SSHFTP: hashed hostnames are not returned

Question

Hello,

we are trying to implement the validate method of SSHFTPValidator and stuck on a problem that the hostnames/public keys on a hashed hostname added as known hosts are not returned, as the API said:

public java.lang.String[] getKnownHostnames()

    Get the known host name entries. This may include IP addresses, and host names may be a combination of IP address and hostname, e.g. edtmobile,10.0.0.3 This method does not split these up. Also, hashed hostnames are not returned. 

The question is, how could we use our own validation if the hostname is hashed. Could you give some tips and tricks?

Answer 1

The reason why they aren't returned in getKnownHostnames() is because we don't know what they are - they are hashed, and the hostnames can't be extracted. Hashed hostnames were introduced in SSH to make the known_hosts file more secure.

We've modified public SSHFTPPublicKey[] getKnownHostKeys(String hostname) to work for hashed hostnames as well as non-hashed ones. The hostname can be passed in and will return the keys if they exist.