1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
Writing a source definition:
============================
Place a file in /etc/openssh-known-hosts/sources. Its name must follow
run-parts' conventions.
Basic variables:
* PLUGIN: name of the plugin to use
* EXIT_IGNORE: space-seperated list of exitcodes which should be ignored, no
update is performed for this source then (optional)
The rest of the variables is plugin-specific.
For examples see /usr/share/doc/openssh-known-hosts/examples/*.
Writing a hostname filter:
==========================
Place a file $source.filter next to your $source in
/etc/openssh-known-hosts/sources.
Each line shall contain a rule consisting of an action, a space and a pattern.
The first rule with a matching pattern decides: If the action starts with a,
o, p or y (for accept, admit, allow, ok, pass, permit, print, yes, ...) the
hostname will be used, otherwise it is discarded. If a key has no hostnames
left it is discarded as a whole.
An example filter can be found in
/usr/share/doc/openssh-known-hosts/examples/curl.filter.
Writing a plugin:
=================
Place an executeable in /usr/local/share/openssh-known-hosts/plugins. Your
plugin gets the variables set in the source definition in its environment. The
working directory will be set to the source's cache directory. All your plugin
has to do is to create a file named "new". "current" must not be touched but
can be used as a hint to skip downloading the same file again. stdout and
stderr will be connected to "log", which will be output on error. You needn't
create "new" if it would be identical to "current".
|
