ssh_client_key_api behaviour (ssh v5.3)
View Source-behaviour(ssh_client_key_api).
Behavior describing the API for public key handling of an SSH client. By
implementing the callbacks defined in this behavior, the public key handling of
an SSH client can be customized. By default the ssh application implements
this behavior with help of the standard OpenSSH files, see the
ssh application manual.
Summary
Types
Options provided to ssh:connect/3,4.
Callbacks
This function is retired in favour for
Module:add_host_key/4 which is the preferred API
function. The calling SSH application will still try the
add_host_key/3 if the call to
add_host_key/4 failed.
Adds a host key to the set of trusted host keys.
This function is retired in favour for
Module:is_host_key/5 which is the preferred API function.
The calling SSH application will still try the
is_host_key/4 if the call to
is_host_key/5 failed.
Checks if a host key is trusted.
Sign the SigData with the private key corresponding to PubKeyBlob.
Fetches the users public key matching the Algorithm. Some key callback
modules may return {ssh2_pubkey, PubKeyBlob :: binary()}.
Types
-type client_key_cb_options(T) :: [{key_cb_private, [T]} | ssh:client_option()].
Options provided to ssh:connect/3,4.
The option list given in the key_cb option
is available with the key key_cb_private.
Callbacks
-callback add_host_key(Host :: string(), PublicKey :: public_key:public_key(), Options :: client_key_cb_options(any())) -> ok | {error, term()}.
This function is retired in favour for
Module:add_host_key/4 which is the preferred API
function. The calling SSH application will still try the
add_host_key/3 if the call to
add_host_key/4 failed.
Adds a host key to the set of trusted host keys.
-callback add_host_key(Host :: inet:ip_address() | inet:hostname() | [inet:ip_address() | inet:hostname()], Port :: inet:port_number(), PublicKey :: public_key:public_key(), Options :: client_key_cb_options(any())) -> ok | {error, term()}.
Adds a host key to the set of trusted host keys.
This function is preferred to the old
Module:add_host_key/3 since it also uses the peer host
port number and may return an error message.
The OTP/SSH application first calls this function in the callback module, and
then the old Module:add_host_key/3 for compatibility.
-callback is_host_key(Key :: public_key:public_key(), Host :: string(), Algorithm :: ssh:pubkey_alg(), Options :: client_key_cb_options(any())) -> boolean().
This function is retired in favour for
Module:is_host_key/5 which is the preferred API function.
The calling SSH application will still try the
is_host_key/4 if the call to
is_host_key/5 failed.
Checks if a host key is trusted.
-callback is_host_key(Key :: public_key:public_key(), Host :: inet:ip_address() | inet:hostname() | [inet:ip_address() | inet:hostname()], Port :: inet:port_number(), Algorithm :: ssh:pubkey_alg(), Options :: client_key_cb_options(any())) -> boolean() | {error, term()}.
Checks if a host key is trusted.
This function is preferred to the old
Module:is_host_key/4 since it also uses the peer host
port number and may return an error message.
The OTP/SSH application first calls this function in the callback module, and
then the old Module:is_host_key/4 for compatibility.
-callback sign(PubKeyBlob :: binary(), SigData :: binary(), Options :: client_key_cb_options(any())) -> Blob :: binary().
Sign the SigData with the private key corresponding to PubKeyBlob.
-callback user_key(Algorithm :: ssh:pubkey_alg(), Options :: client_key_cb_options(any())) -> {ok, public_key:private_key()} | {ok, {ssh2_pubkey, PubKeyBlob :: binary()}} | {error, string()}.
Fetches the users public key matching the Algorithm. Some key callback
modules may return {ssh2_pubkey, PubKeyBlob :: binary()}.
Note
The private key contains the public key.