|A string representing the version of the SSH protocol we support.
Currently defaults to '2.0'.
|A string representing the version of the server or client. Currently
defaults to 'Twisted'.
|An optional string giving more information about the server or client.
|A list of strings representing the encryption algorithms supported, in
order from most-preferred to least.
|A list of strings representing the message authentication codes (hashes)
supported, in order from most-preferred to least. Both this and
supportedCiphers can include 'none' to use no encryption or authentication,
but that must be done manually,
|A list of strings representing the key exchanges supported, in order from
most-preferred to least.
|A list of strings representing the public key types supported, in order
from most-preferred to least.
|A list of strings representing compression types supported, from
most-preferred to least.
|A list of strings representing languages supported, from most-preferred to
|A container of strings representing supported ssh protocol version numbers.
|A boolean indicating whether this is a client or server.
|A boolean indicating whether we have receieved the version string from the
|Data we've received but hasn't been parsed into a packet.
|the sequence number of the next packet we will send.
|the sequence number of the next packet we are expecting from the other
|an object supporting the .compress(str) and .flush() methods, or None if
there is no outgoing compression. Used to compress outgoing data.
|A string representing the outgoing compression type.
|an object supporting the .decompress(str) method, or None if there is no
incoming compression. Used to decompress incoming data.
|A string representing the incoming compression type.
|the version string that we sent to the other side. Used in the key
|the version string sent by the other side. Used in the key exchange.
|the MSG_KEXINIT payload we sent. Used in the key exchange.
|the MSG_KEXINIT payload we received. Used in the key exchange
|a string that is unique to this SSH session. Created as part of the key
exchange, sessionID is used to generate the various encryption and
|an SSHService instance, or None. If it's set to an object, it's the
currently running service.
|the agreed-upon key exchange algorithm.
|the agreed-upon public key type for the key exchange.
|an SSHCiphers instance. It represents the current encryption and
authentication options for the transport.
|an SSHCiphers instance. Held here until the MSG_NEWKEYS messages are
exchanged, when nextEncryptions is transitioned to currentEncryptions.
|the first bytes of the next packet. In order to avoid decrypting data
twice, the first bytes are decrypted and stored until the whole packet is
|Called when the connection is shut down.
|Called when the connection is made to the other side. We sent our
version and the MSG_KEXINIT packet.
|Send a KEXINIT message to initiate key exchange or to respond to
a key exchange initiated by the peer.
|Sends a packet. If it's been set up, compress the data, encrypt it, and
authenticate it before sending. If key exchange is in progress and the
message is not part of key exchange, queue it to be sent later.
|Try to return a decrypted, authenticated, and decompressed packet out of
the buffer. If there is not enough data, return None.
|First, check for the version string (SSH-2.0-*). After that has been
received, this method adds data to the buffer, and pulls out any
|Send a received message to the appropriate method.
corresponding to the other (peer) side of this transport.
corresponding to the this side of transport.
|Called when we receive a MSG_DISCONNECT message. Payload:: long code
|Called when we receieve a MSG_IGNORE message. No payload. This means
nothing; we simply return.
|Called when we receieve a MSG_UNIMPLEMENTED message. Payload:: long
|Set our service to service and start it running. If we were running a
service previously, stop it first.
|Send a debug message to the other side.
|Send a message that will be ignored by the other side. This is useful
to fool attacks based on guessing packet sizes in the encrypted stream.
|Send a message to the other side that the last packet was not
|Send a disconnect message to the other side and then disconnect.
|Return True if the connection is encrypted in the given direction.
Direction must be one of ["out", "in",
|Return True if the connecction is verified/authenticated in the given
direction. Direction must be one of ["out", "in",
|Lose the connection to the other side, sending a
|Called when we receive a disconnect error message from the other
|Called when we receive an unimplemented packet message from the other
|Called when we receive a debug message from the other side.
|The current protocol state with respect to key exchange. This is either
_KEY_EXCHANGE_NONE if no key exchange is in progress (and
returns to this value after any key exchange completqes),
_KEY_EXCHANGE_REQUESTED if this side of the connection
initiated a key exchange, and
_KEY_EXCHANGE_PROGRESSING if the
other side of the connection initiated a key exchange.
_KEY_EXCHANGE_NONE is the initial value (however SSH
connections begin with key exchange, so it will quickly change to another
_keyExchangeState is not
_KEY_EXCHANGE_NONE, this is a
list of pending
messages which were passed to
but could not be sent because it is not legal to send them while a key
exchange is in progress. When the key exchange completes, another attempt
is made to send these messages.
|Determine if the given message type may be sent while key exchange is in
|Called when an unsupported version of the ssh protocol is received from
the remote endpoint.
|Get one of the keys for authentication/encryption.
|Set up the keys for the connection and sends MSG_NEWKEYS when