com.enterprisedt.net.ftp.ssh
Class SSHFTPValidator

java.lang.Object
  extended by com.enterprisedt.net.ftp.ssh.SSHFTPValidator
Direct Known Subclasses:
SSHFTPPublicKey

public class SSHFTPValidator
extends java.lang.Object

Provides server validation services for SSHFTPClient. By default, SSHFTPClient uses an instance of this class for all its validation functions. It provides the following functions:

This class may be subclassed if specialized validation functionality is required. An instance of the subclass should be passed to SCPClient.setValidator(SSHFTPValidator).

Version:
$Revision: 1.14 $
Author:
Hans Andersen

Constructor Summary
SSHFTPValidator()
          Default constructor.
 
Method Summary
 void addKnownHost(java.lang.String hostName, java.io.InputStream publicKeyStream)
          Adds the given host (and associated key data supplied in the inputstream) to the list of known hosts.
 void addKnownHost(java.lang.String hostName, java.lang.String publicKeyFile)
          Adds the given host (and associated key-file) to the list of known hosts.
 SSHFTPPublicKey getHostPublicKey()
          Provides access to the current remote host's public key.
 java.util.Hashtable getKnownHosts()
          Returns the known hosts and their public keys.
 boolean isHostValidationEnabled()
          Returns true if host validation is enabled.
 void loadKnownHosts(java.io.InputStream hostsStream)
          Loads a list of hosts and their associated public keys from the given InputStream.
 void loadKnownHosts(java.lang.String hostsFileName)
          Loads a list of hosts and their associated public keys from the given file.
 void removeAllKnownHosts()
          Clears all known hosts.
 void removeKnownHost(java.lang.String hostName)
          Remove the given host from the list of known hosts.
 void setHostValidationEnabled(boolean hostValidationEnabled)
          Sets the flag controlling whether or not hosts will be validated.
protected  boolean validate(java.lang.String hostSpecifier, SSHFTPPublicKey publicKey, boolean hostKnown)
           
protected  boolean validate(java.lang.String hostSpecifier, java.lang.String fingerPrint, boolean hostKnown)
          Deprecated. Use validate(String, SSHFTPPublicKey, boolean).
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SSHFTPValidator

public SSHFTPValidator()
Default constructor.

Method Detail

loadKnownHosts

public void loadKnownHosts(java.lang.String hostsFileName)
                    throws java.io.FileNotFoundException,
                           java.io.IOException
Loads a list of hosts and their associated public keys from the given file. The format of the file is similar to that used in OpenSSH. Each line contains the name of a host, the type of key it has, and its key (in base-64 printable form). For example:
 jackspc ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIE...
 
If there are more than one host using a given key the host-name may be replaced by a comma-separated list of host-names. IP addresses may be used. Wildcards may not be used.

Note that this method does not clear any previous settings.

Parameters:
hostsFileName - Name of the file containing the hosts.
Throws:
java.io.FileNotFoundException - Thrown if the file could not be found.
java.io.IOException - Thrown if the file could not be read.

loadKnownHosts

public void loadKnownHosts(java.io.InputStream hostsStream)
                    throws java.io.IOException
Loads a list of hosts and their associated public keys from the given InputStream. The format of the content of the stream is similar to that used in OpenSSH. Each line contains the name of a host, the type of key it has, and its key (in base-64 printable form). For example:
 jackspc ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIE...
 
If there are more than one host using a given key the host-name may be replaced by a comma-separated list of host-names. IP addresses may be used. Wildcards may not be used.

Note that this method does not clear any previous settings.

Parameters:
hostsStream - Stream containing the hosts.
Throws:
java.io.FileNotFoundException - Thrown if the file could not be found.
java.io.IOException - Thrown if the file could not be read.

addKnownHost

public void addKnownHost(java.lang.String hostName,
                         java.lang.String publicKeyFile)
                  throws java.io.IOException,
                         com.enterprisedt.net.j2ssh.transport.publickey.InvalidSshKeyException
Adds the given host (and associated key-file) to the list of known hosts. The key-file can be in either OpenSSH format (generated by default by ssh-keygen) or SECSH format.

Parameters:
hostName - Name of the host
publicKeyFile - Name of the file containing the host's public key.
Throws:
java.io.IOException - Thrown if there was a problem reading the key-file.
com.enterprisedt.net.j2ssh.transport.publickey.InvalidSshKeyException - Thrown if the key was not valid.

addKnownHost

public void addKnownHost(java.lang.String hostName,
                         java.io.InputStream publicKeyStream)
                  throws java.io.IOException,
                         com.enterprisedt.net.j2ssh.transport.publickey.InvalidSshKeyException
Adds the given host (and associated key data supplied in the inputstream) to the list of known hosts. The key-file can be in either OpenSSH format (generated by default by ssh-keygen) or SECSH format. The stream is not closed after reading.

Parameters:
hostName - Name of the host
publicKeyStream - stream containing the host's public key.
Throws:
java.io.IOException - Thrown if there was a problem reading the stream.
com.enterprisedt.net.j2ssh.transport.publickey.InvalidSshKeyException - Thrown if the key was not valid.

removeKnownHost

public void removeKnownHost(java.lang.String hostName)
Remove the given host from the list of known hosts.

Parameters:
hostName - Name of the host.

removeAllKnownHosts

public void removeAllKnownHosts()
Clears all known hosts.


validate

protected boolean validate(java.lang.String hostSpecifier,
                           java.lang.String fingerPrint,
                           boolean hostKnown)
Deprecated. Use validate(String, SSHFTPPublicKey, boolean).

Override this method to implement customized host-validation. The default implementation simply writes a message in the log and returns false.

Parameters:
hostSpecifier - Host-name and IP address separated by a comma.
fingerPrint - Human-readable form of the host's fingerprint.
hostKnown - true if there was an entry for the host but not with the required algorithm (note that several algorithms may be defined for each host).
Returns:
Returns true if the host is valid.

validate

protected boolean validate(java.lang.String hostSpecifier,
                           SSHFTPPublicKey publicKey,
                           boolean hostKnown)

isHostValidationEnabled

public boolean isHostValidationEnabled()
Returns true if host validation is enabled.

Returns:
Returns true if host validation is enabled.

setHostValidationEnabled

public void setHostValidationEnabled(boolean hostValidationEnabled)
Sets the flag controlling whether or not hosts will be validated. Note that it is unwise to disable host validation except when testing.

Parameters:
hostValidationEnabled - New valid of the flag.

getKnownHosts

public java.util.Hashtable getKnownHosts()
Returns the known hosts and their public keys. The hashtable returned has host-names as its keys and hash-tables of algorithm-names/fingerprints as its keys/values. The hashtable is populated by calling loadKnownHosts() or by addKnownHost()

Returns:
Returns the known hosts in a hashtable, which has host-names as its keys and hash-tables of algorithm-names/fingerprints as its keys/values.

getHostPublicKey

public SSHFTPPublicKey getHostPublicKey()
Provides access to the current remote host's public key. This member is only valid after an attempt has been made to connect to the host. It is null before the first connection attempt is made.

This method is particularly useful if the server's public key is not available by other means. In such cases a connection attempt should be made without adding any known hosts. This attempt will fail, but getHostPublicKey() may be used afterwards to obtain the public key. The SSHFTPPublicKey.write(OutputStream,int) method may be used to write it to a file for use in subsequent connections.

Note that null may be returned after a connection attempt is made if the attempt failed before public keys were exchanged between the client and the server.

Returns:
Returns the server's public key.


Copyright © 2001-2006 Enterprise Distributed Technologies Ltd. All Rights Reserved.