Class DefaultKnownHostsServerKeyVerifier
java.lang.Object
org.apache.sshd.common.util.logging.AbstractLoggingBean
org.apache.sshd.common.util.io.ModifiableFileWatcher
org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
org.apache.sshd.client.keyverifier.DefaultKnownHostsServerKeyVerifier
- All Implemented Interfaces:
ModifiedServerKeyAcceptor
,ServerKeyVerifier
Monitors the
~/.ssh/known_hosts
file of the user currently running the client, updating and re-loading it if
necessary. It also (optionally) enforces the same permissions regime as OpenSSH
.- Author:
- Apache MINA SSHD Project
-
Nested Class Summary
Nested classes/interfaces inherited from class org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
KnownHostsServerKeyVerifier.HostEntryPair
-
Field Summary
Fields inherited from class org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
KNOWN_HOSTS_FILE_OPTION, STRICT_CHECKING_OPTION, updateLock
Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
options, STRICTLY_PROHIBITED_FILE_PERMISSION
Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
log
-
Constructor Summary
ConstructorDescriptionDefaultKnownHostsServerKeyVerifier
(ServerKeyVerifier delegate, boolean strict) DefaultKnownHostsServerKeyVerifier
(ServerKeyVerifier delegate, boolean strict, File file) DefaultKnownHostsServerKeyVerifier
(ServerKeyVerifier delegate, boolean strict, Path file, LinkOption... options) -
Method Summary
Modifier and TypeMethodDescriptionfinal boolean
isStrict()
protected List<KnownHostsServerKeyVerifier.HostEntryPair>
reloadKnownHosts
(ClientSession session, Path file) Methods inherited from class org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
acceptIncompleteHostKeys, acceptKnownHostEntries, acceptModifiedServerKey, acceptUnknownHostKey, findKnownHostEntries, getDelegateVerifier, getFallbackPublicKeyEntryResolver, getHostValueDigester, getKnownHostSupplier, getModifiedServerKeyAcceptor, handleKnownHostsFileUpdateFailure, handleModifiedServerKeyUpdateFailure, prepareKnownHostEntry, prepareModifiedServerKeyLine, resolveHostKey, resolveHostNetworkIdentities, setLoadedHostsEntries, setModifiedServerKeyAcceptor, updateKnownHostsFile, updateModifiedServerKey, updateModifiedServerKey, verifyServerKey
Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
-
Constructor Details
-
DefaultKnownHostsServerKeyVerifier
-
DefaultKnownHostsServerKeyVerifier
-
DefaultKnownHostsServerKeyVerifier
-
DefaultKnownHostsServerKeyVerifier
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, Path file, LinkOption... options)
-
-
Method Details
-
isStrict
public final boolean isStrict()- Returns:
- If
true
then makes sure that the containing folder has 0700 access and the file 0644. Note: for Windows it does not check these permissions - See Also:
-
reloadKnownHosts
protected List<KnownHostsServerKeyVerifier.HostEntryPair> reloadKnownHosts(ClientSession session, Path file) throws IOException, GeneralSecurityException - Overrides:
reloadKnownHosts
in classKnownHostsServerKeyVerifier
- Parameters:
session
- TheClientSession
that triggered this requestfile
- ThePath
to reload from- Returns:
- A
List
of the loadedKnownHostsServerKeyVerifier.HostEntryPair
s - may benull
/empty - Throws:
IOException
- If failed to parse the fileGeneralSecurityException
- If failed to resolve the encoded public keys
-