class documentation

class SSHServerTransport(SSHTransportBase): (source)

View In Hierarchy

SSHServerTransport implements the server side of the SSH protocol.

Method ssh_KEX_DH_GEX_INIT Called when we get a MSG_KEX_DH_GEX_INIT message. Payload:
Method ssh_KEX_DH_GEX_REQUEST Called when we receive a MSG_KEX_DH_GEX_REQUEST message. Payload:
Method ssh_KEX_DH_GEX_REQUEST_OLD This represents different key exchange methods that share the same integer value. If the message is determined to be a KEXDH_INIT, _ssh_KEXDH_INIT is called to handle it. If it is a KEX_ECDH_INIT, _ssh_KEX_ECDH_INIT...
Method ssh_KEXINIT Called when we receive a MSG_KEXINIT message. For a description of the packet, see SSHTransportBase.ssh_KEXINIT(). Additionally, this method checks if a guessed key exchange packet was sent. If it was sent, and it guessed incorrectly, the next key exchange packet MUST be ignored.
Method ssh_NEWKEYS Called when we get a MSG_NEWKEYS message. No payload. When we get this, the keys have been set on both sides, and we start using them to encrypt and authenticate the connection.
Method ssh_SERVICE_REQUEST Called when we get a MSG_SERVICE_REQUEST message. Payload:
Instance Variable dhGexRequest the KEX_DH_GEX_REQUEST(_OLD) that the client sent. The key generation needs this to be stored.
Instance Variable ecPub Undocumented
Instance Variable g the Diffie-Hellman group generator.
Instance Variable ignoreNextPacket if True, ignore the next key exchange packet. This is set when the client sends a guessed key exchange packet but with an incorrect guess.
Instance Variable isClient since we are never the client, this is always False.
Instance Variable p the Diffie-Hellman group prime.
Method _getHostKeys Get the public and private host keys corresponding to the given public key signature algorithm.
Method _keySetup See SSHTransportBase._keySetup().
Method _ssh_KEX_ECDH_INIT Called from ssh_KEX_DH_GEX_REQUEST_OLD to handle elliptic curve key exchanges.
Method _ssh_KEXDH_INIT Called to handle the beginning of a non-group key exchange.

Inherited from SSHTransportBase:

