/** * Adds a {@link OpenSSHKnownHosts} object created from the specified location as a host key verifier. * * @param location location for {@code known_hosts} file * * @throws IOException if there is an error loading from any of these locations */ public void loadKnownHosts(File location) throws IOException { addHostKeyVerifier(new OpenSSHKnownHosts(location, loggerFactory)); }
/** * Attempts loading the user's {@code known_hosts} file from the default locations, i.e. {@code ~/.ssh/known_hosts} * and {@code ~/.ssh/known_hosts2} on most platforms. Adds the resulting {@link OpenSSHKnownHosts} object as a host * key verifier. * <p/> * For finer control over which file is used, see {@link #loadKnownHosts(File)}. * * @throws IOException if there is an error loading from <em>both</em> locations */ public void loadKnownHosts() throws IOException { boolean loaded = false; final File sshDir = OpenSSHKnownHosts.detectSSHDir(); if (sshDir != null) { for (File loc : Arrays.asList(new File(sshDir, "known_hosts"), new File(sshDir, "known_hosts2"))) { try { loadKnownHosts(loc); loaded = true; } catch (IOException e) { // Ignore for now } } } if (!loaded) throw new IOException("Could not load known_hosts"); }
@Override public boolean verify(final String hostname, final int port, final PublicKey key) { final KeyType type = KeyType.fromKey(key); if (type == KeyType.UNKNOWN) { return false; } final String adjustedHostname = (port != 22) ? "[" + hostname + "]:" + port : hostname; boolean foundApplicableHostEntry = false; for (KnownHostEntry e : entries) { try { if (e.appliesTo(type, adjustedHostname)) { foundApplicableHostEntry = true; if (e.verify(key)) { return true; } } } catch (IOException ioe) { log.error("Error with {}: {}", e, ioe); return false; } } if (foundApplicableHostEntry) { return hostKeyChangedAction(adjustedHostname, key); } return hostKeyUnverifiableAction(adjustedHostname, key); }
private void configureConnection(String serverFingerPrint, Boolean checkIdentity) throws IOException { createKnownHosts(); ssh = new SSHClient(); ssh.loadKnownHosts(); if (!checkIdentity) { ssh.addHostKeyVerifier(new PromiscuousVerifier()); } else if (serverFingerPrint != null) { ssh.addHostKeyVerifier(serverFingerPrint); } else { File khFile = new File(OpenSSHKnownHosts.detectSSHDir(), "known_hosts"); ssh.addHostKeyVerifier(new OpenSSHKnownHosts(khFile)); } }
@Override public void allow(final String hostname, final PublicKey key, final boolean persist) { if(null == database) { super.allow(hostname, key, persist); } else { try { // Add the host key to the in-memory database final OpenSSHKnownHosts.HostEntry entry = new OpenSSHKnownHosts.HostEntry(null, PreferencesFactory.get().getBoolean( "ssh.knownhosts.hostname.hash") ? hash(hostname) : hostname, KeyType.fromKey(key), key); database.entries().add(entry); if(persist) { if(file.attributes().getPermission().isWritable()) { // Also try to add the key to a known_host file database.write(entry); } } } catch(IOException e) { log.error(String.format("Failure adding host key to database: %s", e.getMessage())); super.allow(hostname, key, persist); } } }
@Override public boolean verify(final String hostname, final int port, final PublicKey key) throws ConnectionCanceledException, ChecksumException { if(null == database) { return super.verify(hostname, port, key); } return database.verify(hostname, port, key); }
@Override public boolean verify(final String hostname, final int port, final PublicKey key) { final KeyType type = KeyType.fromKey(key); if (type == KeyType.UNKNOWN) return false; final String adjustedHostname = (port != 22) ? "[" + hostname + "]:" + port : hostname; for (HostEntry e : entries) { try { if (e.appliesTo(type, adjustedHostname)) return e.verify(key) || hostKeyChangedAction(e, adjustedHostname, key); } catch (IOException ioe) { log.error("Error with {}: {}", e, ioe); return false; } } return hostKeyUnverifiableAction(adjustedHostname, key); }
/** * Adds a {@link OpenSSHKnownHosts} object created from the specified location as a host key verifier. * * @param location location for {@code known_hosts} file * * @throws IOException if there is an error loading from any of these locations */ public void loadKnownHosts(File location) throws IOException { addHostKeyVerifier(new OpenSSHKnownHosts(location, loggerFactory)); }
/** * Attempts loading the user's {@code known_hosts} file from the default locations, i.e. {@code ~/.ssh/known_hosts} * and {@code ~/.ssh/known_hosts2} on most platforms. Adds the resulting {@link OpenSSHKnownHosts} object as a host * key verifier. * <p/> * For finer control over which file is used, see {@link #loadKnownHosts(File)}. * * @throws IOException if there is an error loading from <em>both</em> locations */ public void loadKnownHosts() throws IOException { boolean loaded = false; final File sshDir = OpenSSHKnownHosts.detectSSHDir(); if (sshDir != null) { for (File loc : Arrays.asList(new File(sshDir, "known_hosts"), new File(sshDir, "known_hosts2"))) { try { loadKnownHosts(loc); loaded = true; } catch (IOException e) { // Ignore for now } } } if (!loaded) throw new IOException("Could not load known_hosts"); }
@Override public boolean verify(final String hostname, final int port, final PublicKey key) { final KeyType type = KeyType.fromKey(key); if (type == KeyType.UNKNOWN) { return false; } final String adjustedHostname = (port != 22) ? "[" + hostname + "]:" + port : hostname; boolean foundApplicableHostEntry = false; for (KnownHostEntry e : entries) { try { if (e.appliesTo(type, adjustedHostname)) { foundApplicableHostEntry = true; if (e.verify(key)) { return true; } } } catch (IOException ioe) { log.error("Error with {}: {}", e, ioe); return false; } } if (foundApplicableHostEntry) { return hostKeyChangedAction(adjustedHostname, key); } return hostKeyUnverifiableAction(adjustedHostname, key); }
/** * Adds a {@link OpenSSHKnownHosts} object created from the specified location as a host key verifier. * * @param location location for {@code known_hosts} file * * @throws IOException if there is an error loading from any of these locations */ public void loadKnownHosts(File location) throws IOException { addHostKeyVerifier(new OpenSSHKnownHosts(location)); }
/** * Attempts loading the user's {@code known_hosts} file from the default locations, i.e. {@code ~/.ssh/known_hosts} * and {@code ~/.ssh/known_hosts2} on most platforms. Adds the resulting {@link OpenSSHKnownHosts} object as a host * key verifier. * <p/> * For finer control over which file is used, see {@link #loadKnownHosts(File)}. * * @throws IOException if there is an error loading from <em>both</em> locations */ public void loadKnownHosts() throws IOException { boolean loaded = false; final File sshDir = OpenSSHKnownHosts.detectSSHDir(); if (sshDir != null) { for (File loc : Arrays.asList(new File(sshDir, "known_hosts"), new File(sshDir, "known_hosts2"))) { try { loadKnownHosts(loc); loaded = true; } catch (IOException e) { // Ignore for now } } } if (!loaded) throw new IOException("Could not load known_hosts"); }