twisted.conch.ssh.transport.SSHClientTransport(SSHTransportBase)
class documentationtwisted.conch.ssh.transport
View Source
(View In Hierarchy)
Known subclasses: twisted.conch.client.direct.SSHClientTransport, twisted.conch.endpoints._CommandTransport, twisted.conch.scripts.tkconch.SSHClientTransport
SSHClientTransport implements the client side of the SSH protocol.
Instance Variable | isClient | since we are always the client, this is always True. |
Instance Variable | x | our Diffie-Hellman private key. |
Instance Variable | e | our Diffie-Hellman public key. |
Instance Variable | g | the Diffie-Hellman group generator. |
Instance Variable | p | the Diffie-Hellman group prime |
Instance Variable | instance | the SSHService object we are requesting. |
Method | connectionMade | Called when the connection is started with the server. Just sets up a private instance variable. |
Method | ssh_KEXINIT | Called when we receive a MSG_KEXINIT message. For a description of the packet, see SSHTransportBase.ssh_KEXINIT(). Additionally, this method sends the first key exchange packet. |
Method | ssh_KEX_DH_GEX_GROUP | This handles different messages which share an integer value. |
Method | ssh_KEX_DH_GEX_REPLY | Called when we receive a MSG_KEX_DH_GEX_REPLY message. Payload:: string server host key integer f (server DH public key) |
Method | ssh_NEWKEYS | Called when we receive a MSG_NEWKEYS message. No payload. If we've finished setting up our own keys, start using them. Otherwise, remember that we've received this message. |
Method | ssh_SERVICE_ACCEPT | Called when we receive a MSG_SERVICE_ACCEPT message. Payload:: string service name |
Method | requestService | Request that a service be run over this transport. |
Method | verifyHostKey | Returns a Deferred that gets a callback if it is a valid key, or an errback if not. |
Method | connectionSecure | Called when the encryption has been set up. Generally, requestService() is called to run another service over the transport. |
Instance Variable | _gotNewKeys | if we receive a MSG_NEWKEYS message before we are ready to transition to the new keys, this is set to True so we can transition when the keys are ready locally. |
Instance Variable | _dhMinimalGroupSize | Minimal acceptable group size advertised by the client in MSG_KEX_DH_GEX_REQUEST. (type: int) |
Instance Variable | _dhMaximalGroupSize | Maximal acceptable group size advertised by the client in MSG_KEX_DH_GEX_REQUEST. (type: int) |
Instance Variable | _dhPreferredGroupSize | Preferred group size advertised by the client in MSG_KEX_DH_GEX_REQUEST. (type: int) |
Method | _ssh_KEX_ECDH_REPLY | Called to handle a reply to a ECDH exchange message(KEX_ECDH_INIT). |
Method | _ssh_KEXDH_REPLY | Called to handle a reply to a non-group key exchange message (KEXDH_INIT). |
Method | _continueKEXDH_REPLY | The host key has been verified, so we generate the keys. |
Method | _continueGEX_REPLY | The host key has been verified, so we generate the keys. |
Method | _keySetup | See SSHTransportBase._keySetup(). |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
Method | makeConnection | Make a connection to a transport and a server. |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
Method | makeConnection | Make a connection to a transport and a server. |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
Method | makeConnection | Make a connection to a transport and a server. |
Called when the connection is started with the server. Just sets up a private instance variable.
Called when we receive a MSG_KEXINIT message. For a description of the packet, see SSHTransportBase.ssh_KEXINIT(). Additionally, this method sends the first key exchange packet.
If the agreed-upon exchange is ECDH, generate a key pair for the corresponding curve and send the public key.
If the agreed-upon exchange has a fixed prime/generator group, generate a public key and send it in a MSG_KEXDH_INIT message. Otherwise, ask for a 2048 bit group with a MSG_KEX_DH_GEX_REQUEST message.
Called to handle a reply to a ECDH exchange message(KEX_ECDH_INIT).
Like the handler for KEXDH_INIT, this message type has an
overlapping value. This method is called from
ssh_KEX_DH_GEX_GROUP
if that method detects a non-group key
exchange is in progress.
Payload:
string serverHostKey string server Elliptic Curve Diffie-Hellman public key string signature
We verify the host key and continue if it passes verificiation. Otherwise raise an exception and return.
Parameters | packet | The message data. (type: bytes ) |
Returns | A deferred firing when key exchange is complete. |
Called to handle a reply to a non-group key exchange message (KEXDH_INIT).
Like the handler for KEXDH_INIT, this message type has an
overlapping value. This method is called from
ssh_KEX_DH_GEX_GROUP
if that method detects a non-group key
exchange is in progress.
Payload:
string serverHostKey integer f (server Diffie-Hellman public key) string signature
We verify the host key by calling verifyHostKey, then continue in _continueKEXDH_REPLY.
Parameters | packet | The message data. (type: bytes ) |
Returns | A deferred firing when key exchange is complete. |
This handles different messages which share an integer value.
If the key exchange does not have a fixed prime/generator group, we generate a Diffie-Hellman public key and send it in a MSG_KEX_DH_GEX_INIT message.
Payload:
string g (group generator) string p (group prime)
Parameters | packet | The message data. (type: bytes ) |
Called when we receive a MSG_KEX_DH_GEX_REPLY message. Payload:
string server host key integer f (server DH public key)
We verify the host key by calling verifyHostKey, then continue in _continueGEX_REPLY.
Parameters | packet | The message data. (type: bytes ) |
Returns | A deferred firing once key exchange is complete. |
Called when we receive a MSG_NEWKEYS message. No payload. If we've finished setting up our own keys, start using them. Otherwise, remember that we've received this message.
Parameters | packet | The message data. (type: bytes ) |
Called when we receive a MSG_SERVICE_ACCEPT message. Payload:
string service name
Start the service we requested.
Parameters | packet | The message data. (type: bytes ) |
Request that a service be run over this transport.
Parameters | instance | The service to run. (type: subclass of twisted.conch.ssh.service.SSHService ) |
Called when the encryption has been set up. Generally, requestService() is called to run another service over the transport.