1ssh_file(3) Erlang Module Definition ssh_file(3)
2
3
4
6 ssh_file - Default callback module for the client's and server's data‐
7 base operations in the ssh application
8
10 This module is the default callback handler for the client's and the
11 server's user and host "database" operations. All data, for instance
12 key pairs, are stored in files in the normal file system. This page
13 documents the files, where they are stored and configuration options
14 for this callback module.
15
16 The intention is to be compatible with the OpenSSH storage in files.
17 Therefore it mimics directories and filenames of OpenSSH.
18
19 Ssh_file implements the ssh_server_key_api and the ssh_client_key_api.
20 This enables the user to make an own interface using for example a
21 database handler.
22
23 Such another callback module could be used by setting the option key_cb
24 when starting a client or a server (with for example ssh:connect,
25 ssh:daemon of ssh:shell ).
26
27 Note:
28 The functions are Callbacks for the SSH app. They are not intended to
29 be called from the user's code!
30
31
33 Daemons
34 Daemons uses all files stored in the SYSDIR directory.
35
36 Optionaly, in case of publickey authorization, one or more of the
37 remote user's public keys in the USERDIR directory are used. See the
38 files USERDIR/authorized_keys and USERDIR/authorized_keys2.
39
40 Clients
41 Clients uses all files stored in the USERDIR directory.
42
43 Directory contents
44 LOCALUSER:
45 The user name of the OS process running the Erlang virtual machine
46 (emulator).
47
48 SYSDIR:
49 This is the directory holding the server's files:
50
51 * ssh_host_dsa_key - private dss host key (optional)
52
53 * ssh_host_rsa_key - private rsa host key (optional)
54
55 * ssh_host_ecdsa_key - private ecdsa host key (optional)
56
57 * ssh_host_ed25519_key - private eddsa host key for curve 25519
58 (optional)
59
60 * ssh_host_ed448_key - private eddsa host key for curve 448
61 (optional)
62
63 At least one host key must be defined. The default value of SYSDIR
64 is /etc/ssh.
65
66 For security reasons, this directory is normally accessible only to
67 the root user.
68
69 To change the SYSDIR, see the system_dir option.
70
71 USERDIR:
72 This is the directory holding the files:
73
74 * authorized_keys and, as second alternative authorized_keys2 - the
75 user's public keys are stored concatenated in one of those files.
76
77 * known_hosts - host keys from hosts visited concatenated. The file
78 is created and used by the client.
79
80 * id_dsa - private dss user key (optional)
81
82 * id_rsa - private rsa user key (optional)
83
84 * id_ecdsa - private ecdsa user key (optional)
85
86 * id_ed25519 - private eddsa user key for curve 25519 (optional)
87
88 * id_ed448 - private eddsa user key for curve 448 (optional)
89
90 The default value of USERDIR is /home/LOCALUSER/.ssh.
91
92 To change the USERDIR, see the user_dir option
93
95 Options for the default ssh_file callback module
96 user_dir_common_option() = {user_dir, string()}
97
98 Sets the user directory.
99
100 user_dir_fun_common_option() = {user_dir_fun, user2dir()}
101
102 user2dir() =
103 fun((RemoteUserName :: string()) -> UserDir :: string())
104
105 Sets the user directory dynamically by evaluating the user2dir
106 function.
107
108 system_dir_daemon_option() = {system_dir, string()}
109
110 Sets the system directory.
111
112 pubkey_passphrase_client_options() =
113 {dsa_pass_phrase, string()} |
114 {rsa_pass_phrase, string()} |
115 {ecdsa_pass_phrase, string()}
116
117 If the user's DSA, RSA or ECDSA key is protected by a
118 passphrase, it can be supplied with thoose options.
119
120 Note that EdDSA passhrases (Curves 25519 and 448) are not imple‐
121 mented.
122
124 host_key(Algorithm, DaemonOptions) -> {ok, Key} | {error, Reason}
125
126 Types and description
127
128 See the api description in ssh_server_key_api, Mod‐
129 ule:host_key/2.
130
131 Options
132
133 * system_dir
134
135 Files
136
137 * SYSDIR/ssh_host_rsa_key
138
139 * SYSDIR/ssh_host_dsa_key
140
141 * SYSDIR/ssh_host_ecdsa_key
142
143 * SYSDIR/ssh_host_ed25519_key
144
145 * SYSDIR/ssh_host_ed448_keyc>
146
147 is_auth_key(PublicUserKey, User, DaemonOptions) -> Result
148
149 Types and description
150
151 See the api description in ssh_server_key_api: Mod‐
152 ule:is_auth_key/3.
153
154 Options
155
156 * user_dir_fun
157
158 * user_dir
159
160 Files
161
162 * USERDIR/authorized_keys
163
164 * USERDIR/authorized_keys2
165
166 add_host_key(HostNames, PublicHostKey, ConnectOptions) -> ok | {error,
167 Reason}
168
169 Types and description
170
171 See the api description in ssh_client_key_api, Mod‐
172 ule:add_host_key/3.
173
174 Option
175
176 * user_dir
177
178 File
179
180 * USERDIR/known_hosts
181
182 is_host_key(Key, Host, Algorithm, ConnectOptions) -> Result
183
184 Types and description
185
186 See the api description in ssh_client_key_api, Mod‐
187 ule:is_host_key/4.
188
189 Option
190
191 * user_dir
192
193 File
194
195 * USERDIR/known_hosts
196
197 user_key(Algorithm, ConnectOptions) -> {ok, PrivateKey} | {error, Rea‐
198 son}
199
200 Types and description
201
202 See the api description in ssh_client_key_api, Mod‐
203 ule:user_key/2.
204
205 Options
206
207 * user_dir
208
209 * dsa_pass_phrase
210
211 * rsa_pass_phrase
212
213 * ecdsa_pass_phrase
214
215 Note that EdDSA passhrases (Curves 25519 and 448) are not imple‐
216 mented.
217
218 Files
219
220 * USERDIR/id_dsa
221
222 * USERDIR/id_rsa
223
224 * USERDIR/id_ecdsa
225
226 * USERDIR/id_ed25519
227
228 * USERDIR/id_ed448
229
230Ericsson AB ssh 4.9 ssh_file(3)