Search…
⌃K

SSH key

This callback is set with CURLOPT_SSH_KEYFUNCTION.
It gets called when the known_host matching has been done, to allow the application to act and decide for libcurl how to proceed. The callback will only be called if CURLOPT_SSH_KNOWNHOSTS is also set.
In the arguments to the callback are the old key and the new key and the callback is expected to return a return code that tells libcurl how to act:
CURLKHSTAT_FINE_REPLACE - The new host+key is accepted and libcurl will replace the old host+key into the known_hosts file before continuing with the connection. This will also add the new host+key combo to the known_host pool kept in memory if it was not already present there. The adding of data to the file is done by completely replacing the file with a new copy, so the permissions of the file must allow this.
CURLKHSTAT_FINE_ADD_TO_FILE - The host+key is accepted and libcurl will append it to the known_hosts file before continuing with the connection. This will also add the host+key combo to the known_host pool kept in memory if it was not already present there. The adding of data to the file is done by completely replacing the file with a new copy, so the permissions of the file must allow this.
CURLKHSTAT_FINE - The host+key is accepted libcurl will continue with the connection. This will also add the host+key combo to the known_host pool kept in memory if it was not already present there.
CURLKHSTAT_REJECT - The host+key is rejected. libcurl will deny the connection to continue and it will be closed.
CURLKHSTAT_DEFER - The host+key is rejected, but the SSH connection is asked to be kept alive. This feature could be used when the app wants to somehow return and act on the host+key situation and then retry without needing the overhead of setting it up from scratch again.