Struct ssh2::KnownHosts
source · pub struct KnownHosts { /* private fields */ }Expand description
A set of known hosts which can be used to verify the identity of a remote server.
Example
use std::env;
use std::path::Path;
use ssh2::{self, CheckResult, HostKeyType, KnownHostKeyFormat};
use ssh2::KnownHostFileKind;
fn check_known_host(session: &ssh2::Session, host: &str) {
let mut known_hosts = session.known_hosts().unwrap();
// Initialize the known hosts with a global known hosts file
let file = Path::new(&env::var("HOME").unwrap()).join(".ssh/known_hosts");
known_hosts.read_file(&file, KnownHostFileKind::OpenSSH).unwrap();
// Now check to see if the seesion's host key is anywhere in the known
// hosts file
let (key, key_type) = session.host_key().unwrap();
match known_hosts.check(host, key) {
CheckResult::Match => return, // all good!
CheckResult::NotFound => {} // ok, we'll add it
CheckResult::Mismatch => {
panic!("host mismatch, man in the middle attack?!")
}
CheckResult::Failure => panic!("failed to check the known hosts"),
}
println!("adding {} to the known hosts", host);
known_hosts.add(host, key, host, key_type.into()).unwrap();
known_hosts.write_file(&file, KnownHostFileKind::OpenSSH).unwrap();
}Implementations§
source§impl KnownHosts
impl KnownHosts
sourcepub fn read_file(
&mut self,
file: &Path,
kind: KnownHostFileKind
) -> Result<u32, Error>
pub fn read_file(
&mut self,
file: &Path,
kind: KnownHostFileKind
) -> Result<u32, Error>
Reads a collection of known hosts from a specified file and adds them to the collection of known hosts.
sourcepub fn read_str(&mut self, s: &str, kind: KnownHostFileKind) -> Result<(), Error>
pub fn read_str(&mut self, s: &str, kind: KnownHostFileKind) -> Result<(), Error>
Read a line as if it were from a known hosts file.
sourcepub fn write_file(
&self,
file: &Path,
kind: KnownHostFileKind
) -> Result<(), Error>
pub fn write_file(
&self,
file: &Path,
kind: KnownHostFileKind
) -> Result<(), Error>
Writes all the known hosts to the specified file using the specified file format.
sourcepub fn write_string(
&self,
host: &Host,
kind: KnownHostFileKind
) -> Result<String, Error>
pub fn write_string(
&self,
host: &Host,
kind: KnownHostFileKind
) -> Result<String, Error>
Converts a single known host to a single line of output for storage, using the ‘type’ output format.
sourcepub fn iter(&self) -> Result<Vec<Host>, Error>
pub fn iter(&self) -> Result<Vec<Host>, Error>
Create an iterator over all of the known hosts in this structure.
sourcepub fn remove(&self, host: &Host) -> Result<(), Error>
pub fn remove(&self, host: &Host) -> Result<(), Error>
Delete a known host entry from the collection of known hosts.
sourcepub fn check(&self, host: &str, key: &[u8]) -> CheckResult
pub fn check(&self, host: &str, key: &[u8]) -> CheckResult
Checks a host and its associated key against the collection of known hosts, and returns info back about the (partially) matched entry.
The host name can be the IP numerical address of the host or the full name. The key must be the raw data of the key.
sourcepub fn check_port(&self, host: &str, port: u16, key: &[u8]) -> CheckResult
pub fn check_port(&self, host: &str, port: u16, key: &[u8]) -> CheckResult
Same as check, but takes a port as well.
sourcepub fn add(
&mut self,
host: &str,
key: &[u8],
comment: &str,
fmt: KnownHostKeyFormat
) -> Result<(), Error>
pub fn add(
&mut self,
host: &str,
key: &[u8],
comment: &str,
fmt: KnownHostKeyFormat
) -> Result<(), Error>
Adds a known host to the collection of known hosts.
The host is the host name in plain text. The host name can be the IP
numerical address of the host or the full name. If you want to add a key
for a specific port number for the given host, you must provide the host
name like "[host]:port" with the actual characters [ and ] enclosing
the host name and a colon separating the host part from the port number.
For example: "[host.example.com]:222".
The key provided must be the raw key for the host.