java.lang.Object
- org.apache.sshd.common.util.logging.AbstractLoggingBean
- - org.apache.sshd.common.util.io.ModifiableFileWatcher
  - - org.apache.sshd.server.config.keys.AuthorizedKeysAuthenticator

All Implemented Interfaces:

PublickeyAuthenticator

Direct Known Subclasses:

DefaultAuthorizedKeysAuthenticator
```
public class AuthorizedKeysAuthenticator
extends ModifiableFileWatcher
implements PublickeyAuthenticator
```
Uses the authorized keys file to implement PublickeyAuthenticator while automatically re-loading the keys if the file has changed when a new authentication request is received. Note: by default, the only validation of the username is that it is not null/empty - see isValidUsername(String, ServerSession)

Author:

Apache MINA SSHD Project

Field Summary

Fields
Modifier and Type Field Description

static String STD_AUTHORIZED_KEYS_FILENAME
Standard OpenSSH authorized keys file name
- Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
  options, STRICTLY_PROHIBITED_FILE_PERMISSION
- Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
  log

Constructor Summary

Constructors
Constructor Description

AuthorizedKeysAuthenticator(Path file)

AuthorizedKeysAuthenticator(Path file, LinkOption... options)

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`boolean`	`authenticate(String username, PublicKey key, ServerSession session)`	Check the validity of a public key.
`protected PublickeyAuthenticator`	`createDelegateAuthenticator(String username, ServerSession session, Path path, Collection<AuthorizedKeyEntry> entries, PublicKeyEntryResolver fallbackResolver)`
`static Path`	`getDefaultAuthorizedKeysFile()`
`protected PublicKeyEntryResolver`	`getFallbackPublicKeyEntryResolver()`
`protected boolean`	`isValidUsername(String username, ServerSession session)`
`static List<AuthorizedKeyEntry>`	`readDefaultAuthorizedKeys(OpenOption... options)`	Reads read the contents of the default OpenSSH `authorized_keys` file
`protected Collection<AuthorizedKeyEntry>`	`reloadAuthorizedKeys(Path path, String username, ServerSession session)`
`protected PublickeyAuthenticator`	`resolvePublickeyAuthenticator(String username, ServerSession session)`

Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions

Methods inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
debug, debug, debug, debug, debug, error, error, error, error, error, getSimplifiedLogger, info, info, warn, warn, warn, warn, warn, warn, warn, warn

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail
- STD_AUTHORIZED_KEYS_FILENAME
```
public static final String STD_AUTHORIZED_KEYS_FILENAME
```
  Standard OpenSSH authorized keys file name
  
  See Also:
  
  Constant Field Values

Constructor Detail

AuthorizedKeysAuthenticator

public AuthorizedKeysAuthenticator(Path file)

AuthorizedKeysAuthenticator

public AuthorizedKeysAuthenticator(Path file,
                                   LinkOption... options)

Method Detail

authenticate
```
public boolean authenticate(String username,
                            PublicKey key,
                            ServerSession session)
```
Description copied from interface: PublickeyAuthenticator

Check the validity of a public key.

Specified by:

authenticate in interface PublickeyAuthenticator

Parameters:

username - the username

key - the key

session - the server session

Returns:

a boolean indicating if authentication succeeded or not

isValidUsername

protected boolean isValidUsername(String username,
                                  ServerSession session)

resolvePublickeyAuthenticator

protected PublickeyAuthenticator resolvePublickeyAuthenticator(String username,
                                                               ServerSession session)
                                                        throws IOException,
                                                               GeneralSecurityException

Throws:: IOException; GeneralSecurityException

createDelegateAuthenticator

protected PublickeyAuthenticator createDelegateAuthenticator(String username,
                                                             ServerSession session,
                                                             Path path,
                                                             Collection<AuthorizedKeyEntry> entries,
                                                             PublicKeyEntryResolver fallbackResolver)
                                                      throws IOException,
                                                             GeneralSecurityException

Throws:: IOException; GeneralSecurityException

getFallbackPublicKeyEntryResolver

protected PublicKeyEntryResolver getFallbackPublicKeyEntryResolver()

reloadAuthorizedKeys

protected Collection<AuthorizedKeyEntry> reloadAuthorizedKeys(Path path,
                                                              String username,
                                                              ServerSession session)
                                                       throws IOException,
                                                              GeneralSecurityException

Throws:: IOException; GeneralSecurityException

getDefaultAuthorizedKeysFile
```
public static Path getDefaultAuthorizedKeysFile()
```
Returns:

The default Path location of the OpenSSH authorized keys file

readDefaultAuthorizedKeys
```
public static List<AuthorizedKeyEntry> readDefaultAuthorizedKeys(OpenOption... options)
                                                          throws IOException
```
Reads read the contents of the default OpenSSH authorized_keys file

Parameters:

options - The OpenOptions to use when reading the file

Returns:

A List of all the AuthorizedKeyEntry-ies found there - or empty if file does not exist

Throws:

IOException - If failed to read keys from file

Constructor	Description
`AuthorizedKeysAuthenticator(Path file)`
`AuthorizedKeysAuthenticator(Path file, LinkOption... options)`

Class AuthorizedKeysAuthenticator

Field Summary

Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher

Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean

Constructor Summary

Method Summary

Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher

Methods inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean

Methods inherited from class java.lang.Object

Field Detail

STD_AUTHORIZED_KEYS_FILENAME

Constructor Detail

AuthorizedKeysAuthenticator

AuthorizedKeysAuthenticator

Method Detail

authenticate

isValidUsername

resolvePublickeyAuthenticator

createDelegateAuthenticator

getFallbackPublicKeyEntryResolver

reloadAuthorizedKeys

getDefaultAuthorizedKeysFile

readDefaultAuthorizedKeys