Class AuthorizedKeysAuthenticator
java.lang.Object
org.apache.sshd.common.util.logging.AbstractLoggingBean
org.apache.sshd.common.util.io.ModifiableFileWatcher
org.apache.sshd.server.config.keys.AuthorizedKeysAuthenticator
- All Implemented Interfaces:
PublickeyAuthenticator
- Direct Known Subclasses:
DefaultAuthorizedKeysAuthenticator
public class AuthorizedKeysAuthenticator
extends ModifiableFileWatcher
implements PublickeyAuthenticator
Uses the authorized keys file to implement
PublickeyAuthenticator
while automatically re-loading the keys if
the file has changed when a new authentication request is received. Note: by default, the only validation of
the username is that it is not null
/empty - see isValidUsername(String, ServerSession)
- Author:
- Apache MINA SSHD Project
-
Field Summary
Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
options, STRICTLY_PROHIBITED_FILE_PERMISSION
Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
log
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionboolean
authenticate
(String username, PublicKey key, ServerSession session) Check the validity of a public key.protected PublickeyAuthenticator
createDelegateAuthenticator
(String username, ServerSession session, Path path, Collection<AuthorizedKeyEntry> entries, PublicKeyEntryResolver fallbackResolver) static Path
protected PublicKeyEntryResolver
protected boolean
isValidUsername
(String username, ServerSession session) static List<AuthorizedKeyEntry>
readDefaultAuthorizedKeys
(OpenOption... options) Reads read the contents of the default OpenSSHauthorized_keys
fileprotected Collection<AuthorizedKeyEntry>
reloadAuthorizedKeys
(Path path, String username, ServerSession session) protected PublickeyAuthenticator
resolvePublickeyAuthenticator
(String username, ServerSession session) Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
-
Field Details
-
STD_AUTHORIZED_KEYS_FILENAME
Standard OpenSSH authorized keys file name- See Also:
-
-
Constructor Details
-
AuthorizedKeysAuthenticator
-
AuthorizedKeysAuthenticator
-
-
Method Details
-
authenticate
Description copied from interface:PublickeyAuthenticator
Check the validity of a public key.- Specified by:
authenticate
in interfacePublickeyAuthenticator
- Parameters:
username
- the usernamekey
- the keysession
- the server session- Returns:
- a boolean indicating if authentication succeeded or not
-
isValidUsername
-
resolvePublickeyAuthenticator
protected PublickeyAuthenticator resolvePublickeyAuthenticator(String username, ServerSession session) throws IOException, GeneralSecurityException - Throws:
IOException
GeneralSecurityException
-
createDelegateAuthenticator
protected PublickeyAuthenticator createDelegateAuthenticator(String username, ServerSession session, Path path, Collection<AuthorizedKeyEntry> entries, PublicKeyEntryResolver fallbackResolver) throws IOException, GeneralSecurityException - Throws:
IOException
GeneralSecurityException
-
getFallbackPublicKeyEntryResolver
-
reloadAuthorizedKeys
protected Collection<AuthorizedKeyEntry> reloadAuthorizedKeys(Path path, String username, ServerSession session) throws IOException, GeneralSecurityException - Throws:
IOException
GeneralSecurityException
-
getDefaultAuthorizedKeysFile
- Returns:
- The default
Path
location of the OpenSSH authorized keys file
-
readDefaultAuthorizedKeys
public static List<AuthorizedKeyEntry> readDefaultAuthorizedKeys(OpenOption... options) throws IOException Reads read the contents of the default OpenSSHauthorized_keys
file- Parameters:
options
- TheOpenOption
s to use when reading the file- Returns:
- A
List
of all theAuthorizedKeyEntry
-ies found there - or empty if file does not exist - Throws:
IOException
- If failed to read keys from file
-