Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
ssh_file(3)		   Erlang Module Definition		   ssh_file(3)

NAME
       ssh_file	 - Default callback module for the client's and	server's data-
       base operations in the ssh application

DESCRIPTION
       This module is the default callback handler for the  client's  and  the
       server's	 user  and  host "database" operations.	All data, for instance
       key pairs, are stored in	files in the normal  file  system.  This  page
       documents  the  files,  where they are stored and configuration options
       for this	callback module.

       The intention is	to be compatible with the OpenSSH  storage  in	files.
       Therefore it mimics directories and filenames of	OpenSSH.

       Ssh_file	 implements the	ssh_server_key_api and the ssh_client_key_api.
       This enables the	user to	make an	own  interface	using  for  example  a
       database	handler.

       Such another callback module could be used by setting the option	key_cb
       when starting a client or  a  server  (with  for	 example  ssh:connect,
       ssh:daemon of ssh:shell ).

   Note:
       The  functions are Callbacks  for the SSH app. They are not intended to
       be called from the user's code!

FILES, DIRECTORIES AND WHO USES	THEM
   Daemons
       Daemons uses all	files stored in	the SYSDIR directory.

       Optionaly, in case of publickey authorization, one or more of  the  re-
       mote  user's  public  keys  in  the USERDIR directory are used. See the
       files USERDIR/authorized_keys and USERDIR/authorized_keys2.

   Clients
       Clients uses all	files stored in	the USERDIR directory.

   Directory contents
	 LOCALUSER:
	   The user name of the	OS process running the Erlang virtual  machine
	   (emulator).

	 SYSDIR:
	   This	is the directory holding the server's files:

	   * ssh_host_dsa_key -	private	dss host key (optional)

	   * ssh_host_rsa_key -	private	rsa host key (optional)

	   * ssh_host_ecdsa_key	- private ecdsa	host key (optional)

	   * ssh_host_ed25519_key  -  private  eddsa  host key for curve 25519
	     (optional)

	   * ssh_host_ed448_key	- private eddsa	host key for  curve  448  (op-
	     tional)

	   At  least one host key must be defined. The default value of	SYSDIR
	   is /etc/ssh.

	   For security	reasons, this directory	is normally accessible only to
	   the root user.

	   To change the SYSDIR, see the system_dir option.

	 USERDIR:
	   This	is the directory holding the files:

	   * authorized_keys and, as second alternative	authorized_keys2 - the
	     user's public keys	are stored concatenated	in one of those	files.

	   * known_hosts - host	keys from hosts	visited	concatenated. The file
	     is	created	and used by the	client.

	   * id_dsa - private dss user key (optional)

	   * id_rsa - private rsa user key (optional)

	   * id_ecdsa -	private	ecdsa user key (optional)

	   * id_ed25519	- private eddsa	user key for curve 25519 (optional)

	   * id_ed448 -	private	eddsa user key for curve 448 (optional)

	   The default value of	USERDIR	is /home/LOCALUSER/.ssh.

	   To change the USERDIR, see the user_dir option

DATA TYPES
   Options for the default ssh_file callback module
       user_dir_common_option()	= {user_dir, string()}

	      Sets the user directory.

       user_dir_fun_common_option() = {user_dir_fun, user2dir()}

       user2dir() =
	   fun((RemoteUserName :: string()) -> UserDir :: string())

	      Sets  the	 user directory	dynamically by evaluating the user2dir
	      function.

       system_dir_daemon_option() = {system_dir, string()}

	      Sets the system directory.

       pubkey_passphrase_client_options() =
	   {dsa_pass_phrase, string()} |
	   {rsa_pass_phrase, string()} |
	   {ecdsa_pass_phrase, string()}

	      If  the  user's  DSA,  RSA  or  ECDSA  key  is  protected	 by  a
	      passphrase, it can be supplied with thoose options.

	      Note that	EdDSA passhrases (Curves 25519 and 448)	are not	imple-
	      mented.

EXPORTS
       host_key(Algorithm, DaemonOptions) -> {ok, Key} | {error, Reason}

	      Types and	description

	      See   the	  api	description   in   ssh_server_key_api,	  Mod-
	      ule:host_key/2.

	      Options

		* system_dir

	      Files

		* SYSDIR/ssh_host_rsa_key

		* SYSDIR/ssh_host_dsa_key

		* SYSDIR/ssh_host_ecdsa_key

		* SYSDIR/ssh_host_ed25519_key

		* SYSDIR/ssh_host_ed448_keyc>

       is_auth_key(PublicUserKey, User,	DaemonOptions) -> Result

	      Types and	description

	      See    the   api	 description   in   ssh_server_key_api:	  Mod-
	      ule:is_auth_key/3.

	      Options

		* user_dir_fun

		* user_dir

	      Files

		* USERDIR/authorized_keys

		* USERDIR/authorized_keys2

       add_host_key(HostNames, PublicHostKey, ConnectOptions) -> ok |  {error,
       Reason}

	      Types and	description

	      See    the   api	 description   in   ssh_client_key_api,	  Mod-
	      ule:add_host_key/3.

	      Option

		* user_dir

	      File

		* USERDIR/known_hosts

       is_host_key(Key,	Host, Algorithm, ConnectOptions) -> Result

	      Types and	description

	      See   the	  api	description   in   ssh_client_key_api,	  Mod-
	      ule:is_host_key/4.

	      Option

		* user_dir

	      File

		* USERDIR/known_hosts

       user_key(Algorithm,  ConnectOptions) -> {ok, PrivateKey}	| {error, Rea-
       son}

	      Types and	description

	      See   the	  api	description   in   ssh_client_key_api,	  Mod-
	      ule:user_key/2.

	      Options

		* user_dir

		* dsa_pass_phrase

		* rsa_pass_phrase

		* ecdsa_pass_phrase

	      Note that	EdDSA passhrases (Curves 25519 and 448)	are not	imple-
	      mented.

	      Files

		* USERDIR/id_dsa

		* USERDIR/id_rsa

		* USERDIR/id_ecdsa

		* USERDIR/id_ed25519

		* USERDIR/id_ed448

Ericsson AB			   ssh 4.7.4			   ssh_file(3)

NAME | DESCRIPTION | FILES, DIRECTORIES AND WHO USES THEM | DATA TYPES | EXPORTS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=ssh_file&sektion=3&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help