public class DefaultKnownHostsServerKeyVerifier extends KnownHostsServerKeyVerifier
~/.ssh/known_hosts
file of the user currently running
the client, updating and re-loading it if necessary. It also (optionally)
enforces the same permissions regime as OpenSSH
.KnownHostsServerKeyVerifier.HostEntryPair
KNOWN_HOSTS_FILE_OPTION, STRICT_CHECKING_OPTION, updateLock
options, STRICTLY_PROHIBITED_FILE_PERMISSION
log
Constructor and Description |
---|
DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate) |
DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate,
boolean strict) |
DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate,
boolean strict,
File file) |
DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate,
boolean strict,
Path file,
LinkOption... options) |
Modifier and Type | Method and Description |
---|---|
boolean |
isStrict() |
protected List<KnownHostsServerKeyVerifier.HostEntryPair> |
reloadKnownHosts(ClientSession session,
Path file) |
acceptIncompleteHostKeys, acceptKnownHostEntries, acceptKnownHostEntry, acceptModifiedServerKey, acceptUnknownHostKey, findKnownHostEntry, getDelegateVerifier, getFallbackPublicKeyEntryResolver, getHostValueDigester, getLoadedHostsEntries, getModifiedServerKeyAcceptor, handleKnownHostsFileUpdateFailure, handleModifiedServerKeyUpdateFailure, prepareKnownHostEntry, prepareModifiedServerKeyLine, resolveHostKey, resolveHostNetworkIdentities, setLoadedHostsEntries, setModifiedServerKeyAcceptor, updateKnownHostsFile, updateModifiedServerKey, verifyServerKey
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
getSimplifiedLogger
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate)
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict)
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, File file)
public DefaultKnownHostsServerKeyVerifier(ServerKeyVerifier delegate, boolean strict, Path file, LinkOption... options)
public final boolean isStrict()
true
then makes sure that the containing folder
has 0700 access and the file 0644. Note: for Windows it
does not check these permissionsModifiableFileWatcher.validateStrictConfigFilePermissions(Path, LinkOption...)
protected List<KnownHostsServerKeyVerifier.HostEntryPair> reloadKnownHosts(ClientSession session, Path file) throws IOException, GeneralSecurityException
reloadKnownHosts
in class KnownHostsServerKeyVerifier
session
- The ClientSession
that triggered this requestfile
- The Path
to reload fromList
of the loaded KnownHostsServerKeyVerifier.HostEntryPair
s - may be null
/emptyIOException
- If failed to parse the fileGeneralSecurityException
- If failed to resolve the encoded public keysCopyright © 2008–2022 The Apache Software Foundation. All rights reserved.