public class KnownHostsKeyVerification extends java.lang.Object implements HostKeyVerification, HostKeyUpdater
An abstract HostKeyVerification class implementation providing validation against the known_hosts format.
| Modifier and Type | Class and Description |
|---|---|
class |
KnownHostsKeyVerification.BlankEntry |
class |
KnownHostsKeyVerification.CertAuthorityEntry |
class |
KnownHostsKeyVerification.CommentEntry |
class |
KnownHostsKeyVerification.HostFileEntry |
class |
KnownHostsKeyVerification.InvalidEntry |
class |
KnownHostsKeyVerification.KeyEntry |
class |
KnownHostsKeyVerification.RevokedEntry |
class |
KnownHostsKeyVerification.Ssh2KeyEntry |
| Constructor and Description |
|---|
KnownHostsKeyVerification() |
KnownHostsKeyVerification(java.io.InputStream in) |
KnownHostsKeyVerification(java.lang.String knownhosts) |
| Modifier and Type | Method and Description |
|---|---|
void |
addEntry(SshPublicKey key,
java.lang.String comment,
java.lang.String... names) |
void |
allowHost(java.lang.String host,
SshPublicKey key,
boolean always) |
void |
clear() |
java.util.Set<KnownHostsKeyVerification.KeyEntry> |
getKeyEntries() |
boolean |
isHostFileWriteable() |
boolean |
isKnownHost(java.lang.String host,
SshPublicKey key) |
void |
load(java.io.InputStream in) |
protected void |
onHostKeyAdded(java.util.Set<java.lang.String> names,
SshPublicKey key) |
protected void |
onHostKeyMismatch(java.lang.String host,
java.util.List<SshPublicKey> allowedHostKey,
SshPublicKey actualHostKey)
Called by the
verifyHost method when the host key supplied by
the host does not match the current key recording in the known hosts file. |
protected void |
onHostKeyRemoved(java.util.Set<java.lang.String> names,
SshPublicKey key) |
protected void |
onHostKeyUpdated(java.util.Set<java.lang.String> names,
SshPublicKey key) |
protected void |
onInvalidHostEntry(java.lang.String entry) |
protected void |
onRevokedKey(java.lang.String host,
SshPublicKey key)
Called by the
verifyHost method when the host key supplied is
listed as a revoked key. |
protected void |
onUnknownHost(java.lang.String host,
SshPublicKey key)
Called by the
verifyHost method when the host key supplied is
not recorded in the known_hosts file. |
void |
removeEntries(SshPublicKey key) |
void |
removeEntries(java.lang.String... hosts) |
void |
removeEntries(java.lang.String host)
Removes an allowed host.
|
void |
removeEntry(KnownHostsKeyVerification.KeyEntry... keys) |
protected java.util.Set<java.lang.String> |
resolveNames(java.lang.String host) |
void |
setComment(KnownHostsKeyVerification.KeyEntry entry,
java.lang.String comment) |
void |
setHashHosts(boolean hashHosts) |
void |
setUseCanonicalHostnames(boolean value) |
void |
setUseReverseDNS(boolean value) |
java.lang.String |
toString()
Outputs the allowed hosts in the known_hosts file format.
|
void |
updateHostKey(java.lang.String host,
SshPublicKey key) |
boolean |
useCanonicalHostname() |
boolean |
useHashHosts() |
boolean |
useReverseDNS() |
boolean |
verifyHost(java.lang.String host,
SshPublicKey pk)
Verifies a host key against the list of known_hosts.
|
public KnownHostsKeyVerification(java.io.InputStream in)
throws SshException,
java.io.IOException
SshExceptionjava.io.IOExceptionpublic KnownHostsKeyVerification(java.lang.String knownhosts)
throws SshException,
java.io.IOException
SshExceptionjava.io.IOExceptionpublic KnownHostsKeyVerification()
public void clear()
public void load(java.io.InputStream in)
throws SshException,
java.io.IOException
SshExceptionjava.io.IOExceptionprotected void onHostKeyAdded(java.util.Set<java.lang.String> names,
SshPublicKey key)
public void setComment(KnownHostsKeyVerification.KeyEntry entry, java.lang.String comment)
public void setHashHosts(boolean hashHosts)
protected void onInvalidHostEntry(java.lang.String entry)
throws SshException
SshExceptionprotected void onHostKeyMismatch(java.lang.String host,
java.util.List<SshPublicKey> allowedHostKey,
SshPublicKey actualHostKey)
throws SshException
Called by the verifyHost method when the host key supplied by
the host does not match the current key recording in the known hosts file.
host - the name of the hostallowedHostKey - the current key recorded in the known_hosts file.actualHostKey - the actual key supplied by the userSshException - if an error occursprotected void onUnknownHost(java.lang.String host,
SshPublicKey key)
throws SshException
Called by the verifyHost method when the host key supplied is
not recorded in the known_hosts file.
host - the name of the hostkey - the public key supplied by the hostSshException - if an error occursprotected void onRevokedKey(java.lang.String host,
SshPublicKey key)
verifyHost method when the host key supplied is
listed as a revoked key. This is informational, any changes made to the
current entries will still result in a failed host verification.host - key - SshExceptionpublic void removeEntries(java.lang.String host)
throws SshException
Removes an allowed host.
host - the host to removeSshExceptionpublic void removeEntries(java.lang.String... hosts)
throws SshException
SshExceptionpublic void removeEntries(SshPublicKey key)
public void removeEntry(KnownHostsKeyVerification.KeyEntry... keys)
protected void onHostKeyRemoved(java.util.Set<java.lang.String> names,
SshPublicKey key)
public boolean isHostFileWriteable()
public void allowHost(java.lang.String host,
SshPublicKey key,
boolean always)
throws SshException
SshExceptionpublic void addEntry(SshPublicKey key, java.lang.String comment, java.lang.String... names) throws SshException
SshExceptionpublic boolean verifyHost(java.lang.String host,
SshPublicKey pk)
throws SshException
Verifies a host key against the list of known_hosts.
If the host unknown or the key does not match the currently allowed host key
the abstract onUnknownHost or onHostKeyMismatch
methods are called so that the caller may identify and allow the host.
verifyHost in interface HostKeyVerificationhost - the name of the hostpk - the host key suppliedSshException - if an error occursprotected java.util.Set<java.lang.String> resolveNames(java.lang.String host)
public boolean useCanonicalHostname()
public boolean useReverseDNS()
public boolean useHashHosts()
public java.lang.String toString()
Outputs the allowed hosts in the known_hosts file format.
The format consists of any number of lines each representing one key for a single host.
titan,192.168.1.12 ssh-dss AAAAB3NzaC1kc3MAAACBAP1/U4Ed.....
titan,192.168.1.12 ssh-rsa AAAAB3NzaC1kc3MAAACBAP1/U4Ed.....
einstein,192.168.1.40 ssh-dss AAAAB3NzaC1kc3MAAACBAP1/U4Ed..... toString in class java.lang.Objectpublic void setUseCanonicalHostnames(boolean value)
public void setUseReverseDNS(boolean value)
public java.util.Set<KnownHostsKeyVerification.KeyEntry> getKeyEntries()
public boolean isKnownHost(java.lang.String host,
SshPublicKey key)
throws SshException
isKnownHost in interface HostKeyUpdaterSshExceptionpublic void updateHostKey(java.lang.String host,
SshPublicKey key)
throws SshException
updateHostKey in interface HostKeyUpdaterSshExceptionprotected void onHostKeyUpdated(java.util.Set<java.lang.String> names,
SshPublicKey key)
Copyright © 2022. All rights reserved.