• Home
• com.sshtools
• j2ssh-maverick
• 1.5.5
• source code
• HostKeyVerification.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.sshtools.ssh.HostKeyVerification Maven / Gradle / Ivy

/**
 * Copyright 2003-2016 SSHTOOLS Limited. All Rights Reserved.
 *
 * For product documentation visit https://www.sshtools.com/
 *
 * This file is part of J2SSH Maverick.
 *
 * J2SSH Maverick is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * J2SSH Maverick is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with J2SSH Maverick.  If not, see .
 */
package com.sshtools.ssh;

import com.sshtools.ssh.components.SshPublicKey;

/**
 * 

 * This interface provides a callback method so that the user can verify the
 * identity of the server (by checking the public key) during the initial
 * protocol negotiation. This check is performed at the beginning of each
 * connection to prevent trojan horses (by routing or DNS spoofing) and
 * man-in-the-middle attacks.
 * 
 * 

 * The user should verify that the key is acceptable; the most usual method
 * being a local database file called known_hosts. The core J2SSH
 * Maverick engine does not enforce any specific host key verification in order
 * that the engine can be used on Java platforms that do not have File objects.
 * A known_hosts implementation AbstractKnownHostsKeyVerification can be found in the SSHTools utility
 * classes supplied with the J2SSH Maverick API. This also includes the basic 
 * ConsoleKnownHostsKeyVerification which performs the check by prompting
 * the user through stdin/stdout.
 * 
 * 

 * The public key instances supplied to the 
 * verifyHost method will be one of the following implementations:

 * 
 * 

 * To set a host key verification you must get an instance of the SshConnector
 * and configure the SSH version context's with your implementation.
 * 

 * 
 * 
 * SshConnector con = SshConnector.getInstance();
 * 
 * HostKeyVerification hkv = new HostKeyVerification() {
 * 	public boolean verifyHost(String name, SshPublicKey key) throws IOException {
 * 		// Verify the host somehow???
 * 		return true;
 * 	}
 * };
 * SshContext context = con.getContext();
 * context.setHostKeyVerification(hkv);
 * 
 * 
 * 
 * 

 * 
 * @author Lee David Painter
 */
public interface HostKeyVerification {

	/**
	 * Verify that the public key is acceptable for the host.
	 * 
	 * @param host
	 *            the name of the connected host
	 * @param pk
	 *            the public key supplied by the host
	 * @return true if the host key is acceptable otherwise
	 *         false
	 * @throws SshException
	 */
	public boolean verifyHost(String host, SshPublicKey pk) throws SshException;
}