java.lang.Object
- org.apache.sshd.common.util.logging.AbstractLoggingBean
- - org.apache.sshd.common.util.io.ModifiableFileWatcher
  - - org.apache.sshd.server.config.keys.AuthorizedKeysAuthenticator

All Implemented Interfaces:

PublickeyAuthenticator

Direct Known Subclasses:

DefaultAuthorizedKeysAuthenticator
```
public class AuthorizedKeysAuthenticator
extends ModifiableFileWatcher
implements PublickeyAuthenticator
```
Uses the authorized keys file to implement PublickeyAuthenticator while automatically re-loading the keys if the file has changed when a new authentication request is received. Note: by default, the only validation of the username is that it is not null/empty - see isValidUsername(String, ServerSession)

Nested Class Summary

Nested Classes
Modifier and Type Class Description

private static class AuthorizedKeysAuthenticator.LazyDefaultAuthorizedKeysFileHolder

Field Summary

Fields
Modifier and Type	Field	Description
`private java.util.concurrent.atomic.AtomicReference<PublickeyAuthenticator>`	`delegateHolder`
`static java.lang.String`	`STD_AUTHORIZED_KEYS_FILENAME`	Standard OpenSSH authorized keys file name

Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
options, STRICTLY_PROHIBITED_FILE_PERMISSION

Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
log

Constructor Summary

Constructors
Constructor	Description
`AuthorizedKeysAuthenticator(java.nio.file.Path file)`
`AuthorizedKeysAuthenticator(java.nio.file.Path file, java.nio.file.LinkOption... options)`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`boolean`	`authenticate(java.lang.String username, java.security.PublicKey key, ServerSession session)`	Check the validity of a public key.
`protected PublickeyAuthenticator`	`createDelegateAuthenticator(java.lang.String username, ServerSession session, java.nio.file.Path path, java.util.Collection<AuthorizedKeyEntry> entries, PublicKeyEntryResolver fallbackResolver)`
`static java.nio.file.Path`	`getDefaultAuthorizedKeysFile()`
`protected PublicKeyEntryResolver`	`getFallbackPublicKeyEntryResolver()`
`protected boolean`	`isValidUsername(java.lang.String username, ServerSession session)`
`static java.util.List<AuthorizedKeyEntry>`	`readDefaultAuthorizedKeys(java.nio.file.OpenOption... options)`	Reads read the contents of the default OpenSSH `authorized_keys` file
`protected java.util.Collection<AuthorizedKeyEntry>`	`reloadAuthorizedKeys(java.nio.file.Path path, java.lang.String username, ServerSession session)`
`protected PublickeyAuthenticator`	`resolvePublickeyAuthenticator(java.lang.String username, ServerSession session)`

Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions

Methods inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
debug, debug, debug, debug, debug, error, error, error, error, error, getSimplifiedLogger, info, info, warn, warn, warn, warn, warn, warn, warn, warn

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

STD_AUTHORIZED_KEYS_FILENAME
```
public static final java.lang.String STD_AUTHORIZED_KEYS_FILENAME
```
Standard OpenSSH authorized keys file name

See Also:

Constant Field Values

delegateHolder

private final java.util.concurrent.atomic.AtomicReference<PublickeyAuthenticator> delegateHolder

Constructor Detail

AuthorizedKeysAuthenticator

public AuthorizedKeysAuthenticator(java.nio.file.Path file)

AuthorizedKeysAuthenticator

public AuthorizedKeysAuthenticator(java.nio.file.Path file,
                                   java.nio.file.LinkOption... options)

Method Detail

authenticate
```
public boolean authenticate(java.lang.String username,
                            java.security.PublicKey key,
                            ServerSession session)
```
Description copied from interface: PublickeyAuthenticator

Check the validity of a public key.

Specified by:

authenticate in interface PublickeyAuthenticator

Parameters:

username - the username

key - the key

session - the server session

Returns:

a boolean indicating if authentication succeeded or not

isValidUsername

protected boolean isValidUsername(java.lang.String username,
                                  ServerSession session)

resolvePublickeyAuthenticator

protected PublickeyAuthenticator resolvePublickeyAuthenticator(java.lang.String username,
                                                               ServerSession session)
                                                        throws java.io.IOException,
                                                               java.security.GeneralSecurityException

Throws:: java.io.IOException; java.security.GeneralSecurityException

createDelegateAuthenticator

protected PublickeyAuthenticator createDelegateAuthenticator(java.lang.String username,
                                                             ServerSession session,
                                                             java.nio.file.Path path,
                                                             java.util.Collection<AuthorizedKeyEntry> entries,
                                                             PublicKeyEntryResolver fallbackResolver)
                                                      throws java.io.IOException,
                                                             java.security.GeneralSecurityException

Throws:: java.io.IOException; java.security.GeneralSecurityException

getFallbackPublicKeyEntryResolver

protected PublicKeyEntryResolver getFallbackPublicKeyEntryResolver()

reloadAuthorizedKeys

protected java.util.Collection<AuthorizedKeyEntry> reloadAuthorizedKeys(java.nio.file.Path path,
                                                                        java.lang.String username,
                                                                        ServerSession session)
                                                                 throws java.io.IOException,
                                                                        java.security.GeneralSecurityException

Throws:: java.io.IOException; java.security.GeneralSecurityException

getDefaultAuthorizedKeysFile
```
public static java.nio.file.Path getDefaultAuthorizedKeysFile()
```
Returns:

The default Path location of the OpenSSH authorized keys file

readDefaultAuthorizedKeys
```
public static java.util.List<AuthorizedKeyEntry> readDefaultAuthorizedKeys(java.nio.file.OpenOption... options)
                                                                    throws java.io.IOException
```
Reads read the contents of the default OpenSSH authorized_keys file

Parameters:

options - The OpenOptions to use when reading the file

Returns:

A List of all the AuthorizedKeyEntry-ies found there - or empty if file does not exist

Throws:

java.io.IOException - If failed to read keys from file

Class AuthorizedKeysAuthenticator

Nested Class Summary

Field Summary

Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher

Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean

Constructor Summary

Method Summary

Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher

Methods inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean

Methods inherited from class java.lang.Object

Field Detail

STD_AUTHORIZED_KEYS_FILENAME

delegateHolder

Constructor Detail

AuthorizedKeysAuthenticator

AuthorizedKeysAuthenticator

Method Detail

authenticate

isValidUsername

resolvePublickeyAuthenticator

createDelegateAuthenticator

getFallbackPublicKeyEntryResolver

reloadAuthorizedKeys

getDefaultAuthorizedKeysFile

readDefaultAuthorizedKeys