Part of twisted.conch.ssh.transport View Source View In Hierarchy
Known subclasses: twisted.conch.ssh.transport.SSHClientTransport, twisted.conch.ssh.transport.SSHServerTransport
| Instance Variables | protocolVersion | A string representing the version of the SSH protocol we support. Currently defaults to '2.0'. |
| version | A string representing the version of the server or client. Currently defaults to 'Twisted'. | |
| comment | An optional string giving more information about the server or client. | |
| supportedCiphers | A list of strings representing the encryption algorithms supported, in order from most-preferred to least. | |
| supportedMACs | A list of strings representing the message authentication codes (hashes) supported, in order from most-preferred to least. Both this and supportedCiphers can include 'none' to use no encryption or authentication, but that must be done manually, | |
| supportedKeyExchanges | A list of strings representing the key exchanges supported, in order from most-preferred to least. | |
| supportedPublicKeys | A list of strings representing the public key types supported, in order from most-preferred to least. | |
| supportedCompressions | A list of strings representing compression types supported, from most-preferred to least. | |
| supportedLanguages | A list of strings representing languages supported, from most-preferred to least. | |
| supportedVersions | A container of strings representing supported ssh protocol version numbers. | |
| isClient | A boolean indicating whether this is a client or server. | |
| gotVersion | A boolean indicating whether we have receieved the version string from the other side. | |
| buf | Data we've received but hasn't been parsed into a packet. | |
| outgoingPacketSequence | the sequence number of the next packet we will send. | |
| incomingPacketSequence | the sequence number of the next packet we are expecting from the other side. | |
| outgoingCompression | an object supporting the .compress(str) and .flush() methods, or None if there is no outgoing compression. Used to compress outgoing data. | |
| outgoingCompressionType | A string representing the outgoing compression type. | |
| incomingCompression | an object supporting the .decompress(str) method, or None if there is no incoming compression. Used to decompress incoming data. | |
| incomingCompressionType | A string representing the incoming compression type. | |
| ourVersionString | the version string that we sent to the other side. Used in the key exchange. | |
| otherVersionString | the version string sent by the other side. Used in the key exchange. | |
| ourKexInitPayload | the MSG_KEXINIT payload we sent. Used in the key exchange. | |
| otherKexInitPayload | the MSG_KEXINIT payload we received. Used in the key exchange | |
| sessionID | a string that is unique to this SSH session. Created as part of the key exchange, sessionID is used to generate the various encryption and authentication keys. | |
| service | an SSHService instance, or None. If it's set to an object, it's the currently running service. | |
| kexAlg | the agreed-upon key exchange algorithm. | |
| keyAlg | the agreed-upon public key type for the key exchange. | |
| currentEncryptions | an SSHCiphers instance. It represents the current encryption and authentication options for the transport. | |
| nextEncryptions | an SSHCiphers instance. Held here until the MSG_NEWKEYS messages are exchanged, when nextEncryptions is transitioned to currentEncryptions. | |
| first | the first bytes of the next packet. In order to avoid decrypting data twice, the first bytes are decrypted and stored until the whole packet is available. | |
| _keyExchangeState | The current protocol state with respect to key exchange. This is either
_KEY_EXCHANGE_NONE if no key exchange is in progress (and
returns to this value after any key exchange completes),
_KEY_EXCHANGE_REQUESTED if this side of the connection
initiated a key exchange, and _KEY_EXCHANGE_PROGRESSING if the
other side of the connection initiated a key exchange.
_KEY_EXCHANGE_NONE is the initial value (however SSH
connections begin with key exchange, so it will quickly change to another
state).
| |
| _blockedByKeyExchange | Whenever _keyExchangeState is not
_KEY_EXCHANGE_NONE, this is a list of pending
messages which were passed to sendPacket
but could not be sent because it is not legal to send them while a key
exchange is in progress. When the key exchange completes, another attempt
is made to send these messages.
