Behaviour describing the API for an SSH server's public key handling.By implementing the callbacks defined in this behavior it is possible to customize the SSH server's public key handling. By default the SSH application implements this behavior with help of the standard openssh files, see ssh(6).


Type definitions that are used more than once in this module and/or abstractions to indicate the intended use of the data type:

boolean() = true | false

string() = [byte()]

public_key() = #'RSAPublicKey'{}| {integer(), #'Dss-Parms'{}}| term()

private_key() = #'RSAPublicKey'{}| {integer(), #'Dss-Parms'{}}| term()

public_key_algorithm() = 'ssh-rsa'| 'ssh-dss' | atom()


Module:host_key(Algorithm, DaemonOptions) -> {ok, Key} | {error, Reason}

  • Algorithm = public_key_algorithm()
  • Host key algorithm. Should support 'ssh-rsa'| 'ssh-dss' but additional algorithms can be handled.
  • DaemonOptions = proplists:proplist()
  • Options provided to ssh:daemon/[2,3]
  • Key = private_key()
  • The private key of the host matching the Algorithm
  • Reason = term()

Fetches the hosts private key

Module:is_auth_key(Key, User, DaemonOptions) -> Result

  • Key = public_key()
  • Normally an RSA or DSA public key but handling of other public keys can be added
  • User = string()
  • The user owning the public key
  • DaemonOptions = proplists:proplist()
  • Options provided to ssh:daemon/[2,3]
  • Result = boolean()

Checks if the user key is authorized