Part of twisted.conch.ssh.userauth View Source View In Hierarchy
|Instance Variables||name||the name of this service: 'ssh-userauth'
|authenticatedWith||a list of authentication methods that have already been used.
|loginTimeout||the number of seconds we wait before disconnecting the user for taking
too long to authenticate
|attemptsBeforeDisconnect||the number of failed login attempts we allow before disconnecting.
|loginAttempts||the number of login attempts that have been made
|passwordDelay||the number of seconds to delay when the user gives an incorrect
|supportedAuthentications||A list of the supported authentication methods.
|user||the last username the client tried to authenticate with
|method||the current authentication method
|nextService||the service the user wants started after authentication has been
|clock||an object with a callLater method. Stubbed out for testing.|
|Method||serviceStopped||Called when the userauth service is stopped. Cancel the login timeout if it's still going.|
|Method||timeoutAuthentication||Called when the user has timed out on authentication. Disconnect with a DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE message.|
|Method||tryAuth||Try to authenticate the user with the given method. Dispatches to a auth_* method.|
|Method||auth_password||Password authentication. Payload:: string password|
|Method||auth_keyboard_interactive||Keyboard interactive authentication. No payload. We create a PluggableAuthenticationModules credential and authenticate with our portal.|
|Method||_cbFinishedAuth||The callback when user has successfully been authenticated. For a
description of the arguments, see
|Method||_ebMaybeBadAuth||An intermediate errback. If the reason is error.NotEnoughAuthentication, we send a MSG_USERAUTH_FAILURE, but with the partial success indicator set.|
|Method||_ebCheckKey||Called back if the user did not sent a signature. If reason is error.ValidPublicKey then this key is valid for the user to authenticate with. Send MSG_USERAUTH_PK_OK.|
|Method||_ebPassword||If the password is invalid, wait before sending the failure in order to delay brute-force password guessing.|
|Method||_pamConv||Convert a list of PAM authentication questions into a MSG_USERAUTH_INFO_REQUEST. Returns a Deferred that will be called back when the user has responses to the questions.|
Inherited from SSHService:
|Method||logPrefix||Override this method to insert custom logging behavior. Its return value will be inserted in front of every line. It may be called more times than the number of output lines.|
|Method||packetReceived||called when we receive a packet on the transport|
|Parameters||kind||the authentication method to try.
|user||the username the client is authenticating with.
|data||authentication specific data sent by the client.
|Returns||A Deferred called back if the method succeeded, or erred back if it
string user string next service string method <authentication specific data>
|Parameters||packet|| (type: |
twisted.cred.portal.Portal.login. We start the service requested by the user.
|Parameters||reason|| (type: |
|Parameters||reason|| (type: |
byte has signature string algorithm name string key blob [string signature] (if has signature is True)Create a SSHPublicKey credential and verify it using our portal.
string passwordMake a UsernamePassword credential and verify it with our portal.
|Parameters||items||a list of 2-tuples (message, kind). We only care about kinds 1
(password) and 2 (text).
|Returns|| (type: |
uint32 numer of responses string response 1 ... string response n