Class DefaultKnownHostsServerKeyVerifier
java.lang.Object
org.apache.sshd.common.util.logging.AbstractLoggingBean
org.apache.sshd.common.util.io.ModifiableFileWatcher
org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
org.apache.sshd.client.keyverifier.DefaultKnownHostsServerKeyVerifier
- All Implemented Interfaces:
ModifiedServerKeyAcceptor,ServerKeyVerifier
Monitors the
~/.ssh/known_hosts file of the user currently running the client, updating and re-loading it if
necessary. It also (optionally) enforces the same permissions regime as OpenSSH.-
Nested Class Summary
Nested classes/interfaces inherited from class org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
KnownHostsServerKeyVerifier.HostEntryPair -
Field Summary
FieldsFields inherited from class org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
KNOWN_HOSTS_FILE_OPTION, STRICT_CHECKING_OPTION, updateLockFields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
options, STRICTLY_PROHIBITED_FILE_PERMISSIONFields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
log -
Constructor Summary
ConstructorsConstructorDescriptionDefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict) DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, File file) DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, Path file, LinkOption... options) -
Method Summary
Modifier and TypeMethodDescriptionfinal booleanisStrict()protected List<KnownHostsServerKeyVerifier.HostEntryPair> reloadKnownHosts(ClientSession session, Path file) Methods inherited from class org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
acceptIncompleteHostKeys, acceptKnownHostEntries, acceptModifiedServerKey, acceptUnknownHostKey, findKnownHostEntries, getDelegateVerifier, getFallbackPublicKeyEntryResolver, getHostValueDigester, getKnownHostSupplier, getModifiedServerKeyAcceptor, handleKnownHostsFileUpdateFailure, handleModifiedServerKeyUpdateFailure, prepareKnownHostEntry, prepareModifiedServerKeyLine, resolveHostKey, resolveHostNetworkIdentities, setLoadedHostsEntries, setModifiedServerKeyAcceptor, updateKnownHostsFile, updateModifiedServerKey, updateModifiedServerKey, verifyServerKeyMethods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
-
Field Details
-
strict
private final boolean strict
-
-
Constructor Details
-
DefaultKnownHostsServerKeyVerifier
-
DefaultKnownHostsServerKeyVerifier
-
DefaultKnownHostsServerKeyVerifier
-
DefaultKnownHostsServerKeyVerifier
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, Path file, LinkOption... options)
-
-
Method Details
-
isStrict
public final boolean isStrict()- Returns:
- If
truethen makes sure that the containing folder has 0700 access and the file 0644. Note: for Windows it does not check these permissions - See Also:
-
reloadKnownHosts
protected List<KnownHostsServerKeyVerifier.HostEntryPair> reloadKnownHosts(ClientSession session, Path file) throws IOException, GeneralSecurityException - Overrides:
reloadKnownHostsin classKnownHostsServerKeyVerifier- Parameters:
session- TheClientSessionthat triggered this requestfile- ThePathto reload from- Returns:
- A
Listof the loadedKnownHostsServerKeyVerifier.HostEntryPairs - may benull/empty - Throws:
IOException- If failed to parse the fileGeneralSecurityException- If failed to resolve the encoded public keys
-