Package net.schmizz.sshj.transport.verification

Class OpenSSHKnownHosts

java.lang.Object

net.schmizz.sshj.transport.verification.OpenSSHKnownHosts

All Implemented Interfaces:

HostKeyVerifier

Direct Known Subclasses:

ConsoleKnownHostsVerifier

public class OpenSSHKnownHosts
extends Object
implements HostKeyVerifier

A HostKeyVerifier implementation for a known_hosts file i.e. in the format used by OpenSSH.

See Also:

• Hashed hostnames spec

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	OpenSSHKnownHosts.BadHostEntry
static class	OpenSSHKnownHosts.CommentEntry
class	OpenSSHKnownHosts.EntryFactory	Each line in these files contains the following fields: markers (optional), hostnames, bits, exponent, modulus, comment.
static class	OpenSSHKnownHosts.HostEntry
static interface	OpenSSHKnownHosts.KnownHostEntry
static enum	OpenSSHKnownHosts.Marker

Field Summary

Fields

Modifier and Type	Field	Description
protected final List<OpenSSHKnownHosts.KnownHostEntry>	entries
protected final File	khFile
protected final org.slf4j.Logger	log
private static final String	LS

Constructor Summary

Constructors

Constructor	Description
OpenSSHKnownHosts(File khFile)
OpenSSHKnownHosts(File khFile, LoggerFactory loggerFactory)
OpenSSHKnownHosts(Reader reader)
OpenSSHKnownHosts(Reader reader, LoggerFactory loggerFactory)

Method Summary

Modifier and Type	Method	Description
private String	adjustHostname(String hostname, int port)
static File	detectSSHDir()
List<OpenSSHKnownHosts.KnownHostEntry>	entries()
List<String>	findExistingAlgorithms(String hostname, int port)	It is necessary to connect with the type of algorithm that matches an existing know_host entry.
File	getFile()
protected boolean	hostKeyChangedAction(String hostname, PublicKey key)
protected boolean	hostKeyUnverifiableAction(String hostname, PublicKey key)
private void	readEntries(BufferedReader br)
String	toString()
boolean	verify(String hostname, int port, PublicKey key)	This callback is invoked when the server's host key needs to be verified.
void	write()
void	write(OpenSSHKnownHosts.KnownHostEntry entry)	Append a single entry

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Details

log

protected final org.slf4j.Logger log

khFile

protected final File khFile

entries

protected final List<OpenSSHKnownHosts.KnownHostEntry> entries

LS

private static final String LS

Constructor Details

OpenSSHKnownHosts

public OpenSSHKnownHosts(Reader reader)
                  throws IOException

Throws:

IOException

OpenSSHKnownHosts

public OpenSSHKnownHosts(File khFile)
                  throws IOException

Throws:

IOException

OpenSSHKnownHosts

public OpenSSHKnownHosts(File khFile,
 LoggerFactory loggerFactory)
                  throws IOException

Throws:

IOException

OpenSSHKnownHosts

public OpenSSHKnownHosts(Reader reader,
 LoggerFactory loggerFactory)
                  throws IOException

Throws:

IOException

Method Details

readEntries

private void readEntries(BufferedReader br)
                  throws IOException

Throws:

IOException

adjustHostname

private String adjustHostname(String hostname,
 int port)

getFile

public File getFile()

verify

public boolean verify(String hostname,
 int port,
 PublicKey key)

Description copied from interface: HostKeyVerifier

This callback is invoked when the server's host key needs to be verified. The return value indicates to the caller whether the SSH connection should proceed.

Note: host key verification is the basis for security in SSH, therefore exercise due caution in implementing!

Specified by:

verify in interface HostKeyVerifier

Parameters:

hostname - remote hostname

port - remote port

key - host key of server

Returns:

true if key is acceptable, false otherwise

findExistingAlgorithms

public List<String> findExistingAlgorithms(String hostname,
 int port)

Description copied from interface: HostKeyVerifier

It is necessary to connect with the type of algorithm that matches an existing know_host entry. This will allow a match when we later verify with the negotiated key HostKeyVerifier.verify

Specified by:

findExistingAlgorithms in interface HostKeyVerifier

Parameters:

hostname - remote hostname

port - remote port

Returns:

existing key types or empty list if no keys known for hostname

hostKeyUnverifiableAction

protected boolean hostKeyUnverifiableAction(String hostname,
 PublicKey key)

hostKeyChangedAction

protected boolean hostKeyChangedAction(String hostname,
 PublicKey key)

entries

public List<OpenSSHKnownHosts.KnownHostEntry> entries()

write

public void write()
           throws IOException

Throws:

IOException

write

public void write(OpenSSHKnownHosts.KnownHostEntry entry)
           throws IOException

Append a single entry

Throws:

IOException

detectSSHDir

public static File detectSSHDir()

toString

public String toString()

Overrides:

toString in class Object