1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE erlref SYSTEM "erlref.dtd">
<erlref>
<header>
<copyright>
<year>2012</year>
<year>2018</year>
<holder>Ericsson AB, All Rights Reserved</holder>
</copyright>
<legalnotice>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
The Initial Developer of the Original Code is Ericsson AB.
</legalnotice>
<title>ssh_client_key_api</title>
<prepared></prepared>
<docno></docno>
<date></date>
<rev></rev>
</header>
<module since="OTP R16B">ssh_client_key_api</module>
<modulesummary>
-behaviour(ssh_client_key_api).
</modulesummary>
<description>
<p>Behavior describing the API for public key handling of an SSH client. By implementing
the callbacks defined in this behavior, the public key handling of an SSH client can
be customized. By default the <c>ssh</c> application implements this behavior
with help of the standard OpenSSH files,
see the <seealso marker="SSH_app"> ssh(6)</seealso> application manual.</p>
</description>
<!-- section>
<title>DATA TYPES</title>
<p>Type definitions that are used more than once in this module,
or abstractions to indicate the intended use of the data
type, or both. For more details on public key data types,
refer to Section 2 Public Key Records in the
<seealso marker="public_key:public_key_records"> public_key user's guide:</seealso>
</p>
<taglist>
<tag><c>boolean() =</c></tag>
<item><p><c>true | false</c></p></item>
<tag><c>string() =</c></tag>
<item><p><c>[byte()]</c></p></item>
<tag><c>public_key() =</c></tag>
<item><p><c>#'RSAPublicKey'{}
| {integer(),#'Dss-Parms'{}}
| {#'ECPoint'{},{namedCurve,Curve::string()}}</c></p></item>
<tag><c>private_key() =</c></tag>
<item><p><c>#'RSAPrivateKey'{}
| #'DSAPrivateKey'{}
| #'ECPrivateKey'{}</c></p></item>
<tag><c>public_key_algorithm() =</c></tag>
<item><p><c>'ssh-rsa' | 'ssh-dss'
| 'rsa-sha2-256' | 'rsa-sha2-384' | 'rsa-sha2-512'
| 'ecdsa-sha2-nistp256' | 'ecdsa-sha2-nistp384' | 'ecdsa-sha2-nistp521' </c></p></item>
</taglist>
</section -->
<datatypes>
<datatype>
<name name="client_key_cb_options"/>
<desc>
<p>Options provided to <seealso marker="ssh#connect-3">ssh:connect/[3,4]</seealso>.
</p>
<p>The option list given in the
<seealso marker="ssh#type-key_cb_common_option"><c>key_cb</c></seealso>
option is available with the key <c>key_cb_private</c>.
</p>
</desc>
</datatype>
</datatypes>
<funcs>
<func>
<name since="OTP R16B">Module:add_host_key(HostNames, PublicHostKey, ConnectOptions) -> ok | {error, Reason}</name>
<fsummary>Adds a host key to the set of trusted host keys.</fsummary>
<type>
<v>HostNames = string()</v>
<d>Description of the host that owns the <c>PublicHostKey</c>.</d>
<v>PublicHostKey = <seealso marker="public_key:public_key#type-public_key">public_key:public_key()</seealso></v>
<d>Of ECDSA keys, only the Normally an RSA, DSA or ECDSA public key, but handling of other public keys can be added.</d>
<v>ConnectOptions = <seealso marker="#type-client_key_cb_options">client_key_cb_options()</seealso></v>
</type>
<desc>
<p>Adds a host key to the set of trusted host keys.</p>
</desc>
</func>
<func>
<name since="OTP R16B">Module:is_host_key(Key, Host, Algorithm, ConnectOptions) -> Result</name>
<fsummary>Checks if a host key is trusted.</fsummary>
<type>
<v>Key = <seealso marker="public_key:public_key#type-public_key">public_key:public_key()</seealso></v>
<d>Normally an RSA, DSA or ECDSA public key, but handling of other public keys can be added.</d>
<v>Host = string()</v>
<d>Description of the host.</d>
<v>Algorithm = <seealso marker="ssh#type-pubkey_alg">ssh:pubkey_alg()</seealso></v>
<d>Host key algorithm.</d>
<v>ConnectOptions = <seealso marker="#type-client_key_cb_options">client_key_cb_options()</seealso></v>
<v>Result = boolean()</v>
</type>
<desc>
<p>Checks if a host key is trusted.</p>
</desc>
</func>
<func>
<name since="OTP R16B">Module:user_key(Algorithm, ConnectOptions) ->
{ok, PrivateKey} | {error, Reason}</name>
<fsummary>Fetches the users <em>public key</em> matching the <c>Algorithm</c>.</fsummary>
<type>
<v>Algorithm = <seealso marker="ssh#type-pubkey_alg">ssh:pubkey_alg()</seealso></v>
<d>Host key algorithm.</d>
<v>ConnectOptions = <seealso marker="#type-client_key_cb_options">client_key_cb_options()</seealso></v>
<v>PrivateKey = <seealso marker="public_key:public_key#type-private_key">public_key:private_key()</seealso></v>
<d>Private key of the user matching the <c>Algorithm</c>.</d>
<v>Reason = term()</v>
</type>
<desc>
<p>Fetches the users <em>public key</em> matching the <c>Algorithm</c>.</p>
<note><p>The private key contains the public key.</p></note>
</desc>
</func>
</funcs>
</erlref>
|