twisted.conch.ssh.transport.SSHServerTransport(SSHTransportBase) class documentationtwisted.conch.ssh.transport
View Source
(View In Hierarchy)
SSHServerTransport implements the server side of the SSH protocol.
| Instance Variable | isClient | since we are never the client, this is always False. |
| Instance Variable | ignoreNextPacket | if True, ignore the next key exchange packet. This is set when the client sends a guessed key exchange packet but with an incorrect guess. |
| Instance Variable | dhGexRequest | the KEX_DH_GEX_REQUEST(_OLD) that the client sent. The key generation needs this to be stored. |
| Instance Variable | g | the Diffie-Hellman group generator. |
| Instance Variable | p | the Diffie-Hellman group prime. |
| Method | ssh_KEXINIT | No summary |
| Method | ssh_KEX_DH_GEX_REQUEST_OLD | No summary |
| Method | ssh_KEX_DH_GEX_REQUEST | No summary |
| Method | ssh_KEX_DH_GEX_INIT | Called when we get a MSG_KEX_DH_GEX_INIT message. Payload:: integer e (client DH public key) |
| Method | ssh_NEWKEYS | Called when we get a MSG_NEWKEYS message. No payload. When we get this, the keys have been set on both sides, and we start using them to encrypt and authenticate the connection. |
| Method | ssh_SERVICE_REQUEST | Called when we get a MSG_SERVICE_REQUEST message. Payload:: string serviceName |
| Method | _ssh_KEXDH_INIT | Called to handle the beginning of a non-group key exchange. |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
| Method | makeConnection | Make a connection to a transport and a server. |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
| Method | makeConnection | Make a connection to a transport and a server. |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
| Method | makeConnection | Make a connection to a transport and a server. |
Called when we receive a MSG_KEXINIT message. For a description of the packet, see SSHTransportBase.ssh_KEXINIT(). Additionally, this method checks if a guessed key exchange packet was sent. If it was sent, and it guessed incorrectly, the next key exchange packet MUST be ignored.
Called to handle the beginning of a non-group key exchange.
Unlike other message types, this is not dispatched automatically. It is
called from ssh_KEX_DH_GEX_REQUEST_OLD because an extra check
is required to determine if this is really a KEXDH_INIT message or if it is
a KEX_DH_GEX_REQUEST_OLD message.
The KEXDH_INIT payload:
integer e (the client's Diffie-Hellman public key)
We send the KEXDH_REPLY with our host key and signature.
| Parameters | packet | The message data. (type: bytes) |
This represents different key exchange methods that share the same
integer value. If the message is determined to be a KEXDH_INIT,
_ssh_KEXDH_INIT is called to handle it. Otherwise, for
KEX_DH_GEX_REQUEST_OLD payload:
integer ideal (ideal size for the Diffie-Hellman prime)
We send the KEX_DH_GEX_GROUP message with the group that is
closest in size to ideal.
If we were told to ignore the next key exchange packet by ssh_KEXINIT, drop it on the floor and return.
| Parameters | packet | The message data. (type: bytes) |
Called when we receive a MSG_KEX_DH_GEX_REQUEST message. Payload:
integer minimum integer ideal integer maximum
The client is asking for a Diffie-Hellman group between minimum and maximum size, and close to ideal if possible. We reply with a MSG_KEX_DH_GEX_GROUP message.
If we were told to ignore the next key exchange packet by ssh_KEXINIT, drop it on the floor and return.
| Parameters | packet | The message data. (type: bytes) |
Called when we get a MSG_KEX_DH_GEX_INIT message. Payload:
integer e (client DH public key)
We send the MSG_KEX_DH_GEX_REPLY message with our host key and signature.
| Parameters | packet | The message data. (type: bytes) |
Called when we get a MSG_NEWKEYS message. No payload. When we get this, the keys have been set on both sides, and we start using them to encrypt and authenticate the connection.
| Parameters | packet | The message data. (type: bytes) |
Called when we get a MSG_SERVICE_REQUEST message. Payload:
string serviceName
The client has requested a service. If we can start the service, start it; otherwise, disconnect with DISCONNECT_SERVICE_NOT_AVAILABLE.
| Parameters | packet | The message data. (type: bytes) |