[Twisted-Python] Obtaining connection information for SSH connections

John Santos JOHN at egh.com
Mon Dec 20 17:26:32 EST 2010


Hi, everyone -

I have an application written in Twisted which allows clients to
connect using SSH (any SSH2 client that I've tried works), to send
it commands and to bridge through it to target devices (connected
via telnet on a LAN or via telnet through a terminal server to serial
ports on the target.)  It's sort of a console monitor/logger/remote
access controller for a random bunch of remote equipment.

For the remote access part, I started from the SSH server examples
in the Twisted book, but modified it to use public key authentication
instead of the username/password authentication in the example.

This part works fine.  The application keeps its own key directory;
if a remote user has a <user>.pub file in the key directory, and the
authentication works with that key, then the user gets remote access...

I'm cleaning up a couple of rough edges, and can't find the info
I need...

1) logging/status information:  I would like to grab the remote
host info so I can log connections/connection failures/disconnections
and include the host name and/or IP address.  I would also like to
be able to display the current list of open connections to the server
in a status display.

I know this info has to be there somewhere, but I can't find it.
Spent several days wandering through a twisted maze of little passages,
looking for anything with a working getPeer() method or likely data,
with no luck.  I know it has to be somewhere, because somewhere deep
down underneath there has to be a TCP socket!

One problem is I don't have a good mental picture of how the peices
all fit together to build an SSH connection.  I think part of the
problem is that not all the pieces are there yet as data elements
get added on the fly to various objects (due to the dynamic nature
of Python, which I am still getting used to.)

So I think it would be very valuable to find some documentation
that explains how all the SSH pieces (conn's, avatars, etc.) all
fit together.

2) Similarly, when authenticating a key (in requestAvatarID()
in the PublicKeyCredentialsChecker, it would be useful to see
the remote host name so I could provide different keys for the
same user coming from different hosts.

Most or all SSH2 servers have a mechanism where you can have
a default public key for a given user, and host-specific keys
for that same user.  Typically, stored in a key file or directory
with names (or tags) like <user>_<host>.pub for the host-specific
key, and with <user>.pub for the default key.  If user FOO is
connecting from host XXX, it looks for ./keys/FOO_XXX.pub, and if
that file is not found, it looks for ./keys/FOO.pub.

Obviously, the credentials checker needs to know the remote host
name for this to work.

Thanks to anyone who can point me in the right direction!


-- 
John Santos
Evans Griffiths & Hart, Inc.
781-861-0670 ext 539




More information about the Twisted-Python mailing list