Behavior describing the API for public key handling of an SSH client. By implementing the callbacks defined in this behavior, the public key handling of an SSH client can be customized. By default the ssh application implements this behavior with help of the standard OpenSSH files, see the ssh(6) application manual.


client_key_cb_options() =
            [{key_cb_private, term()} | ssh:client_option()]

Options provided to ssh:connect/[3,4].

The option list given in the key_cb option is available with the key key_cb_private.


Module:add_host_key(HostNames, PublicHostKey, ConnectOptions) -> ok | {error, Reason}

  • HostNames = string()
  • Description of the host that owns the PublicHostKey.
  • PublicHostKey = public_key:public_key()
  • Of ECDSA keys, only the Normally an RSA, DSA or ECDSA public key, but handling of other public keys can be added.
  • ConnectOptions = client_key_cb_options()

Adds a host key to the set of trusted host keys.

Module:is_host_key(Key, Host, Algorithm, ConnectOptions) -> Result

Checks if a host key is trusted.

Module:user_key(Algorithm, ConnectOptions) -> {ok, PrivateKey} | {error, Reason}

Fetches the users public key matching the Algorithm.


The private key contains the public key.