Known subclasses: twisted.conch.client.direct.SSHClientTransport, twisted.conch.endpoints._CommandTransport, twisted.conch.scripts.tkconch.SSHClientTransport

SSHClientTransport implements the client side of the SSH protocol.

Instance Variable isClient since we are always the client, this is always True.
Instance Variable x our Diffie-Hellman private key.
Instance Variable e our Diffie-Hellman public key.
Instance Variable g the Diffie-Hellman group generator.
Instance Variable p the Diffie-Hellman group prime
Instance Variable instance the SSHService object we are requesting.
Method connectionMade Called when the connection is started with the server. Just sets up a private instance variable.
Method ssh_KEXINIT Called when we receive a MSG_KEXINIT message. For a description of the packet, see SSHTransportBase.ssh_KEXINIT(). Additionally, this method sends the first key exchange packet.
Method ssh_KEX_DH_GEX_GROUP This handles different messages which share an integer value.
Method ssh_KEX_DH_GEX_REPLY Called when we receive a MSG_KEX_DH_GEX_REPLY message. Payload:: string server host key integer f (server DH public key)
Method ssh_NEWKEYS Called when we receive a MSG_NEWKEYS message. No payload. If we've finished setting up our own keys, start using them. Otherwise, remember that we've received this message.
Method ssh_SERVICE_ACCEPT Called when we receive a MSG_SERVICE_ACCEPT message. Payload:: string service name
Method requestService Request that a service be run over this transport.
Method verifyHostKey Returns a Deferred that gets a callback if it is a valid key, or an errback if not.
Method connectionSecure Called when the encryption has been set up. Generally, requestService() is called to run another service over the transport.
Instance Variable _gotNewKeys if we receive a MSG_NEWKEYS message before we are ready to transition to the new keys, this is set to True so we can transition when the keys are ready locally.
Instance Variable _dhMinimalGroupSize Minimal acceptable group size advertised by the client in MSG_KEX_DH_GEX_REQUEST. (type: int)
Instance Variable _dhMaximalGroupSize Maximal acceptable group size advertised by the client in MSG_KEX_DH_GEX_REQUEST. (type: int)
Instance Variable _dhPreferredGroupSize Preferred group size advertised by the client in MSG_KEX_DH_GEX_REQUEST. (type: int)
Method _ssh_KEX_ECDH_REPLY Called to handle a reply to a ECDH exchange message(KEX_ECDH_INIT).
Method _ssh_KEXDH_REPLY Called to handle a reply to a non-group key exchange message (KEXDH_INIT).
Method _continueKEXDH_REPLY The host key has been verified, so we generate the keys.
Method _continueGEX_REPLY The host key has been verified, so we generate the keys.
Method _keySetup See SSHTransportBase._keySetup().

Inherited from BaseProtocol (via SSHTransportBase, Protocol):

Method makeConnection Make a connection to a transport and a server.

Inherited from BaseProtocol (via SSHTransportBase, Protocol):

Method makeConnection Make a connection to a transport and a server.

Inherited from BaseProtocol (via SSHTransportBase, Protocol):

Method makeConnection Make a connection to a transport and a server.
isClient =
since we are always the client, this is always True.
_gotNewKeys =
if we receive a MSG_NEWKEYS message before we are ready to transition to the new keys, this is set to True so we can transition when the keys are ready locally.
x =
our Diffie-Hellman private key.
e =
our Diffie-Hellman public key.
g =
the Diffie-Hellman group generator.
p =
the Diffie-Hellman group prime
instance =
the SSHService object we are requesting.
_dhMinimalGroupSize =
Minimal acceptable group size advertised by the client in MSG_KEX_DH_GEX_REQUEST. (type: int)
_dhMaximalGroupSize =
Maximal acceptable group size advertised by the client in MSG_KEX_DH_GEX_REQUEST. (type: int)
_dhPreferredGroupSize =
Preferred group size advertised by the client in MSG_KEX_DH_GEX_REQUEST. (type: int)
def connectionMade(self): (source)

Called when the connection is started with the server. Just sets up a private instance variable.

def ssh_KEXINIT(self, packet): (source)

Called when we receive a MSG_KEXINIT message. For a description of the packet, see SSHTransportBase.ssh_KEXINIT(). Additionally, this method sends the first key exchange packet.

