Class DefaultKnownHostsServerKeyVerifier
java.lang.Object
org.apache.sshd.common.util.logging.AbstractLoggingBean
org.apache.sshd.common.util.io.ModifiableFileWatcher
org.apache.sshd.client.keyverifier.KnownHostsServerKeyVerifier
org.apache.sshd.client.keyverifier.DefaultKnownHostsServerKeyVerifier
- All Implemented Interfaces:
ModifiedServerKeyAcceptor, ServerKeyVerifier
Monitors the
~/.ssh/known_hosts file of the user currently running the client, updating and re-loading it if
necessary. It also (optionally) enforces the same permissions regime as OpenSSH.-
Nested Class Summary
Nested classes/interfaces inherited from class KnownHostsServerKeyVerifier
KnownHostsServerKeyVerifier.HostEntryPair -
Field Summary
FieldsFields inherited from class KnownHostsServerKeyVerifier
KNOWN_HOSTS_FILE_OPTION, STRICT_CHECKING_OPTION, updateLockFields inherited from class ModifiableFileWatcher
options, STRICTLY_PROHIBITED_FILE_PERMISSIONFields inherited from class AbstractLoggingBean
log -
Constructor Summary
ConstructorsConstructorDescriptionDefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict) DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, File file) DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, Path file, LinkOption... options) -
Method Summary
Modifier and TypeMethodDescriptionfinal booleanisStrict()protected List<KnownHostsServerKeyVerifier.HostEntryPair> reloadKnownHosts(ClientSession session, Path file) Methods inherited from class KnownHostsServerKeyVerifier
acceptIncompleteHostKeys, acceptKnownHostEntries, acceptModifiedServerKey, acceptUnknownHostKey, findKnownHostEntries, getDelegateVerifier, getFallbackPublicKeyEntryResolver, getHostValueDigester, getKnownHostSupplier, getModifiedServerKeyAcceptor, handleKnownHostsFileUpdateFailure, handleModifiedServerKeyUpdateFailure, handleRevokedKey, prepareKnownHostEntry, prepareModifiedServerKeyLine, resolveHostKey, resolveHostNetworkIdentities, setLoadedHostsEntries, setModifiedServerKeyAcceptor, updateKnownHostsFile, updateModifiedServerKey, updateModifiedServerKey, verifyServerKeyMethods inherited from class ModifiableFileWatcher
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
-
Field Details
-
strict
private final boolean strict
-
-
Constructor Details
-
DefaultKnownHostsServerKeyVerifier
-
DefaultKnownHostsServerKeyVerifier
-
DefaultKnownHostsServerKeyVerifier
-
DefaultKnownHostsServerKeyVerifier
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, Path file, LinkOption... options)
-
-
Method Details
-
isStrict
public final boolean isStrict()- Returns:
- If
truethen makes sure that the containing folder has 0700 access and the file 0644. Note: for Windows it does not check these permissions - See Also:
-
reloadKnownHosts
protected List<KnownHostsServerKeyVerifier.HostEntryPair> reloadKnownHosts(ClientSession session, Path file) throws IOException, GeneralSecurityException - Overrides:
reloadKnownHostsin classKnownHostsServerKeyVerifier- Parameters:
session- TheClientSessionthat triggered this requestfile- ThePathto reload from- Returns:
- A
Listof the loadedKnownHostsServerKeyVerifier.HostEntryPairs - may benull/empty - Throws:
IOException- If failed to parse the fileGeneralSecurityException- If failed to resolve the encoded public keys
-