From 4f80074408ca5d21a56b0b234ff7434c8d155836 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Tue, 23 Oct 2018 10:42:00 +0200 Subject: ssh: Re-phrase and adjust the documentation (ssh_file.xml) --- lib/ssh/doc/src/ssh_file.xml | 133 ++++++++++++++++++++++--------------------- lib/ssh/src/ssh_file.erl | 6 +- 2 files changed, 72 insertions(+), 67 deletions(-) (limited to 'lib') diff --git a/lib/ssh/doc/src/ssh_file.xml b/lib/ssh/doc/src/ssh_file.xml index 20dcb86fd6..ae6ba2e1d9 100644 --- a/lib/ssh/doc/src/ssh_file.xml +++ b/lib/ssh/doc/src/ssh_file.xml @@ -32,22 +32,17 @@ Default callback module for the client's and server's database operations in the ssh application

This module is the default callback handler for the client's and the server's user and host "database" operations. + All data, for instance key pairs, are stored in files in the normal file system. This page documents the files, where they + are stored and configuration options for this callback module.

-

- The intention is to be compatible with the - OpenSSH - storage in files. Therefore it mimics directories and filenames of - OpenSSH. +

The intention is to be compatible with the + OpenSSH + storage in files. Therefore it mimics directories and filenames of + OpenSSH.

- -

The functions are Callbacks for the SSH app. They are not intended to be called from the user's code! -

-
-
-
- Making your own callback module +

Ssh_file implements the ssh_server_key_api and - ssh_client_key_api. + the ssh_client_key_api. This enables the user to make an own interface using for example a database handler.

Such another callback module could be used by setting the option @@ -58,64 +53,76 @@ ssh:shell ).

-
-
- Daemons -

Daemons uses all files stored in the SYSDIR directory and - optionaly one or more User's public key in case of publickey authorization. - The user's public keys are stored concatenated in the file - authorized_keys - in the - USERDIR directory. -

-
+ +

The functions are Callbacks for the SSH app. They are not intended to be called from the user's code! +

+
+
- Clients -

Clients uses all files stored in the USERDIR directory. -

-
+ Files, directories and who uses them +
+ Daemons +

Daemons uses all files stored in the SYSDIR directory. +

+

Optionaly, in case of publickey authorization, one or more of the remote user's public keys + in the USERDIR directory are used. + See the files + USERDIR/authorized_keys and + USERDIR/authorized_keys2. +

+
-
- Files, directories and conventions - - LOCALUSER - The user name of the OS process running the Erlang virtual machine (emulator). -

+

+ Clients +

Clients uses all files stored in the USERDIR directory. +

+
- SYSDIR - SYSDIR is the directory holding the server's files: - +
+ Directory contents + + LOCALUSER +

The user name of the OS process running the Erlang virtual machine (emulator).

+
+ + SYSDIR +

This is the directory holding the server's files:

+ ssh_host_dsa_key - private dss host key (optional) ssh_host_rsa_key - private rsa host key (optional) ssh_host_ecdsa_key - private ecdsa host key (optional) - -

At least one host key must be defined. The default value of SYSDIR is /etc/ssh. -

-

For security reasons, this directory is normally accessible only to the root user. -

-

To change the SYSDIR, see the system_dir option. -

-
+ +

At least one host key must be defined. The default value of SYSDIR is /etc/ssh. +

+

For security reasons, this directory is normally accessible only to the root user. +

+

To change the SYSDIR, see the system_dir option. +

+ - USERDIR - USERDIR is the directory holding the files: - - authorized_keys - list of keys allowed in public_key authorization (optional) - authorized_keys2 - list of keys allowed in public_key authorization (optional and unusual) - known_hosts - list of hosts visited (created by the client) + USERDIR +

This is the directory holding the files:

+ + authorized_keys + and, as second alternative + authorized_keys2 - + the user's public keys are stored concatenated in one of those files. + + known_hosts - host keys from hosts visited + concatenated. The file is created and used by the client. id_dsa - private dss user key (optional) id_rsa - private rsa user key (optional) id_ecdsa - private ecdsa user key (optional) - -

The default value of USERDIR is /home/LOCALUSER/.ssh. -

-

To change the USERDIR, see the user_dir option -

-
- -
+ +

The default value of USERDIR is /home/LOCALUSER/.ssh. +

+

To change the USERDIR, see the user_dir option +

+ + +
@@ -129,11 +136,11 @@ +

Sets the user directory dynamically - by evaluating the function + by evaluating the user2dir function.

- fun(RemoteUser) -> USERDIR end
@@ -177,7 +184,6 @@ SYSDIR/ssh_host_dsa_key SYSDIR/ssh_host_ecdsa_key -

 

@@ -199,7 +205,6 @@ USERDIR/authorized_keys USERDIR/authorized_keys2 -

 

@@ -219,7 +224,6 @@ USERDIR/known_hosts -

 

@@ -239,7 +243,6 @@ USERDIR/known_hosts -

 

diff --git a/lib/ssh/src/ssh_file.erl b/lib/ssh/src/ssh_file.erl index 954d5b68b6..669b0f9be2 100644 --- a/lib/ssh/src/ssh_file.erl +++ b/lib/ssh/src/ssh_file.erl @@ -46,8 +46,10 @@ ]). -type system_dir_daemon_option() :: {system_dir, string()}. --type user_dir_common_option() :: {user_dir, false | string()}. --type user_dir_fun_common_option() :: {user_dir_fun, fun()}. +-type user_dir_common_option() :: {user_dir, string()}. +-type user_dir_fun_common_option() :: {user_dir_fun, user2dir()}. +-type user2dir() :: fun((RemoteUserName::string()) -> UserDir :: string()) . + -type pubkey_passphrase_client_options() :: {dsa_pass_phrase, string()} | {rsa_pass_phrase, string()} | {ecdsa_pass_phrase, string()} . -- cgit v1.2.3