SSHServerTransport implements the server side of the SSH protocol.

Instance Variable isClient since we are never the client, this is always False.
Instance Variable ignoreNextPacket if True, ignore the next key exchange packet. This is set when the client sends a guessed key exchange packet but with an incorrect guess.
Instance Variable dhGexRequest the KEX_DH_GEX_REQUEST(_OLD) that the client sent. The key generation needs this to be stored.
Instance Variable g the Diffie-Hellman group generator.
Instance Variable p the Diffie-Hellman group prime.
Method ssh_KEXINIT No summary
Method ssh_KEX_DH_GEX_REQUEST_OLD No summary
Method ssh_KEX_DH_GEX_REQUEST No summary
Method ssh_KEX_DH_GEX_INIT Called when we get a MSG_KEX_DH_GEX_INIT message. Payload:: integer e (client DH public key)
Method ssh_NEWKEYS Called when we get a MSG_NEWKEYS message. No payload. When we get this, the keys have been set on both sides, and we start using them to encrypt and authenticate the connection.
Method ssh_SERVICE_REQUEST Called when we get a MSG_SERVICE_REQUEST message. Payload:: string serviceName
Method _ssh_KEX_ECDH_INIT Called from ssh_KEX_DH_GEX_REQUEST_OLD to handle elliptic curve key exchanges.
Method _ssh_KEXDH_INIT Called to handle the beginning of a non-group key exchange.

Inherited from BaseProtocol (via SSHTransportBase, Protocol):

Method makeConnection Make a connection to a transport and a server.

Inherited from BaseProtocol (via SSHTransportBase, Protocol):

Method makeConnection Make a connection to a transport and a server.

Inherited from BaseProtocol (via SSHTransportBase, Protocol):

Method makeConnection Make a connection to a transport and a server.
isClient =
since we are never the client, this is always False.
ignoreNextPacket =
if True, ignore the next key exchange packet. This is set when the client sends a guessed key exchange packet but with an incorrect guess.
dhGexRequest =
the KEX_DH_GEX_REQUEST(_OLD) that the client sent. The key generation needs this to be stored.
g =
the Diffie-Hellman group generator.
p =
the Diffie-Hellman group prime.
def ssh_KEXINIT(self, packet): (source)

Called when we receive a MSG_KEXINIT message. For a description of the packet, see SSHTransportBase.ssh_KEXINIT(). Additionally, this method checks if a guessed key exchange packet was sent. If it was sent, and it guessed incorrectly, the next key exchange packet MUST be ignored.

def _ssh_KEX_ECDH_INIT(self, packet): (source)

Called from ssh_KEX_DH_GEX_REQUEST_OLD to handle elliptic curve key exchanges.

Payload:

   string client Elliptic Curve Diffie-Hellman public key

Just like _ssh_KEXDH_INIT this message type is also not dispatched directly. Extra check to determine if this is really KEX_ECDH_INIT is required.

First we load the host's public/private keys. Then we generate the ECDH public/private keypair for the given curve. With that we generate the shared secret key. Then we compute the hash to sign and send back to the client Along with the server's public key and the ECDH public key.

ParameterspacketThe message data. (type: bytes)
ReturnsNone.
def _ssh_KEXDH_INIT(self, packet): (source)

Called to handle the beginning of a non-group key exchange.

Unlike other message types, this is not dispatched automatically. It is called from ssh_KEX_DH_GEX_REQUEST_OLD because an extra check is required to determine if this is really a KEXDH_INIT message or if it is a KEX_DH_GEX_REQUEST_OLD message.

The KEXDH_INIT payload:

       integer e (the client's Diffie-Hellman public key)

We send the KEXDH_REPLY with our host key and signature.

ParameterspacketThe message data. (type: bytes)
def ssh_KEX_DH_GEX_REQUEST_OLD(self, packet): (source)

This represents different key exchange methods that share the same integer value. If the message is determined to be a KEXDH_INIT, _ssh_KEXDH_INIT is called to handle it. If it is a KEX_ECDH_INIT, _ssh_KEX_ECDH_INIT is called. Otherwise, for KEX_DH_GEX_REQUEST_OLD payload:

       integer ideal (ideal size for the Diffie-Hellman prime)

   We send the KEX_DH_GEX_GROUP message with the group that is
   closest in size to ideal.

If we were told to ignore the next key exchange packet by ssh_KEXINIT, drop it on the floor and return.

ParameterspacketThe message data. (type: bytes)
def ssh_KEX_DH_GEX_REQUEST(self, packet): (source)

Called when we receive a MSG_KEX_DH_GEX_REQUEST message. Payload:

   integer minimum
   integer ideal
   integer maximum

The client is asking for a Diffie-Hellman group between minimum and maximum size, and close to ideal if possible. We reply with a MSG_KEX_DH_GEX_GROUP message.

If we were told to ignore the next key exchange packet by ssh_KEXINIT, drop it on the floor and return.

ParameterspacketThe message data. (type: bytes)
def ssh_KEX_DH_GEX_INIT(self, packet): (source)

Called when we get a MSG_KEX_DH_GEX_INIT message. Payload:

   integer e (client DH public key)

We send the MSG_KEX_DH_GEX_REPLY message with our host key and signature.

ParameterspacketThe message data. (type: bytes)
def ssh_NEWKEYS(self, packet): (source)

Called when we get a MSG_NEWKEYS message. No payload. When we get this, the keys have been set on both sides, and we start using them to encrypt and authenticate the connection.

ParameterspacketThe message data. (type: bytes)
def ssh_SERVICE_REQUEST(self, packet): (source)

Called when we get a MSG_SERVICE_REQUEST message. Payload:

   string serviceName

The client has requested a service. If we can start the service, start it; otherwise, disconnect with DISCONNECT_SERVICE_NOT_AVAILABLE.

ParameterspacketThe message data. (type: bytes)
API Documentation for Twisted, generated by pydoctor at 2019-08-06 12:10:50.