curl/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.3

.\" **************************************************************************
.\" *                                  _   _ ____  _
.\" *  Project                     ___| | | |  _ \| |
.\" *                             / __| | | | |_) | |
.\" *                            | (__| |_| |  _ <| |___
.\" *                             \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
.\" * are also available at https://curl.se/docs/copyright.html.
.\" *
.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
.\" * copies of the Software, and permit persons to whom the Software is
.\" * furnished to do so, under the terms of the COPYING file.
.\" *
.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
.\" * KIND, either express or implied.
.\" *
.\" * SPDX-License-Identifier: curl
.\" *
.\" **************************************************************************
.\"
.TH CURLOPT_SSH_HOSTKEYFUNCTION 3 "4 Nov 2021" libcurl libcurl
.SH NAME
CURLOPT_SSH_HOSTKEYFUNCTION \- callback to check host key
.SH SYNOPSIS
.nf
#include <curl/curl.h>

int keycallback(void *clientp,
                int keytype,
                const char *key,
                size_t keylen);

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSH_HOSTKEYFUNCTION,
                          keycallback);
.fi
.SH DESCRIPTION
Pass a pointer to your callback function, which should match the prototype
shown above. It overrides \fICURLOPT_SSH_KNOWNHOSTS(3)\fP.

This callback gets called when the verification of the SSH host key is needed.

\fBkey\fP is \fBkeylen\fP bytes long and is the key to check. \fBkeytype\fP
says what type it is, from the \fBCURLKHTYPE_*\fP series in the
\fBcurl_khtype\fP enum.

\fBclientp\fP is a custom pointer set with \fICURLOPT_SSH_HOSTKEYDATA(3)\fP.

The callback MUST return one of the following return codes to tell libcurl how
to act:
.IP CURLKHMATCH_OK
The host key is accepted, the connection should continue.
.IP CURLKHMATCH_MISMATCH
the host key is rejected, the connection is canceled.
.SH DEFAULT
NULL
.SH PROTOCOLS
SCP and SFTP
.SH EXAMPLE
.nf
int hostkeycb(void *clientp,    /* passed with CURLOPT_SSH_HOSTKEYDATA */
              int keytype,      /* CURLKHTYPE */
              const char * key, /* host key to check */
              size_t keylen);   /* length of the key */
{
  /* 'clientp' points to the callback_data struct */
  /* investigate the situation and return the correct value */
  return CURLKHMATCH_OK;
}
{
  curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/thisfile.txt");
  curl_easy_setopt(curl, CURLOPT_SSH_HOSTKEYFUNCTION, hostkeycb);
  curl_easy_setopt(curl, CURLOPT_SSH_HOSTKEYDATA, &callback_data);

  curl_easy_perform(curl);
}
.fi
.SH AVAILABILITY
Added in 7.84.0 , work only with libssh2 backend.
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
.BR CURLOPT_SSH_HOSTKEYDATA "(3), "
.BR CURLOPT_SSH_KNOWNHOSTS "(3), "