+    private CorruptBase64() {
+    }
+
+    public static String corruptBase64(String source) throws IOException {
+        while (true) {
+            try {
+                Base64Decoder.decode(source);
+            } catch (Base64DecodingException e) {
+                return source;
+            }
+
+            if (source.endsWith("=")) {
+                source = source.substring(0, source.length() - 1);
+            }
+            source += "X";
+        }
+    }
+}