twisted.conch.ssh.transport.SSHServerTransport(SSHTransportBase) class documentationtwisted.conch.ssh.transport
View Source
(View In Hierarchy)
SSHServerTransport implements the server side of the SSH protocol.
| Instance Variable | isClient | since we are never the client, this is always False. |
| Instance Variable | ignoreNextPacket | if True, ignore the next key exchange packet. This is set when the client sends a guessed key exchange packet but with an incorrect guess. |
| Instance Variable | dhGexRequest | the KEX_DH_GEX_REQUEST(_OLD) that the client sent. The key generation needs this to be stored. |
| Instance Variable | g | the Diffie-Hellman group generator. |
| Instance Variable | p | the Diffie-Hellman group prime. |
| Method | ssh_KEXINIT | No summary |
| Method | ssh_KEX_DH_GEX_REQUEST_OLD | No summary |
| Method | ssh_KEX_DH_GEX_REQUEST | No summary |
| Method | ssh_KEX_DH_GEX_INIT | Called when we get a MSG_KEX_DH_GEX_INIT message. Payload:: integer e (client DH public key) |
| Method | ssh_NEWKEYS | Called when we get a MSG_NEWKEYS message. No payload. When we get this, the keys have been set on both sides, and we start using them to encrypt and authenticate the connection. |
| Method | ssh_SERVICE_REQUEST | Called when we get a MSG_SERVICE_REQUEST message. Payload:: string serviceName |
| Method | _ssh_KEXDH_INIT | Called to handle the beginning of a non-group key exchange. |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
| Method | makeConnection | Make a connection to a transport and a server. |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
| Method | makeConnection | Make a connection to a transport and a server. |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
| Method | makeConnection | Make a connection to a transport and a server. |
Called when we receive a MSG_KEXINIT message. For a description of the packet, see SSHTransportBase.ssh_KEXINIT(). Additionally, this method checks if a guessed key exchange packet was sent. If it was sent, and it guessed incorrectly, the next key exchange packet MUST be ignored.
Called to handle the beginning of a non-group key exchange.
Unlike other message types, this is not dispatched automatically. It is
called from ssh_KEX_DH_GEX_REQUEST_OLD because an extra check
is required to determine if this is really a KEXDH_INIT message or if it is
a KEX_DH_GEX_REQUEST_OLD message.
The KEXDH_INIT payload:
integer e (the client's Diffie-Hellman public key)
We send the KEXDH_REPLY with our host key and signature.
This represents different key exchange methods that share the same
integer value. If the message is determined to be a KEXDH_INIT,
_ssh_KEXDH_INIT is called to handle it. Otherwise, for
KEX_DH_GEX_REQUEST_OLD payload:
integer ideal (ideal size for the Diffie-Hellman prime)
We send the KEX_DH_GEX_GROUP message with the group that is
closest in size to ideal.
If we were told to ignore the next key exchange packet by ssh_KEXINIT, drop it on the floor and return.
Called when we receive a MSG_KEX_DH_GEX_REQUEST message. Payload:
integer minimum integer ideal integer maximum
The client is asking for a Diffie-Hellman group between minimum and maximum size, and close to ideal if possible. We reply with a MSG_KEX_DH_GEX_GROUP message.
If we were told to ignore the next key exchange packet by ssh_KEXINIT, drop it on the floor and return.
Called when we get a MSG_KEX_DH_GEX_INIT message. Payload:
integer e (client DH public key)
We send the MSG_KEX_DH_GEX_REPLY message with our host key and signature.
Called when we get a MSG_NEWKEYS message. No payload. When we get this, the keys have been set on both sides, and we start using them to encrypt and authenticate the connection.
Called when we get a MSG_SERVICE_REQUEST message. Payload:
string serviceName
The client has requested a service. If we can start the service, start it; otherwise, disconnect with DISCONNECT_SERVICE_NOT_AVAILABLE.