twisted.conch.checkers.SSHPublicKeyDatabase class documentationtwisted.conch.checkers
(View In Hierarchy)
Implements interfaces: twisted.cred.checkers.ICredentialsChecker
Checker that authenticates SSH public keys, based on public keys listed in authorized_keys and authorized_keys2 files in user .ssh/ directories.
| Method | requestAvatarId | Validate credentials and produce an avatar ID. |
| Method | getAuthorizedKeysFiles | Return a list of FilePath
instances for authorized_keys files which might contain information
about authorized keys for the given credentials. |
| Method | checkKey | Retrieve files containing authorized keys and check against user credentials. |
| Method | _cbRequestAvatarId | Check whether the credentials themselves are valid, now that we know if the key matches the user. |
| Method | _ebRequestAvatarId | Undocumented |
Validate credentials and produce an avatar ID.
| Parameters | credentials | something which implements one of the interfaces in
credentialInterfaces. |
| Returns | a Deferred
which will fire with a bytes
that identifies an avatar, an empty tuple to specify an authenticated
anonymous user (provided as twisted.cred.checkers.ANONYMOUS)
or fail with UnauthorizedLogin.
Alternatively, return the result itself. | |
| See Also | twisted.cred.credentials | |
Check whether the credentials themselves are valid, now that we know if the key matches the user.
| Parameters | validKey | A boolean indicating whether or not the public key matches a key in the user's authorized_keys file. |
| credentials | The credentials offered by the user. (type: ISSHPrivateKey
provider) | |
| Returns | The user's username, if authentication was successful. | |
| Raises | UnauthorizedLogin | (as a failure) if the key does not match the user in
credentials. Also raised if the user provides an invalid
signature. |
| ValidPublicKey | (as a failure) if the key matches the user but the credentials do not
include a signature. See error.ValidPublicKey
for more information. | |
Return a list of FilePath
instances for authorized_keys files which might contain information
about authorized keys for the given credentials.
On OpenSSH servers, the default location of the file containing the list of authorized public keys is $HOME/.ssh/authorized_keys.
$HOME/.ssh/authorized_keys2 is also returned, though it has been deprecated by OpenSSH since 2001.
| Returns | A list of FilePath
instances to files with the authorized keys. | |