ssh_file(3erl) | Erlang Module Definition | ssh_file(3erl) |
ssh_file - Default callback module for the client's and server's database operations in the ssh application
This module is the default callback handler for the client's and the server's user and host "database" operations. All data, for instance key pairs, are stored in files in the normal file system. This page documents the files, where they are stored and configuration options for this callback module.
The intention is to be compatible with the OpenSSH storage in files. Therefore it mimics directories and filenames of OpenSSH.
Ssh_file implements the ssh_server_key_api and the ssh_client_key_api. This enables the user to make an own interface using for example a database handler.
Such another callback module could be used by setting the option key_cb when starting a client or a server (with for example ssh:connect, ssh:daemon of ssh:shell ).
Daemons uses all files stored in the SYSDIR directory.
Optionaly, in case of publickey authorization, one or more of the remote user's public keys in the USERDIR directory are used. See the files USERDIR/authorized_keys and USERDIR/authorized_keys2.
Clients uses all files stored in the USERDIR directory.
At least one host key must be defined. The default value of SYSDIR is /etc/ssh.
For security reasons, this directory is normally accessible only to the root user.
To change the SYSDIR, see the system_dir option.
The default value of USERDIR is /home/LOCALUSER/.ssh.
To change the USERDIR, see the user_dir option
user_dir_common_option() = {user_dir, string()}
Sets the user directory.
user_dir_fun_common_option() = {user_dir_fun, user2dir()}
user2dir() =
fun((RemoteUserName :: string()) -> UserDir :: string())
Sets the user directory dynamically by evaluating the user2dir function.
system_dir_daemon_option() = {system_dir, string()}
Sets the system directory.
pubkey_passphrase_client_options() =
{dsa_pass_phrase, string()} |
{rsa_pass_phrase, string()} |
{ecdsa_pass_phrase, string()}
If the user's DSA, RSA or ECDSA key is protected by a passphrase, it can be supplied with thoose options.
Note that EdDSA passhrases (Curves 25519 and 448) are not implemented.
host_key(Algorithm, DaemonOptions) -> {ok, Key} | {error,
Reason}
Types and description
See the api description in ssh_server_key_api, Module:host_key/2.
Options
Files
is_auth_key(PublicUserKey, User, DaemonOptions) ->
Result
Types and description
See the api description in ssh_server_key_api: Module:is_auth_key/3.
Options
Files
add_host_key(HostNames, PublicHostKey, ConnectOptions) -> ok
| {error, Reason}
Types and description
See the api description in ssh_client_key_api, Module:add_host_key/3.
Option
File
is_host_key(Key, Host, Algorithm, ConnectOptions) ->
Result
Types and description
See the api description in ssh_client_key_api, Module:is_host_key/4.
Option
File
user_key(Algorithm, ConnectOptions) -> {ok, PrivateKey} |
{error, Reason}
Types and description
See the api description in ssh_client_key_api, Module:user_key/2.
Options
Note that EdDSA passhrases (Curves 25519 and 448) are not implemented.
Files
ssh 4.7.3 | Ericsson AB |