Object
Searches an OpenSSH-style known-host file for a given host, and returns all matching keys. This is used to implement host-key verification, as well as to determine what key a user prefers to use for a given host.
This is used internally by Net::SSH, and will never need to be used directly by consumers of the library.
Looks in all user known host files (see KnownHosts.hostfiles) and tries to add an entry for the given host and key to the first file it is able to.
# File lib/net/ssh/known_hosts.rb, line 64 64: def add(host, key, options={}) 65: hostfiles(options, :user).each do |file| 66: begin 67: KnownHosts.new(file).add(host, key) 68: return 69: rescue SystemCallError 70: # try the next hostfile 71: end 72: end 73: end
Looks in the given options hash for the :user_known_hosts_file and :global_known_hosts_file keys, and returns an array of all known hosts files. If the :user_known_hosts_file key is not set, the default is returned (~/.ssh/known_hosts and ~/.ssh/known_hosts2). If :global_known_hosts_file is not set, the default is used (/etc/ssh/known_hosts and /etc/ssh/known_hosts2).
If you only want the user known host files, you can pass :user as the second option.
# File lib/net/ssh/known_hosts.rb, line 47 47: def hostfiles(options, which=:all) 48: files = [] 49: 50: if which == :all || which == :user 51: files += Array(options[:user_known_hosts_file] || %(~/.ssh/known_hosts ~/.ssh/known_hosts2)) 52: end 53: 54: if which == :all || which == :global 55: files += Array(options[:global_known_hosts_file] || %(/etc/ssh/known_hosts /etc/ssh/known_hosts2)) 56: end 57: 58: return files 59: end
Instantiate a new KnownHosts instance that will search the given known-hosts file. The path is expanded file File.expand_path.
# File lib/net/ssh/known_hosts.rb, line 82 82: def initialize(source) 83: @source = File.expand_path(source) 84: end
Searches all known host files (see KnownHosts.hostfiles) for all keys of the given host. Returns an array of keys found.
# File lib/net/ssh/known_hosts.rb, line 28 28: def search_for(host, options={}) 29: search_in(hostfiles(options), host) 30: end
Search for all known keys for the given host, in every file given in the files array. Returns the list of keys.
# File lib/net/ssh/known_hosts.rb, line 34 34: def search_in(files, host) 35: files.map { |file| KnownHosts.new(file).keys_for(host) }.flatten 36: end
Tries to append an entry to the current source file for the given host and key. If it is unable to (because the file is not writable, for instance), an exception will be raised.
# File lib/net/ssh/known_hosts.rb, line 133 133: def add(host, key) 134: File.open(source, "a") do |file| 135: blob = [Net::SSH::Buffer.from(:key, key).to_s].pack("m*").gsub(/\s/, "") 136: file.puts "#{host} #{key.ssh_type} #{blob}" 137: end 138: end
Returns an array of all keys that are known to be associatd with the given host. The host parameter is either the domain name or ip address of the host, or both (comma-separated). Additionally, if a non-standard port is being used, it may be specified by putting the host (or ip, or both) in square brackets, and appending the port outside the brackets after a colon. Possible formats for host, then, are;
"net.ssh.test" "1.2.3.4" "net.ssh.test,1.2.3.4" "[net.ssh.test]:5555" "[1,2,3,4]:5555" "[net.ssh.test]:5555,[1.2.3.4]:5555
# File lib/net/ssh/known_hosts.rb, line 99 99: def keys_for(host) 100: keys = [] 101: return keys unless File.readable?(source) 102: 103: entries = host.split(/,/) 104: 105: File.open(source) do |file| 106: scanner = StringScanner.new("") 107: file.each_line do |line| 108: scanner.string = line 109: 110: scanner.skip(/\s*/) 111: next if scanner.match?(/$|#/) 112: 113: hostlist = scanner.scan(/\S+/).split(/,/) 114: next unless entries.all? { |entry| hostlist.include?(entry) } 115: 116: scanner.skip(/\s*/) 117: type = scanner.scan(/\S+/) 118: 119: next unless SUPPORTED_TYPE.include?(type) 120: 121: scanner.skip(/\s*/) 122: blob = scanner.rest.unpack("m*").first 123: keys << Net::SSH::Buffer.new(blob).read_key 124: end 125: end 126: 127: keys 128: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.