Struct ssh2::KnownHosts

pub struct KnownHosts { /* fields omitted */ }

A set of known hosts which can be used to verify the identity of a remote server.

Example

use std::env;
use std::path::Path;
use ssh2::{self, CheckResult, HostKeyType, KnownHostKeyFormat};
use ssh2::KnownHostFileKind;

fn check_known_host(session: &ssh2::Session, host: &str) {
    let mut known_hosts = session.known_hosts().unwrap();

    // Initialize the known hosts with a global known hosts file
    let file = Path::new(&env::var("HOME").unwrap()).join(".ssh/known_hosts");
    known_hosts.read_file(&file, KnownHostFileKind::OpenSSH).unwrap();

    // Now check to see if the seesion's host key is anywhere in the known
    // hosts file
    let (key, key_type) = session.host_key().unwrap();
    match known_hosts.check(host, key) {
        CheckResult::Match => return, // all good!
        CheckResult::NotFound => {}   // ok, we'll add it
        CheckResult::Mismatch => {
            panic!("host mismatch, man in the middle attack?!")
        }
        CheckResult::Failure => panic!("failed to check the known hosts"),
    }

    println!("adding {} to the known hosts", host);

    known_hosts.add(host, key, host, key_type.into()).unwrap();
    known_hosts.write_file(&file, KnownHostFileKind::OpenSSH).unwrap();
}

Implementations

impl KnownHosts

pub fn read_file(
    &mut self,
    file: &Path,
    kind: KnownHostFileKind
) -> Result<u32, Error>

Reads a collection of known hosts from a specified file and adds them to the collection of known hosts.

pub fn read_str(
    &mut self,
    s: &str,
    kind: KnownHostFileKind
) -> Result<(), Error>

Read a line as if it were from a known hosts file.

pub fn write_file(
    &self,
    file: &Path,
    kind: KnownHostFileKind
) -> Result<(), Error>

Writes all the known hosts to the specified file using the specified file format.

pub fn write_string(
    &self,
    host: &Host,
    kind: KnownHostFileKind
) -> Result<String, Error>

Converts a single known host to a single line of output for storage, using the 'type' output format.

pub fn iter(&self) -> Result<Vec<Host>, Error>

Create an iterator over all of the known hosts in this structure.

pub fn hosts(&self) -> Result<Vec<Host>, Error>

Retrieves the list of known hosts

pub fn remove(&self, host: &Host) -> Result<(), Error>

Delete a known host entry from the collection of known hosts.

pub fn check(&self, host: &str, key: &[u8]) -> CheckResult

Checks a host and its associated key against the collection of known hosts, and returns info back about the (partially) matched entry.

The host name can be the IP numerical address of the host or the full name. The key must be the raw data of the key.

pub fn check_port(&self, host: &str, port: u16, key: &[u8]) -> CheckResult

Same as check, but takes a port as well.

pub fn add(
    &mut self,
    host: &str,
    key: &[u8],
    comment: &str,
    fmt: KnownHostKeyFormat
) -> Result<(), Error>

Adds a known host to the collection of known hosts.

The host is the host name in plain text. The host name can be the IP numerical address of the host or the full name. If you want to add a key for a specific port number for the given host, you must provide the host name like "[host]:port" with the actual characters [ and ] enclosing the host name and a colon separating the host part from the port number. For example: "[host.example.com]:222".

The key provided must be the raw key for the host.

Trait Implementations

impl Drop for KnownHosts

fn drop(&mut self)

Executes the destructor for this type.