module documentation
(source)

Various classes and functions for implementing user-interaction in the command-line conch client.

You probably shouldn't use anything in this module directly, since it assumes you are sitting at an interactive terminal. For example, to programmatically interact with a known_hosts database, use twisted.conch.client.knownhosts.

Class SSHUserAuthClient No class docstring; 0/3 instance variable, 4/11 methods, 2/2 class methods documented
Function getHostKeyAlgorithms Look in known_hosts for a key corresponding to host. This can be used to change the order of supported key types in the KEXINIT packet.
Function isInKnownHosts Checks to see if host is in the known_hosts file for the user.
Function verifyHostKey Verify a host's key.
Variable _KNOWN_HOSTS Undocumented
def getHostKeyAlgorithms(host, options): (source)
Look in known_hosts for a key corresponding to host. This can be used to change the order of supported key types in the KEXINIT packet.
Parameters
host:strthe host to check in known_hosts
options:twisted.conch.client.options.ConchOptionsoptions passed to client
Returns
list of str representing key types or None.
def isInKnownHosts(host, pubKey, options): (source)
Checks to see if host is in the known_hosts file for the user.
Returns
int0 if it isn't, 1 if it is and is the same, 2 if it's changed.
def verifyHostKey(transport, host, pubKey, fingerprint): (source)

Verify a host's key.

This function is a gross vestige of some bad factoring in the client internals. The actual implementation, and a better signature of this logic is in KnownHostsFile.verifyHostKey. This function is not deprecated yet because the callers have not yet been rehabilitated, but they should eventually be changed to call that method instead.

However, this function does perform two functions not implemented by KnownHostsFile.verifyHostKey. It determines the path to the user's known_hosts file based on the options (which should really be the options object's job), and it provides an opener to ConsoleUI which opens '/dev/tty' so that the user will be prompted on the tty of the process even if the input and output of the process has been redirected. This latter part is, somewhat obviously, not portable, but I don't know of a portable equivalent that could be used.

Parameters
transport:SSHClientTransportthe client transport which is attempting to connect to the given host.
host:strDue to a bug in SSHClientTransport.verifyHostKey, this is always the dotted-quad IP address of the host being connected to.
pubKey:strThe public key of the server being connected to.
fingerprint:strthe fingerprint of the given public key, in xx:xx:xx:... format. This is ignored in favor of getting the fingerprint from the key itself.
Returns
a Deferred which fires with 1 if the key was successfully verified, or fails if the key could not be successfully verified. Failure types may include HostKeyChanged, UserRejectedKey, IOError or KeyboardInterrupt.
_KNOWN_HOSTS: str = (source)

Undocumented