| Instance Variable |
protocolVersion |
A string representing the version of the SSH protocol we support.
Currently defaults to '2.0'. |
| Instance Variable |
version |
A string representing the version of the server or client. Currently
defaults to 'Twisted'. |
| Instance Variable |
comment |
An optional string giving more information about the server or client. |
| Instance Variable |
supportedCiphers |
A list of strings representing the encryption algorithms supported, in
order from most-preferred to least. |
| Instance Variable |
supportedMACs |
A list of strings representing the message authentication codes (hashes)
supported, in order from most-preferred to least. Both this and
supportedCiphers can include 'none' to use no encryption or authentication,
but that must be done manually, |
| Instance Variable |
supportedKeyExchanges |
A list of strings representing the key exchanges supported, in order from
most-preferred to least. |
| Instance Variable |
supportedPublicKeys |
A list of strings representing the public key types supported, in order
from most-preferred to least. |
| Instance Variable |
supportedCompressions |
A list of strings representing compression types supported, from
most-preferred to least. |
| Instance Variable |
supportedLanguages |
A list of strings representing languages supported, from most-preferred to
least. |
| Instance Variable |
supportedVersions |
A container of strings representing supported ssh protocol version numbers. |
| Instance Variable |
gotVersion |
A boolean indicating whether we have received the version string from the
other side. |
| Instance Variable |
buf |
Data we've received but hasn't been parsed into a packet. |
| Instance Variable |
outgoingPacketSequence |
the sequence number of the next packet we will send. |
| Instance Variable |
incomingPacketSequence |
the sequence number of the next packet we are expecting from the other
side. |
| Instance Variable |
outgoingCompression |
an object supporting the .compress(str) and .flush() methods, or None if
there is no outgoing compression. Used to compress outgoing data. |
| Instance Variable |
outgoingCompressionType |
A string representing the outgoing compression type. |
| Instance Variable |
incomingCompression |
an object supporting the .decompress(str) method, or None if there is no
incoming compression. Used to decompress incoming data. |
| Instance Variable |
incomingCompressionType |
A string representing the incoming compression type. |
| Instance Variable |
ourVersionString |
the version string that we sent to the other side. Used in the key
exchange. |
| Instance Variable |
otherVersionString |
the version string sent by the other side. Used in the key exchange. |
| Instance Variable |
ourKexInitPayload |
the MSG_KEXINIT payload we sent. Used in the key exchange. |
| Instance Variable |
otherKexInitPayload |
the MSG_KEXINIT payload we received. Used in the key exchange |
| Instance Variable |
sessionID |
a string that is unique to this SSH session. Created as part of the key
exchange, sessionID is used to generate the various encryption and
authentication keys. |
| Instance Variable |
service |
an SSHService instance, or None. If it's set to an object, it's the
currently running service. |
| Instance Variable |
kexAlg 0 |
the agreed-upon key exchange algorithm. |
| Instance Variable |
keyAlg |
the agreed-upon public key type for the key exchange. |
| Instance Variable |
currentEncryptions |
an SSHCiphers instance. It represents the current encryption and
authentication options for the transport. |
| Instance Variable |
nextEncryptions |
an SSHCiphers instance. Held here until the MSG_NEWKEYS messages are
exchanged, when nextEncryptions is transitioned to currentEncryptions. |
| Instance Variable |
first |
the first bytes of the next packet. In order to avoid decrypting data
twice, the first bytes are decrypted and stored until the whole packet is
available. |
| Method |
connectionMade |
Called when the connection is made to the other side. We sent our
version and the MSG_KEXINIT packet. |
| Method |
sendKexInit |
Send a KEXINIT message to initiate key exchange or to respond to
a key exchange initiated by the peer. |
| Method |
sendPacket |
Sends a packet. If it's been set up, compress the data, encrypt it, and