|
| Method | connectionLost | Called when the connection is shut down. |
| Method | connectionMade | Called when the connection is made to the other side. We sent our version and the MSG_KEXINIT packet. |
| Method | sendKexInit | Send a KEXINIT message to initiate key exchange or to respond to a key exchange initiated by the peer. |
| Method | sendPacket | Sends a packet. If it's been set up, compress the data, encrypt it, and authenticate it before sending. If key exchange is in progress and the message is not part of key exchange, queue it to be sent later. |
| Method | getPacket | Try to return a decrypted, authenticated, and decompressed packet out of the buffer. If there is not enough data, return None. |
| Method | dataReceived | First, check for the version string (SSH-2.0-*). After that has been received, this method adds data to the buffer, and pulls out any packets. |
| Method | dispatchMessage | Send a received message to the appropriate method. |
| Method | ssh_KEXINIT | No summary |
| Method | ssh_DISCONNECT | Called when we receive a MSG_DISCONNECT message. Payload:: long code string description |
| Method | ssh_IGNORE | Called when we receieve a MSG_IGNORE message. No payload. This means nothing; we simply return. |
| Method | ssh_UNIMPLEMENTED | Called when we receieve a MSG_UNIMPLEMENTED message. Payload:: long packet |
| Method | ssh_DEBUG | No summary |
| Method | setService | Set our service to service and start it running. If we were running a service previously, stop it first. |
| Method | sendDebug | Send a debug message to the other side. |
| Method | sendIgnore | Send a message that will be ignored by the other side. This is useful to fool attacks based on guessing packet sizes in the encrypted stream. |
| Method | sendUnimplemented | Send a message to the other side that the last packet was not understood. |
| Method | sendDisconnect | Send a disconnect message to the other side and then disconnect. |
| Method | isEncrypted | Return True if the connection is encrypted in the given direction. Direction must be one of ["out", "in", "both"]. |
| Method | isVerified | Return True if the connecction is verified/authenticated in the given direction. Direction must be one of ["out", "in", "both"]. |
| Method | loseConnection | Lose the connection to the other side, sending a DISCONNECT_CONNECTION_LOST message. |
| Method | receiveError | Called when we receive a disconnect error message from the other side. |
| Method | receiveUnimplemented | Called when we receive an unimplemented packet message from the other side. |
| Method | receiveDebug | Called when we receive a debug message from the other side. |
| Method | _allowedKeyExchangeMessageType | Determine if the given message type may be sent while key exchange is in progress. |
| Method | _unsupportedVersionReceived | Called when an unsupported version of the ssh protocol is received from the remote endpoint. |
| Method | _getKey | Get one of the keys for authentication/encryption. |
| Method | _keySetup | Set up the keys for the connection and sends MSG_NEWKEYS when finished, |
| Method | _newKeys | No summary |
Inherited from BaseProtocol (via Protocol):
| Method | makeConnection | Make a connection to a transport and a server. |
Called when the connection is shut down.
Clear any circular references here, and any external references to this Protocol. The connection has been closed.| Parameters | reason | (type: twisted.python.failure.Failure
) |
| Returns | None
| |
| Raises | RuntimeError | If a key exchange has already been started and it is not appropriate to send a KEXINIT message at this time. |
| Parameters | messageType | The type of message
(type: int
) |
| Returns | True if the given type of message may be sent while key
exchange is in progress, False if it may not.
(type: bool
) | |
| See Also | http://tools.ietf.org/html/rfc4253#section-7.1 | |
| Parameters | messageType | The type of the packet; generally one of the MSG_* values.
(type: int
) |
| payload | The payload for the message.
(type: str
) |
| Returns | (type: str/None
) | |
| Parameters | remoteVersion | remote ssh protocol version which is unsupported by us.
(type: str
) |
| Parameters | data | (type: str
) |
| Parameters | messageNum | (type: int
) |
| payload | (type: c{str} ) |
bytes[16] cookie string keyExchangeAlgorithms string keyAlgorithms string incomingEncryptions string outgoingEncryptions string incomingAuthentications string outgoingAuthentications string incomingCompressions string outgoingCompressions string incomingLanguages string outgoingLanguages bool firstPacketFollows unit32 0 (reserved)Starts setting up the key exchange, keys, encryptions, and authentications. Extended by ssh_KEXINIT in SSHServerTransport and SSHClientTransport.
long code string descriptionThis means that the other side has disconnected. Pass the message up and disconnect ourselves.
long packetThis means that the other side did not implement one of our packets.
bool alwaysDisplay string message string languageThis means the other side has passed along some debugging info.
| Parameters | service | (type: SSHService
) |
| Parameters | message | the message to send.
(type: str
) |
| alwaysDisplay | if True, tell the other side to always display this message.
(type: bool
) | |
| language | optionally, the language the message is in.
(type: str
) |
| Parameters | message | data to send with the message
(type: str
) |
| Parameters | reason | the reason for the disconnect. Should be one of the DISCONNECT_*
values.
(type: int
) |
| desc | a descrption of the reason for the disconnection.
(type: str
) |
| Parameters | c | (type: str
) |
| sharedSecret | (type: str
) | |
| exchangeHash | (type: str
) |
| Parameters | sharedSecret | a secret string agreed upon using a Diffie- Hellman exchange, so it is
only shared between the server and the client.
(type: str
) |
| exchangeHash | A hash of various data known by both sides.
(type: str
) |
| Parameters | reasonCode | the reason for the disconnect, one of the DISCONNECT_ values.
(type: int
) |
| description | a human-readable description of the disconnection.
(type: str
) |
| Parameters | seqnum | the sequence number that was not understood.
(type: int
) |
| Parameters | alwaysDisplay | if True, this message should always be displayed.
(type: bool
) |
| message | the debug message
(type: str
) | |
| lang | optionally the language the message is in.
(type: str
) |