Interface ServerKeyDatabase

  • All Known Implementing Classes:
    OpenSshServerKeyDatabase

    public interface ServerKeyDatabase
    An interface for a database of known server keys, supporting finding all known keys and also deciding whether a server key is to be accepted.

    Connection addresses are given as strings of the format [hostName]:port if using a non-standard port (i.e., not port 22), otherwise just hostname.

    Since:
    5.5
    • Nested Class Summary

      Nested Classes 
      Modifier and Type Interface Description
      static interface  ServerKeyDatabase.Configuration
      A simple provider for ssh config settings related to host key checking.
    • Method Detail

      • lookup

        @NonNull
        java.util.List<java.security.PublicKey> lookup​(@NonNull
                                                       java.lang.String connectAddress,
                                                       @NonNull
                                                       java.net.InetSocketAddress remoteAddress,
                                                       @NonNull
                                                       ServerKeyDatabase.Configuration config)
        Retrieves all known and not revoked host keys for the given addresses.
        Parameters:
        connectAddress - IP address the session tried to connect to
        remoteAddress - IP address as reported for the remote end point
        config - giving access to potentially interesting configuration settings
        Returns:
        the list of known and not revoked keys for the given addresses
      • accept

        boolean accept​(@NonNull
                       java.lang.String connectAddress,
                       @NonNull
                       java.net.InetSocketAddress remoteAddress,
                       @NonNull
                       java.security.PublicKey serverKey,
                       @NonNull
                       ServerKeyDatabase.Configuration config,
                       CredentialsProvider provider)
        Determines whether to accept a received server host key.
        Parameters:
        connectAddress - IP address the session tried to connect to
        remoteAddress - IP address as reported for the remote end point
        serverKey - received from the remote end
        config - giving access to potentially interesting configuration settings
        provider - for interacting with the user, if required; may be null
        Returns:
        true if the serverKey is accepted, false otherwise