// Notice for existing customers
Maverick Legacy 1.7.x and 1.8.x has entered its official maintenance phase. Active feature development has concluded, with critical security backports guaranteed through June 2029.
[View the Legacy Support & Synergy Migration Roadmap]maverick-synergy / sdk
Maverick Synergy: Enterprise-Grade Java SSH
The open-source core powering half the industry's commercial file transfer solutions. Built for developers, backed by enterprise LTS.
maverick-synergy / core-sdk
Pure Java SSH Architecture. Zero Core Dependencies.
An uncompromising, high-performance SSH framework engineered for isolated runtime environments. Secure your application pipeline with an auditable, quantum-ready codebase.
[ SYSTEM ISOLATION ]
Pure Java Core
100% pure Java implementation at the framework core. Operates with zero reliance on native OS binaries or external C-libraries for standard deployment. Optional JNI wrappers are completely sandboxed and strictly opt-in for specialized edge-cases like native UNIX sockets or SSH agent forwarding.
[ SUPPLY CHAIN SECURITY ]
Zero External Dependencies
The baseline SDK engine is engineered with a strict zero-dependency footprint. By removing transient third-party libraries and bloated logging frameworks, we eliminate the primary attack vectors for modern upstream software exploits and simplify audit compliance.
[ CRYPTOGRAPHIC BACKPLANE ]
Post-Quantum Cryptography (PQC)
Future-proof your data transport networks against tomorrow's intercept-now, decrypt-later threats. Features robust native support for modern primitives, heavy-duty AES-GCM encryption streams, and post-quantum cryptographic readiness out of the box.
maverick-synergy / client api
SSH Client Use Cases
Common client-side patterns, from a first connection to file transfer, interactive shell scripting, and tunnelling. Code below is placeholder.
Connect to a server in a few lines
Add the client dependency, then open an authenticated connection. Placeholder code — replace with the final client examples.
<dependency>
<groupId>com.sshtools</groupId>
<artifactId>maverick-synergy-client</artifactId>
<version>3.1.0</version>
</dependency>// open an authenticated SSH connection
try (SshClient ssh = SshClientBuilder.create()
.withHostname("localhost")
.withPort(2222)
.withUsername("root")
.withPassword("xxxxx")
.build()) {
System.out.println("Connected: " + ssh.isConnected());
}maverick-synergy / server api
SSH Server Use Cases
Build and customize an embedded SSH server — virtual file systems, custom shells, and forwarding policy. Code below is placeholder.
Stand up an embedded SSH server
Add the server dependency and start a basic password-authenticated server. Placeholder code.
<dependency>
<groupId>com.sshtools</groupId>
<artifactId>maverick-synergy-server</artifactId>
<version>3.1.0</version>
</dependency>// minimal embedded server
SshServer server = new SshServer(2222);
Runtime.getRuntime()
.addShutdownHook(() -> { server.close(); });
server.addAuthenticator(new InMemoryPasswordAuthenticator()
.addUser("admin", "admin".toCharArray()));
server.start();The Architecture of Commercial Stability
We develop in the open. We branch for commercial enterprise support, compliance, and legal air-cover.
[ OPEN SOURCE // LGPL-3.0 ]
Focus: Immediate evaluation, prototyping, and community projects.
- >Access to the active main development branch
- >Community-driven support threads via r/jadaptive
- >Subject to all standard LGPL-3.0 copyleft restrictions
- >Upstream updates may require occasional API adaptations
[ COMMERCIAL HOTFIXES ]
Focus: Production stability, risk mitigation, and compliance frameworks.
- >Commercial LTS Branch: Isolated, stable API branches with backported security hotfixes.
- >Commercial Terms: Full proprietary licensing that strips out LGPL copyleft risk.
- >Source & Binaries Included: Full access to the hotfix source tree for internal auditing.
- >Dedicated Support: Direct business-hour email lines backed by core framework maintainers.
maverick-synergy / licensing
Why do I need a Commercial Hotfixes license?
If the code is open-source, why pay for a Commercial LTS / Hotfixes license? You don't pay for the code — you pay for the stability of a frozen timeline.
[ THE OPEN-SOURCE MAIN BRANCH ]
Our active development track moves fast — it introduces new protocol capabilities and occasionally changes APIs as the framework evolves. For a developer prototyping a tool or launching a community project, this is ideal.
However, enterprise applications running in production cannot risk unexpected API changes or compilation breakages caused by upstream updates.
