Known hosts

SSH, SCP, and SFTP adapters use functions that verify the encryption key when opening a connection. The following table describes optional elements that you can use in both adapter configurations and dynamic targets to verify the encryption key when opening a connection.


Optional elements for verifying the encryption key

Element

Description

<known-hosts-config>

Identifies the path to the local known_hosts file

This file is used when verifying the key.

Default value: homeDir/.ssh/known_hosts.

<allow-unknown-hosts>

Specifies whether a connection must continue if the key verification fails

Valid values: true (default), false

With a value of true, the connection is maintained when connecting to an unknown or mismatched system. With a value of false, the connection is dropped and the adapter response returns an error.

<preferred-pk-algorithm>

Specifies the preference of the algorithm used to encrypt the public key

Valid values: ssh-dss, ssh-rsa (default)

The following figure shows an XML sample using the optional elements for verifying the encryption key.

XML sample configuration for known hosts

...
<target>
   <host>test.target1.com</host>
   <port>22</port>
   <user-name>user1</user-name>
   <password>password1</password>
   <prompt>user1$</prompt>
   <known-hosts-config>/path/to/known_hosts</known-hosts-config>
   <allow-unknown-hosts>false</allow-unknown-hosts>
   <preferred-pk-algorithm>ssh\-dss</preferred-pk-algorithm>
</target>
... 

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Comments