Class FingerprintVerifier

java.lang.Object
net.schmizz.sshj.transport.verification.FingerprintVerifier
All Implemented Interfaces:
HostKeyVerifier

public class FingerprintVerifier extends Object implements HostKeyVerifier
  • Field Details

    • MD5_FINGERPRINT_PATTERN

      private static final Pattern MD5_FINGERPRINT_PATTERN
    • digestAlgorithm

      private final String digestAlgorithm
    • fingerprintData

      private final byte[] fingerprintData
  • Constructor Details

    • FingerprintVerifier

      private FingerprintVerifier(String digestAlgorithm, String base64Fingerprint)
      Parameters:
      digestAlgorithm - the used digest algorithm
      base64Fingerprint - base64 encoded fingerprint data
  • Method Details

    • getInstance

      public static HostKeyVerifier getInstance(String fingerprint)
      Valid examples:
      • 4b:69:6c:72:6f:79:20:77:61:73:20:68:65:72:65:21
      • MD5:4b:69:6c:72:6f:79:20:77:61:73:20:68:65:72:65:21
      • SHA1:FghNYu1l/HyE/qWbdQ2mkxrd0rU
      • SHA1:FghNYu1l/HyE/qWbdQ2mkxrd0rU=
      • SHA256:l/SjyCoKP8jAx3d8k8MWH+UZG0gcuIR7TQRE/A3faQo
      • SHA256:l/SjyCoKP8jAx3d8k8MWH+UZG0gcuIR7TQRE/A3faQo=
      Parameters:
      fingerprint - of an SSH fingerprint in MD5 (hex), SHA-1 (base64) or SHA-256(base64) format
      Returns:
      Host Key Verifier
    • verify

      public boolean verify(String hostname, int port, PublicKey key)
      Description copied from interface: HostKeyVerifier
      This callback is invoked when the server's host key needs to be verified. The return value indicates to the caller whether the SSH connection should proceed.

      Note: host key verification is the basis for security in SSH, therefore exercise due caution in implementing!

      Specified by:
      verify in interface HostKeyVerifier
      Parameters:
      hostname - remote hostname
      port - remote port
      key - host key of server
      Returns:
      true if key is acceptable, false otherwise
    • findExistingAlgorithms

      public List<String> findExistingAlgorithms(String hostname, int port)
      Description copied from interface: HostKeyVerifier
      It is necessary to connect with the type of algorithm that matches an existing know_host entry. This will allow a match when we later verify with the negotiated key HostKeyVerifier.verify
      Specified by:
      findExistingAlgorithms in interface HostKeyVerifier
      Parameters:
      hostname - remote hostname
      port - remote port
      Returns:
      existing key types or empty list if no keys known for hostname
    • toString

      public String toString()
      Overrides:
      toString in class Object