Part of twisted.conch.ssh.transport View Source View In Hierarchy
Known subclasses: twisted.conch.client.direct.SSHClientTransport, twisted.conch.scripts.tkconch.SSHClientTransport
| Instance Variables | isClient | since we are always the client, this is always True. |
| _gotNewKeys | if we receive a MSG_NEWKEYS message before we are ready to transition to the new keys, this is set to True so we can transition when the keys are ready locally. | |
| x | our Diffie-Hellman private key. | |
| e | our Diffie-Hellman public key. | |
| g | the Diffie-Hellman group generator. | |
| p | the Diffie-Hellman group prime | |
| instance | the SSHService object we are requesting. |
| Method | connectionMade | Called when the connection is started with the server. Just sets up a private instance variable. |
| Method | ssh_KEXINIT | No summary |
| Method | ssh_KEX_DH_GEX_GROUP | This handles two different message which share an integer value. |
| Method | ssh_KEX_DH_GEX_REPLY | Called when we receieve a MSG_KEX_DH_GEX_REPLY message. Payload:: string server host key integer f (server DH public key) |
| Method | ssh_NEWKEYS | Called when we receieve a MSG_NEWKEYS message. No payload. If we've finished setting up our own keys, start using them. Otherwise, remeber that we've receieved this message. |
| Method | ssh_SERVICE_ACCEPT | Called when we receieve a MSG_SERVICE_ACCEPT message. Payload:: string service name |
| Method | requestService | Request that a service be run over this transport. |
| Method | verifyHostKey | Returns a Deferred that gets a callback if it is a valid key, or an errback if not. |
| Method | connectionSecure | Called when the encryption has been set up. Generally, requestService() is called to run another service over the transport. |
| Method | _ssh_KEXDH_REPLY | Called to handle a reply to a diffie-hellman-group1-sha1 key exchange message (KEXDH_INIT). |
| Method | _continueKEXDH_REPLY | The host key has been verified, so we generate the keys. |
| Method | _continueGEX_REPLY | The host key has been verified, so we generate the keys. |
| Method | _keySetup | See SSHTransportBase._keySetup(). |
Inherited from SSHTransportBase:
| Method | connectionLost | Called when the connection is shut down. |
| Method | sendKexInit | Send a KEXINIT message to initiate key exchange or to respond to a key exchange initiated by the peer. |
| Method | sendPacket | Sends a packet. If it's been set up, compress the data, encrypt it, and authenticate it before sending. If key exchange is in progress and the message is not part of key exchange, queue it to be sent later. |
| Method | getPacket | Try to return a decrypted, authenticated, and decompressed packet out of the buffer. If there is not enough data, return None. |
| Method | dataReceived | First, check for the version string (SSH-2.0-*). After that has been received, this method adds data to the buffer, and pulls out any packets. |
| Method | dispatchMessage | Send a received message to the appropriate method. |
| Method | ssh_DISCONNECT | Called when we receive a MSG_DISCONNECT message. Payload:: long code string description |
| Method | ssh_IGNORE | Called when we receieve a MSG_IGNORE message. No payload. This means nothing; we simply return. |
| Method | ssh_UNIMPLEMENTED | Called when we receieve a MSG_UNIMPLEMENTED message. Payload:: long packet |
| Method | ssh_DEBUG | No summary |
| Method | setService | Set our service to service and start it running. If we were running a service previously, stop it first. |
| Method | sendDebug | Send a debug message to the other side. |
| Method | sendIgnore | Send a message that will be ignored by the other side. This is useful to fool attacks based on guessing packet sizes in the encrypted stream. |
| Method | sendUnimplemented | Send a message to the other side that the last packet was not understood. |
| Method | sendDisconnect | Send a disconnect message to the other side and then disconnect. |
| Method | isEncrypted | Return True if the connection is encrypted in the given direction. Direction must be one of ["out", "in", "both"]. |
| Method | isVerified | Return True if the connecction is verified/authenticated in the given direction. Direction must be one of ["out", "in", "both"]. |
| Method | loseConnection | Lose the connection to the other side, sending a DISCONNECT_CONNECTION_LOST message. |
| Method | receiveError | Called when we receive a disconnect error message from the other side. |
| Method | receiveUnimplemented | Called when we receive an unimplemented packet message from the other side. |
| Method | receiveDebug | Called when we receive a debug message from the other side. |
| Method | _allowedKeyExchangeMessageType | Determine if the given message type may be sent while key exchange is in progress. |
| Method | _unsupportedVersionReceived | Called when an unsupported version of the ssh protocol is received from the remote endpoint. |
| Method | _getKey | Get one of the keys for authentication/encryption. |
| Method | _newKeys | No summary |
Inherited from Protocol (via SSHTransportBase):
| Method | logPrefix | Return a prefix matching the class name, to identify log messages related to this protocol instance. |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
| Method | makeConnection | Make a connection to a transport and a server. |
Like the handler for KEXDH_INIT, this message type has an
overlapping value. This method is called from
ssh_KEX_DH_GEX_GROUP if that method detects a
diffie-hellman-group1-sha1 key exchange is in progress.
Payload:
string serverHostKey integer f (server Diffie-Hellman public key) string signature
We verify the host key by calling verifyHostKey, then continue in _continueKEXDH_REPLY.
If the key exchange is diffie-hellman-group-exchange-sha1, this is MSG_KEX_DH_GEX_GROUP. Payload:
string g (group generator) string p (group prime)
We generate a Diffie-Hellman public key and send it in a MSG_KEX_DH_GEX_INIT message.
| Parameters | pubKey | the public key blob for the server's public key.
(type: str
) |
| f | the server's Diffie-Hellman public key.
(type: long
) | |
| signature | the server's signature, verifying that it has the correct private key.
(type: str
) |
string server host key integer f (server DH public key)
We verify the host key by calling verifyHostKey, then continue in _continueGEX_REPLY.
| Parameters | pubKey | the public key blob for the server's public key.
(type: str
) |
| f | the server's Diffie-Hellman public key.
(type: long
) | |
| signature | the server's signature, verifying that it has the correct private key.
(type: str
) |
string service name
Start the service we requested.
| Parameters | instance | (type: subclass of twisted.conch.ssh.service.SSHService
) |
| Parameters | hostKey | (type: str
) |
| fingerprint | (type: str
) | |
| Returns | (type: twisted.internet.defer.Deferred
) | |