If the agreed-upon exchange is ECDH, generate a key pair for the corresponding curve and send the public key.

If the agreed-upon exchange has a fixed prime/generator group, generate a public key and send it in a MSG_KEXDH_INIT message. Otherwise, ask for a 2048 bit group with a MSG_KEX_DH_GEX_REQUEST message.

def _ssh_KEX_ECDH_REPLY(self, packet): (source)

Called to handle a reply to a ECDH exchange message(KEX_ECDH_INIT).

Like the handler for KEXDH_INIT, this message type has an overlapping value. This method is called from ssh_KEX_DH_GEX_GROUP if that method detects a non-group key exchange is in progress.

Payload:

   string serverHostKey
   string server Elliptic Curve Diffie-Hellman public key
   string signature

We verify the host key and continue if it passes verificiation. Otherwise raise an exception and return.

ParameterspacketThe message data. (type: bytes)
ReturnsA deferred firing when key exchange is complete.
def _ssh_KEXDH_REPLY(self, packet): (source)

Called to handle a reply to a non-group key exchange message (KEXDH_INIT).

Like the handler for KEXDH_INIT, this message type has an overlapping value. This method is called from ssh_KEX_DH_GEX_GROUP if that method detects a non-group key exchange is in progress.

Payload:

   string serverHostKey
   integer f (server Diffie-Hellman public key)
   string signature

We verify the host key by calling verifyHostKey, then continue in _continueKEXDH_REPLY.

ParameterspacketThe message data. (type: bytes)
ReturnsA deferred firing when key exchange is complete.
def ssh_KEX_DH_GEX_GROUP(self, packet): (source)

This handles different messages which share an integer value.

If the key exchange does not have a fixed prime/generator group, we generate a Diffie-Hellman public key and send it in a MSG_KEX_DH_GEX_INIT message.

Payload:

   string g (group generator)
   string p (group prime)
ParameterspacketThe message data. (type: bytes)
def _continueKEXDH_REPLY(self, ignored, pubKey, f, signature): (source)

The host key has been verified, so we generate the keys.

ParametersignoredIgnored.
pubKeythe public key blob for the server's public key. (type: str)
fthe server's Diffie-Hellman public key. (type: long)
signaturethe server's signature, verifying that it has the correct private key. (type: str)
def ssh_KEX_DH_GEX_REPLY(self, packet): (source)

Called when we receive a MSG_KEX_DH_GEX_REPLY message. Payload:

   string server host key
   integer f (server DH public key)

We verify the host key by calling verifyHostKey, then continue in _continueGEX_REPLY.

ParameterspacketThe message data. (type: bytes)
ReturnsA deferred firing once key exchange is complete.
def _continueGEX_REPLY(self, ignored, pubKey, f, signature): (source)

The host key has been verified, so we generate the keys.

ParametersignoredIgnored.
pubKeythe public key blob for the server's public key. (type: str)
fthe server's Diffie-Hellman public key. (type: long)
signaturethe server's signature, verifying that it has the correct private key. (type: str)
def _keySetup(self, sharedSecret, exchangeHash): (source)

See SSHTransportBase._keySetup().

def ssh_NEWKEYS(self, packet): (source)

Called when we receive a MSG_NEWKEYS message. No payload. If we've finished setting up our own keys, start using them. Otherwise, remember that we've received this message.

ParameterspacketThe message data. (type: bytes)
def ssh_SERVICE_ACCEPT(self, packet): (source)

Called when we receive a MSG_SERVICE_ACCEPT message. Payload:

   string service name

Start the service we requested.

ParameterspacketThe message data. (type: bytes)
def requestService(self, instance): (source)

Request that a service be run over this transport.

ParametersinstanceThe service to run. (type: subclass of twisted.conch.ssh.service.SSHService)
def verifyHostKey(self, hostKey, fingerprint): (source)

Returns a Deferred that gets a callback if it is a valid key, or an errback if not.

ParametershostKeyThe host key to verify. (type: bytes)
fingerprintThe fingerprint of the key. (type: bytes)
ReturnsA deferred firing with True if the key is valid.
def connectionSecure(self): (source)

Called when the encryption has been set up. Generally, requestService() is called to run another service over the transport.

API Documentation for Twisted, generated by pydoctor at 2017-02-11 20:06:04.