Method connectionLost When the underlying connection is closed, stop the running service (if any), and log out the avatar (if any).
Method connectionMade Called when the connection is made to the other side. We sent our version and the MSG_KEXINIT packet.
Method dataReceived First, check for the version string (SSH-2.0-*). After that has been received, this method adds data to the buffer, and pulls out any packets.
Method dispatchMessage Send a received message to the appropriate method.
Method getHost Returns an SSHTransportAddress corresponding to the this side of transport.
Method getPacket Try to return a decrypted, authenticated, and decompressed packet out of the buffer. If there is not enough data, return None.
Method getPeer Returns an SSHTransportAddress corresponding to the other (peer) side of this transport.
Method isEncrypted Check if the connection is encrypted in the given direction.
Method isVerified Check if the connection is verified/authentication in the given direction.
Method kexAlg.setter Set the key exchange algorithm name.
Method loseConnection Lose the connection to the other side, sending a DISCONNECT_CONNECTION_LOST message.
Method receiveDebug Called when we receive a debug message from the other side.
Method receiveError Called when we receive a disconnect error message from the other side.
Method receiveUnimplemented Called when we receive an unimplemented packet message from the other side.
Method sendDebug Send a debug message to the other side.
Method sendDisconnect Send a disconnect message to the other side and then disconnect.
Method sendExtInfo Send an RFC 8308 extension advertisement to the remote peer.
Method sendIgnore Send a message that will be ignored by the other side. This is useful to fool attacks based on guessing packet sizes in the encrypted stream.
Method sendKexInit Send a KEXINIT message to initiate key exchange or to respond to a key exchange initiated by the peer.
Method sendPacket Sends a packet. If it's been set up, compress the data, encrypt it, and authenticate it before sending. If key exchange is in progress and the message is not part of key exchange, queue it to be sent later.
Method sendUnimplemented Send a message to the other side that the last packet was not understood.
Method setService Set our service to service and start it running. If we were running a service previously, stop it first.
Method ssh_DEBUG Called when we receive a MSG_DEBUG message. Payload:
Method ssh_DISCONNECT Called when we receive a MSG_DISCONNECT message. Payload:
Method ssh_EXT_INFO Called when we get a MSG_EXT_INFO message. Payload:
Method ssh_IGNORE Called when we receive a MSG_IGNORE message. No payload. This means nothing; we simply return.
Method ssh_UNIMPLEMENTED Called when we receive a MSG_UNIMPLEMENTED message. Payload:
Instance Variable buf Data we've received but hasn't been parsed into a packet.
Instance Variable comment An optional string giving more information about the server or client.
Instance Variable currentEncryptions an SSHCiphers instance. It represents the current encryption and authentication options for the transport.
Instance Variable dhSecretKey Undocumented
Instance Variable dhSecretKeyPublicMP Undocumented
Instance Variable first the first bytes of the next packet. In order to avoid decrypting data twice, the first bytes are decrypted and stored until the whole packet is available.
Instance Variable gotVersion A boolean indicating whether we have received the version string from the other side.
Instance Variable incomingCompression an object supporting the .decompress(str) method, or None if there is no incoming compression. Used to decompress incoming data.
Instance Variable incomingCompressionType A string representing the incoming compression type.
Instance Variable incomingPacketSequence the sequence number of the next packet we are expecting from the other side.
Instance Variable kexAlg The key exchange algorithm name agreed between client and server.
Instance Variable keyAlg the agreed-upon public key type for the key exchange.
Instance Variable nextEncryptions an SSHCiphers instance. Held here until the MSG_NEWKEYS messages are exchanged, when nextEncryptions is transitioned to currentEncryptions.
Instance Variable otherKexInitPayload the MSG_KEXINIT payload we received. Used in the key exchange
Instance Variable otherVersionString the version string sent by the other side. Used in the key exchange.
Instance Variable ourKexInitPayload the MSG_KEXINIT payload we sent. Used in the key exchange.
Instance Variable ourVersionString the version string that we sent to the other side. Used in the key exchange.
Instance Variable outgoingCompression an object supporting the .compress(str) and .flush() methods, or None if there is no outgoing compression. Used to compress outgoing data.
Instance Variable outgoingCompressionType A string representing the outgoing compression type.
Instance Variable outgoingPacketSequence the sequence number of the next packet we will send.
Instance Variable peerExtensions a dict of extensions supported by the other side of the connection.
Instance Variable protocolVersion A string representing the version of the SSH protocol we support. Currently defaults to '2.0'.
Instance Variable service an SSHService instance, or None. If it's set to an object, it's the currently running service.
Instance Variable sessionID a string that is unique to this SSH session. Created as part of the key exchange, sessionID is used to generate the various encryption and authentication keys.
Instance Variable supportedCiphers A list of strings representing the encryption algorithms supported, in order from most-preferred to least.
Instance Variable supportedCompressions A list of strings representing compression types supported, from most-preferred to least.
Instance Variable supportedKeyExchanges A list of strings representing the key exchanges supported, in order from most-preferred to least.
Instance Variable supportedLanguages A list of strings representing languages supported, from most-preferred to least.
Instance Variable supportedMACs A list of strings representing the message authentication codes (hashes) supported, in order from most-preferred to least. Both this and supportedCiphers can include 'none' to use no encryption or authentication, but that must be done manually,...
Instance Variable supportedPublicKeys A list of strings representing the public key algorithms supported, in order from most-preferred to least.
Instance Variable supportedVersions A container of strings representing supported ssh protocol version numbers.
Instance Variable version A string representing the version of the server or client. Currently defaults to 'Twisted'.
Method _allowedKeyExchangeMessageType Determine if the given message type may be sent while key exchange is in progress.
Method _encodeECPublicKey Encode an elliptic curve public key to bytes.
Method _finishEphemeralDH Completes the Diffie-Hellman key agreement started by _startEphemeralDH, and forgets the ephemeral secret key.
Method _generateECPrivateKey Generate an private key for ECDH key exchange.
Method _generateECSharedSecret Generate a shared secret for ECDH key exchange.
Method _getKey Get one of the keys for authentication/encryption.
Method _newKeys Called back by a subclass once a MSG_NEWKEYS message has been received. This indicates key exchange has completed and new encryption and compression parameters should be adopted. Any messages which were queued during key exchange will also be flushed.
Method _startEphemeralDH Prepares for a Diffie-Hellman key agreement exchange.
Method _unsupportedVersionReceived Called when an unsupported version of the ssh protocol is received from the remote endpoint.
Constant _EXT_INFO_C Undocumented
Constant _EXT_INFO_S Undocumented
Constant _KEY_EXCHANGE_NONE Undocumented
Constant _KEY_EXCHANGE_PROGRESSING Undocumented
Constant _KEY_EXCHANGE_REQUESTED Undocumented
Class Variable _log Undocumented
Instance Variable _blockedByKeyExchange Whenever _keyExchangeState is not _KEY_EXCHANGE_NONE, this is a list of pending messages which were passed to sendPacket but could not be sent because it is not legal to send them while a key exchange is in progress...
Instance Variable _kexAlg Undocumented
Instance Variable _keyExchangeState The current protocol state with respect to key exchange. This is either _KEY_EXCHANGE_NONE if no key exchange is in progress (and returns to this value after any key exchange completqes), _KEY_EXCHANGE_REQUESTED...
Instance Variable _peerSupportsExtensions a boolean indicating whether the other side of the connection supports RFC 8308 extension negotiation.

