Package net.schmizz.sshj.transport.verification

Class OpenSSHKnownHosts

java.lang.Object

net.schmizz.sshj.transport.verification.OpenSSHKnownHosts

All Implemented Interfaces:

HostKeyVerifier

Direct Known Subclasses:

ConsoleKnownHostsVerifier

public class OpenSSHKnownHosts
extends java.lang.Object
implements HostKeyVerifier

A HostKeyVerifier implementation for a known_hosts file i.e. in the format used by OpenSSH.

See Also:

Hashed hostnames spec

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	OpenSSHKnownHosts.BadHostEntry
static class	OpenSSHKnownHosts.CommentEntry
class	OpenSSHKnownHosts.EntryFactory	Each line in these files contains the following fields: markers (optional), hostnames, bits, exponent, modulus, comment.
static class	OpenSSHKnownHosts.HostEntry
static interface	OpenSSHKnownHosts.KnownHostEntry
static class	OpenSSHKnownHosts.Marker

Field Summary

Fields

Modifier and Type	Field	Description
protected java.util.List<OpenSSHKnownHosts.KnownHostEntry>	entries
protected java.io.File	khFile
protected org.slf4j.Logger	log

Constructor Summary

Constructors

Constructor	Description
OpenSSHKnownHosts(java.io.File khFile)
OpenSSHKnownHosts(java.io.File khFile, LoggerFactory loggerFactory)
OpenSSHKnownHosts(java.io.Reader reader)
OpenSSHKnownHosts(java.io.Reader reader, LoggerFactory loggerFactory)

Method Summary

Modifier and Type	Method	Description
static java.io.File	detectSSHDir()
java.util.List<OpenSSHKnownHosts.KnownHostEntry>	entries()
java.util.List<java.lang.String>	findExistingAlgorithms(java.lang.String hostname, int port)	It is necessary to connect with the type of algorithm that matches an existing know_host entry.
java.io.File	getFile()
protected boolean	hostKeyChangedAction(java.lang.String hostname, java.security.PublicKey key)
protected boolean	hostKeyUnverifiableAction(java.lang.String hostname, java.security.PublicKey key)
java.lang.String	toString()
boolean	verify(java.lang.String hostname, int port, java.security.PublicKey key)	This callback is invoked when the server's host key needs to be verified.
void	write()
void	write(OpenSSHKnownHosts.KnownHostEntry entry)	Append a single entry

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

log

protected final org.slf4j.Logger log

khFile

protected final java.io.File khFile

entries

protected final java.util.List<OpenSSHKnownHosts.KnownHostEntry> entries

Constructor Detail

OpenSSHKnownHosts

public OpenSSHKnownHosts(java.io.Reader reader)
                  throws java.io.IOException

Throws:

java.io.IOException

OpenSSHKnownHosts

public OpenSSHKnownHosts(java.io.File khFile)
                  throws java.io.IOException

Throws:

java.io.IOException

OpenSSHKnownHosts

public OpenSSHKnownHosts(java.io.File khFile,
                         LoggerFactory loggerFactory)
                  throws java.io.IOException

Throws:

java.io.IOException

OpenSSHKnownHosts

public OpenSSHKnownHosts(java.io.Reader reader,
                         LoggerFactory loggerFactory)
                  throws java.io.IOException

Throws:

java.io.IOException

Method Detail

getFile

public java.io.File getFile()

verify

public boolean verify(java.lang.String hostname,
                      int port,
                      java.security.PublicKey key)

Description copied from interface: HostKeyVerifier

This callback is invoked when the server's host key needs to be verified. The return value indicates to the caller whether the SSH connection should proceed.

Note: host key verification is the basis for security in SSH, therefore exercise due caution in implementing!

Specified by:

verify in interface HostKeyVerifier

Parameters:

hostname - remote hostname

port - remote port

key - host key of server

Returns:

true if key is acceptable, false otherwise

findExistingAlgorithms

public java.util.List<java.lang.String> findExistingAlgorithms(java.lang.String hostname,
                                                               int port)

Description copied from interface: HostKeyVerifier

It is necessary to connect with the type of algorithm that matches an existing know_host entry. This will allow a match when we later verify with the negotiated key HostKeyVerifier.verify

Specified by:

findExistingAlgorithms in interface HostKeyVerifier

Parameters:

hostname - remote hostname

port - remote port

Returns:

existing key types or empty list if no keys known for hostname

hostKeyUnverifiableAction

protected boolean hostKeyUnverifiableAction(java.lang.String hostname,
                                            java.security.PublicKey key)

hostKeyChangedAction

protected boolean hostKeyChangedAction(java.lang.String hostname,
                                       java.security.PublicKey key)

entries

public java.util.List<OpenSSHKnownHosts.KnownHostEntry> entries()

write

public void write()
           throws java.io.IOException

Throws:

java.io.IOException

write

public void write(OpenSSHKnownHosts.KnownHostEntry entry)
           throws java.io.IOException

Append a single entry

Throws:

java.io.IOException

detectSSHDir

public static java.io.File detectSSHDir()

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object