authenticate it before sending. If key exchange is in progress and the
message is not part of key exchange, queue it to be sent later. |
| Method |
getPacket |
Try to return a decrypted, authenticated, and decompressed packet out of
the buffer. If there is not enough data, return None. |
| Method |
dataReceived |
First, check for the version string (SSH-2.0-*). After that has been
received, this method adds data to the buffer, and pulls out any
packets. |
| Method |
dispatchMessage |
Send a received message to the appropriate method. |
| Method |
getPeer |
Returns an SSHTransportAddress
corresponding to the other (peer) side of this transport. |
| Method |
getHost |
Returns an SSHTransportAddress
corresponding to the this side of transport. |
| Method |
kexAlg 1 |
The key exchange algorithm name agreed between client and server. |
| Method |
kexAlg |
Set the key exchange algorithm name. |
| Method |
ssh_DISCONNECT |
Called when we receive a MSG_DISCONNECT message. Payload:: long code
string description |
| Method |
ssh_IGNORE |
Called when we receive a MSG_IGNORE message. No payload. This means
nothing; we simply return. |
| Method |
ssh_UNIMPLEMENTED |
Called when we receive a MSG_UNIMPLEMENTED message. Payload:: long
packet |
| Method |
ssh_DEBUG |
No summary |
| Method |
setService |
Set our service to service and start it running. If we were running a
service previously, stop it first. |
| Method |
sendDebug |
Send a debug message to the other side. |
| Method |
sendIgnore |
Send a message that will be ignored by the other side. This is useful
to fool attacks based on guessing packet sizes in the encrypted stream. |
| Method |
sendUnimplemented |
Send a message to the other side that the last packet was not
understood. |
| Method |
sendDisconnect |
Send a disconnect message to the other side and then disconnect. |
| Method |
isEncrypted |
Check if the connection is encrypted in the given direction. |
| Method |
isVerified |
Check if the connection is verified/authentication in the given
direction. |
| Method |
loseConnection |
Lose the connection to the other side, sending a
DISCONNECT_CONNECTION_LOST message. |
| Method |
receiveError |
Called when we receive a disconnect error message from the other
side. |
| Method |
receiveUnimplemented |
Called when we receive an unimplemented packet message from the other
side. |
| Method |
receiveDebug |
Called when we receive a debug message from the other side. |
| Instance Variable |
_keyExchangeState |
The current protocol state with respect to key exchange. This is either
_KEY_EXCHANGE_NONE if no key exchange is in progress (and
returns to this value after any key exchange completqes),
_KEY_EXCHANGE_REQUESTED if this side of the connection
initiated a key exchange, and _KEY_EXCHANGE_PROGRESSING if the
other side of the connection initiated a key exchange.
_KEY_EXCHANGE_NONE is the initial value (however SSH
connections begin with key exchange, so it will quickly change to another
state). |
| Instance Variable |
_blockedByKeyExchange |
Whenever _keyExchangeState is not
_KEY_EXCHANGE_NONE, this is a list of pending
messages which were passed to sendPacket
but could not be sent because it is not legal to send them while a key
exchange is in progress. When the key exchange completes, another attempt
is made to send these messages. |
| Method |
_allowedKeyExchangeMessageType |
Determine if the given message type may be sent while key exchange is in
progress. |
| Method |
_unsupportedVersionReceived |
Called when an unsupported version of the ssh protocol is received from
the remote endpoint. |
| Method |
_startEphemeralDH |
Prepares for a Diffie-Hellman key agreement exchange. |
| Method |
_finishEphemeralDH |
Completes the Diffie-Hellman key agreement started by _startEphemeralDH,
and forgets the ephemeral secret key. |
| Method |
_getKey |
Get one of the keys for authentication/encryption. |
| Method |
_keySetup |
Set up the keys for the connection and sends MSG_NEWKEYS when
finished, |
| Method |
_newKeys |
No summary |
| Method |
_generateECPrivateKey |
Generate an private key for ECDH key exchange. |
| Method |
_encodeECPublicKey |
Encode an elliptic curve public key to bytes. |
| Method |
_generateECSharedSecret |
Generate a shared secret for ECDH key exchange. |