Package org.jenkinsci.plugins.gitclient.verifier

Class SshHostKeyVerificationStrategy<T extends HostKeyVerifierFactory>

java.lang.Object

hudson.model.AbstractDescribableImpl<SshHostKeyVerificationStrategy<T>>

org.jenkinsci.plugins.gitclient.verifier.SshHostKeyVerificationStrategy<T>

All Implemented Interfaces:

ExtensionPoint, Describable<SshHostKeyVerificationStrategy<T>>

Direct Known Subclasses:

AcceptFirstConnectionStrategy, KnownHostsFileVerificationStrategy, ManuallyProvidedKeyVerificationStrategy, NoHostKeyVerificationStrategy

public abstract class SshHostKeyVerificationStrategy<T extends HostKeyVerifierFactory>
extends AbstractDescribableImpl<SshHostKeyVerificationStrategy<T>>
implements ExtensionPoint

Secure shell host key verification strategy extension point for SSH connections from the git client plugin. Secure shell (ssh) host key verification protects an SSH client from a man in the middle attack.

Host key verifications strategies allow the Jenkins administrator to choose the level of host key verification that will be performed.

Host key verification strategies include:

Accept first connection

Remembers the first host key encountered for each git server and requires that the same host key must be used for later access. This is usually the most convenient setting for administrators while still providing ssh host key verification

Known hosts file

Uses the existing 'known_hosts' file on the controller and on the agent. This assumes the administrator has already configured this file on the controller and on all agents

Manually provided keys

Provides a form field where the administrator inserts the host keys for the git repository servers. This works well when a small set of repository servers meet the needs of most users

No verification

Disables all verification of ssh host keys. Not recommended because it provides no protection from "man-in-the-middle" attacks

Configure the host key verification strategy from "Manage Jenkins" / "Security" / "Git Host Key Verification Configuration". More details are available in the plugin documentation.

Nested Class Summary

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

ExtensionPoint.LegacyInstancesAreScopedToHudson

Field Summary

Fields

Modifier and Type	Field	Description
static final File	JGIT_KNOWN_HOSTS_FILE	JGit known hosts file path for the current user.
static final String	KNOWN_HOSTS_DEFAULT	Default path to the known hosts file for the current user.

Constructor Summary

Constructors

Constructor	Description
SshHostKeyVerificationStrategy()

Method Summary

Modifier and Type	Method	Description
Descriptor<SshHostKeyVerificationStrategy<T>>	getDescriptor()
abstract T	getVerifier()	Returns the ssh host key verifier for this strategy.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

KNOWN_HOSTS_DEFAULT

public static final String KNOWN_HOSTS_DEFAULT

Default path to the known hosts file for the current user.

JGIT_KNOWN_HOSTS_FILE

public static final File JGIT_KNOWN_HOSTS_FILE

JGit known hosts file path for the current user. Uses the default path to the known hosts file for the current user unless the JGIT_KNOWN_HOSTS_PROPERTY property is set.

Constructor Details

SshHostKeyVerificationStrategy

public SshHostKeyVerificationStrategy()

Method Details

getDescriptor

public Descriptor<SshHostKeyVerificationStrategy<T>> getDescriptor()

Specified by:

getDescriptor in interface Describable<T extends HostKeyVerifierFactory>

Overrides:

getDescriptor in class AbstractDescribableImpl<SshHostKeyVerificationStrategy<T extends HostKeyVerifierFactory>>

getVerifier

public abstract T getVerifier()

Returns the ssh host key verifier for this strategy.

Returns:

ssh host key verifier for this strategy.