Inherited from Protocol (via SSHTransportBase):

Method logPrefix Return a prefix matching the class name, to identify log messages related to this protocol instance.
Class Variable factory Undocumented

Inherited from BaseProtocol (via SSHTransportBase, Protocol):

Method makeConnection Make a connection to a transport and a server.
Instance Variable connected Undocumented
Instance Variable transport Undocumented
def ssh_KEX_DH_GEX_INIT(self, packet): (source)

Called when we get a MSG_KEX_DH_GEX_INIT message. Payload:

    integer e (client DH public key)

We send the MSG_KEX_DH_GEX_REPLY message with our host key and signature.

Parameters
packet:bytesThe message data.
def ssh_KEX_DH_GEX_REQUEST(self, packet): (source)

Called when we receive a MSG_KEX_DH_GEX_REQUEST message. Payload:

    integer minimum
    integer ideal
    integer maximum

The client is asking for a Diffie-Hellman group between minimum and maximum size, and close to ideal if possible. We reply with a MSG_KEX_DH_GEX_GROUP message.

If we were told to ignore the next key exchange packet by ssh_KEXINIT, drop it on the floor and return.

Parameters
packet:bytesThe message data.
def ssh_KEX_DH_GEX_REQUEST_OLD(self, packet): (source)

This represents different key exchange methods that share the same integer value. If the message is determined to be a KEXDH_INIT, _ssh_KEXDH_INIT is called to handle it. If it is a KEX_ECDH_INIT, _ssh_KEX_ECDH_INIT is called. Otherwise, for KEX_DH_GEX_REQUEST_OLD payload:

        integer ideal (ideal size for the Diffie-Hellman prime)

    We send the KEX_DH_GEX_GROUP message with the group that is
    closest in size to ideal.

If we were told to ignore the next key exchange packet by ssh_KEXINIT, drop it on the floor and return.

Parameters
packet:bytesThe message data.
def ssh_KEXINIT(self, packet): (source)

Called when we receive a MSG_KEXINIT message. For a description of the packet, see SSHTransportBase.ssh_KEXINIT(). Additionally, this method checks if a guessed key exchange packet was sent. If it was sent, and it guessed incorrectly, the next key exchange packet MUST be ignored.

def ssh_NEWKEYS(self, packet): (source)

Called when we get a MSG_NEWKEYS message. No payload. When we get this, the keys have been set on both sides, and we start using them to encrypt and authenticate the connection.

Parameters
packet:bytesThe message data.
def ssh_SERVICE_REQUEST(self, packet): (source)

Called when we get a MSG_SERVICE_REQUEST message. Payload:

    string serviceName

The client has requested a service. If we can start the service, start it; otherwise, disconnect with DISCONNECT_SERVICE_NOT_AVAILABLE.

Parameters
packet:bytesThe message data.
dhGexRequest = (source)

the KEX_DH_GEX_REQUEST(_OLD) that the client sent. The key generation needs this to be stored.

Undocumented

the Diffie-Hellman group generator.

ignoreNextPacket: int = (source)

if True, ignore the next key exchange packet. This is set when the client sends a guessed key exchange packet but with an incorrect guess.

isClient: bool = (source)

since we are never the client, this is always False.

the Diffie-Hellman group prime.

def _getHostKeys(self, keyAlg): (source)

Get the public and private host keys corresponding to the given public key signature algorithm.

The factory stores public and private host keys by their key format, which is not quite the same as the key signature algorithm: for example, an ssh-rsa key can sign using any of the ssh-rsa, rsa-sha2-256, or rsa-sha2-512 algorithms.

Parameters
keyAlg:bytesA public key signature algorithm name.
Returns
2-tuple of keys.KeyThe public and private host keys.
Raises
KeyErrorif the factory does not have both a public and a private host key for this signature algorithm.
def _keySetup(self, sharedSecret, exchangeHash): (source)

See SSHTransportBase._keySetup().

def _ssh_KEX_ECDH_INIT(self, packet): (source)

Called from ssh_KEX_DH_GEX_REQUEST_OLD to handle elliptic curve key exchanges.

Payload:

    string client Elliptic Curve Diffie-Hellman public key

Just like _ssh_KEXDH_INIT this message type is also not dispatched directly. Extra check to determine if this is really KEX_ECDH_INIT is required.

First we load the host's public/private keys. Then we generate the ECDH public/private keypair for the given curve. With that we generate the shared secret key. Then we compute the hash to sign and send back to the client Along with the server's public key and the ECDH public key.

Parameters
packet:bytesThe message data.
Returns
None.
def _ssh_KEXDH_INIT(self, packet): (source)

Called to handle the beginning of a non-group key exchange.

Unlike other message types, this is not dispatched automatically. It is called from ssh_KEX_DH_GEX_REQUEST_OLD because an extra check is required to determine if this is really a KEXDH_INIT message or if it is a KEX_DH_GEX_REQUEST_OLD message.

The KEXDH_INIT payload:

        integer e (the client's Diffie-Hellman public key)

We send the KEXDH_REPLY with our host key and signature.

Parameters
packet:bytesThe message data.