Class DefaultKnownHostsServerKeyVerifier
- java.lang.Object
-
- org.apache.sshd.common.util.logging.AbstractLoggingBean
-
- org.apache.sshd.common.util.io.ModifiableFileWatcher
-
- org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
-
- org.apache.sshd.client.keyverifier.DefaultKnownHostsServerKeyVerifier
-
- All Implemented Interfaces:
ModifiedServerKeyAcceptor
,ServerKeyVerifier
public class DefaultKnownHostsServerKeyVerifier extends KnownHostsServerKeyVerifier
Monitors the~/.ssh/known_hosts
file of the user currently running the client, updating and re-loading it if necessary. It also (optionally) enforces the same permissions regime asOpenSSH
.- Author:
- Apache MINA SSHD Project
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
KnownHostsServerKeyVerifier.HostEntryPair
-
-
Field Summary
-
Fields inherited from class org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
KNOWN_HOSTS_FILE_OPTION, STRICT_CHECKING_OPTION, updateLock
-
Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
options, STRICTLY_PROHIBITED_FILE_PERMISSION
-
Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
log
-
-
Constructor Summary
Constructors Constructor Description DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate)
DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict)
DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, File file)
DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, Path file, LinkOption... options)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
isStrict()
protected List<KnownHostsServerKeyVerifier.HostEntryPair>
reloadKnownHosts(ClientSession session, Path file)
-
Methods inherited from class org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
acceptIncompleteHostKeys, acceptKnownHostEntries, acceptKnownHostEntry, acceptModifiedServerKey, acceptUnknownHostKey, findKnownHostEntry, getDelegateVerifier, getFallbackPublicKeyEntryResolver, getHostValueDigester, getKnownHostSupplier, getModifiedServerKeyAcceptor, handleKnownHostsFileUpdateFailure, handleModifiedServerKeyUpdateFailure, prepareKnownHostEntry, prepareModifiedServerKeyLine, resolveHostKey, resolveHostNetworkIdentities, setLoadedHostsEntries, setModifiedServerKeyAcceptor, updateKnownHostsFile, updateModifiedServerKey, verifyServerKey
-
Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
-
-
-
-
Constructor Detail
-
DefaultKnownHostsServerKeyVerifier
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate)
-
DefaultKnownHostsServerKeyVerifier
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict)
-
DefaultKnownHostsServerKeyVerifier
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, File file)
-
DefaultKnownHostsServerKeyVerifier
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, Path file, LinkOption... options)
-
-
Method Detail
-
isStrict
public final boolean isStrict()
- Returns:
- If
true
then makes sure that the containing folder has 0700 access and the file 0644. Note: for Windows it does not check these permissions - See Also:
ModifiableFileWatcher.validateStrictConfigFilePermissions(Path, LinkOption...)
-
reloadKnownHosts
protected List<KnownHostsServerKeyVerifier.HostEntryPair> reloadKnownHosts(ClientSession session, Path file) throws IOException, GeneralSecurityException
- Overrides:
reloadKnownHosts
in classKnownHostsServerKeyVerifier
- Parameters:
session
- TheClientSession
that triggered this requestfile
- ThePath
to reload from- Returns:
- A
List
of the loadedKnownHostsServerKeyVerifier.HostEntryPair
s - may benull
/empty - Throws:
IOException
- If failed to parse the fileGeneralSecurityException
- If failed to resolve the encoded public keys
-
-