[ THE FROZEN COMMERCIAL BRANCH ]
When you purchase a Commercial Hotfixes/LTS license, you gain access to a completely isolated, frozen codebase branch. We guarantee three things for that specific version:
- >Zero API Drift: The code is completely locked. Pull updates with absolute certainty that nothing will break your existing integration.
- >Targeted Security Backports: When a new protocol vulnerability or cryptographic exploit emerges, we surgically backport the security patch directly into your frozen branch, bypassing the main development noise.
- >Legal Air-Cover: It replaces the LGPL-3.0 copyleft restrictions with a standard commercial license, fully indemnifying your proprietary enterprise software.
maverick-synergy / hotfixes
How do I use the Maverick Synergy Hotfixes version?
When an open-source branch matures, it is branched off into a private Hotfixes repository. It's the exact same codebase — the same packages, the same Java interfaces, the same public API. Nothing in your application code needs to change.
The only difference is that you switch the groupId of your Maven artifact to com.sshtools.hotfixes and use the Synergy version numbers. These versions increment up past the open-source releases as new hotfixes are published, so you always pull the latest patched build of your frozen branch.
- --Same packages & Java interfaces — drop-in replacement
- --Only the groupId changes
- --Hotfix versions increment past the open-source line
<dependency>
<groupId>com.sshtools.hotfixes</groupId>
<artifactId>maverick-synergy-client</artifactId>
<version>3.1.6</version>
</dependency>maverick-synergy / licensing tracks
Predictable Architecture. Transparent Licensing.
Choose the track that fits your operational risk profile. Prototype completely in the open, or secure your production environments with isolated commercial releases.
[ COMMUNITY TRACK ]
For open-source projects, local prototyping, and sandbox evaluations.
- --Full access to the active GitHub main branch
- --Licensed under LGPL-3.0 Copyleft boundaries
- --Community-driven engineering support via r/jadaptive
- --Subject to upstream API drift and structural updates
[ COMMERCIAL LTS ]
Standard per-product commercial deployment, API stability, and production support.
- ->Private Branch License: Access to isolated, production-locked stability branches
- ->Perpetual License: For releases made within the active subscription period
- ->Commercial Terms: Complete removal of LGPL copyleft boundaries
- ->Full Access to Hotfix Source Code & binaries for internal auditing
- ->Regular Hotfix Releases: Isolated, automated updates for protocol CVEs
- ->Unlimited Email Support directly from core protocol maintainers
[ ENTERPRISE MULTI-PRODUCT ]
For multi-product deployments, custom architectures, and tailored commercial terms.
- ->Everything included in the Commercial LTS track across multiple products
- ->Custom Master Service Agreements (MSAs) & tailored legal frameworks
- ->Prioritized business-hour email support routing
- ->Direct escalation channel for core protocol architecture review
// Unsure why stable LTS branches are isolated from the free repository? Read our Architectural FAQ on the Gift and the Paywall philosophy.
maverick-synergy / support
Expert-Led Support Options
Every commercial license includes Standard Support. Upgrade to the Extended tier to cover corporate compliance audits, guarantee business-hour response timelines, and unlock direct architectural advice.
Standard
IncludedTailored for general usage, configuration routing, and standard issue identification.
- API Usage Clarification
- Bug Identification & Lifecycle Tracking
- Security Vulnerability Patching via Hotfix Branch
- Problem Analysis via Logs or Heap Dumps
- Reasonable Issue Reproduction
- Best-effort response within 24/48 Business Hours
Extended
UpgradeIn addition to your core maintenance subscription.
Engineered for enterprise teams requiring formal vendor verification, strict SLA guardrails, and deeper architectural alignment.
- Everything in Standard Support, plus:
- Corporate Procurement & Vendor Risk Assessment Alignment
- Security Questionnaire, Sign-off, & Compliance Onboarding Document Completion
- 8-Hour Guaranteed Business-Hour Response
- Priority Queue Handling for Critical Framework Patches
- Scheduled Live Support / Screen Share (Up to 10 hours / Year)
- Architectural Review & Implementation Best Practices
Live support and guaranteed response times are subject to planned holiday blackout periods. See the FAQs below for full operational details.
maverick-synergy / faq
Frequently Asked Questions
Common questions about support tiers, response times, and service availability.
Our standard hours are 9AM to 6PM GMT/BST, Monday to Friday.
Ready to transition from prototype to production?
Evaluate the core API via GitHub entirely for free. When your legal or operations team requires enterprise compliance and API stability, get a commercial license.