From 1a716ed46d1d556d4ba6798608ab498320acd886 Mon Sep 17 00:00:00 2001 From: "Jeremy T. Bouse" Date: Sat, 25 May 2013 00:04:32 -0400 Subject: Imported Upstream version 1.10.1 --- docs/paramiko.ServerInterface-class.html | 1247 ------------------------------ 1 file changed, 1247 deletions(-) delete mode 100644 docs/paramiko.ServerInterface-class.html (limited to 'docs/paramiko.ServerInterface-class.html') diff --git a/docs/paramiko.ServerInterface-class.html b/docs/paramiko.ServerInterface-class.html deleted file mode 100644 index 7cf53a6..0000000 --- a/docs/paramiko.ServerInterface-class.html +++ /dev/null @@ -1,1247 +0,0 @@ - - - - - paramiko.ServerInterface - - - - - - - - - - - - - - - - - - - - - - -
   Home      Trees      Indices      Help   
- - - - - -
- - Package paramiko :: - Class ServerInterface - - - - - -
[frames] | no frames]
-
- -

Class ServerInterface

source code

-
-object --+
-         |
-        ServerInterface
-
- -
-

This class defines an interface for controlling the behavior of - paramiko in server mode.

-

Methods on this class are called from paramiko's primary thread, so - you shouldn't do too much work in them. (Certainly nothing that blocks - or sleeps.)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Instance Methods
-   - - - - - - -
cancel_port_forward_request(self, - address, - port)
- The client would like to cancel a previous port-forwarding request.		 - source code - -
- -
- int or InteractiveQuery - - - - - - -
check_auth_interactive(self, - username, - submethods)
- Begin an interactive authentication challenge, if supported.		 - source code - -
- -
- int or InteractiveQuery - - - - - - -
check_auth_interactive_response(self, - responses)
- Continue or finish an interactive authentication challenge, if - supported.		 - source code - -
- -
- int - - - - - - -
check_auth_none(self, - username)
- Determine if a client may open channels with no (further) - authentication.		 - source code - -
- -
- int - - - - - - -
check_auth_password(self, - username, - password)
- Determine if a given username and password supplied by the client is - acceptable for use in authentication.		 - source code - -
- -
- int - - - - - - -
check_auth_publickey(self, - username, - key)
- Determine if a given key supplied by the client is acceptable for use - in authentication.		 - source code - -
- -
- int - - - - - - -
check_channel_direct_tcpip_request(self, - chanid, - origin, - destination)
- Determine if a local port forwarding channel will be granted, and - return OPEN_SUCCEEDED or an error code.		 - source code - -
- -
- bool - - - - - - -
check_channel_exec_request(self, - channel, - command)
- Determine if a shell command will be executed for the client.		 - source code - -
- -
- bool - - - - - - -
check_channel_pty_request(self, - channel, - term, - width, - height, - pixelwidth, - pixelheight, - modes)
- Determine if a pseudo-terminal of the given dimensions (usually - requested for shell access) can be provided on the given channel.		 - source code - -
- -
- int - - - - - - -
check_channel_request(self, - kind, - chanid)
- Determine if a channel request of a given type will be granted, and - return OPEN_SUCCEEDED or an error code.		 - source code - -
- -
- bool - - - - - - -
check_channel_shell_request(self, - channel)
- Determine if a shell will be provided to the client on the given - channel.		 - source code - -
- -
- bool - - - - - - -
check_channel_subsystem_request(self, - channel, - name)
- Determine if a requested subsystem will be provided to the client on - the given channel.		 - source code - -
- -
- bool - - - - - - -
check_channel_window_change_request(self, - channel, - width, - height, - pixelwidth, - pixelheight)
- Determine if the pseudo-terminal on the given channel can be resized.		 - source code - -
- -
- bool - - - - - - -
check_channel_x11_request(self, - channel, - single_connection, - auth_protocol, - auth_cookie, - screen_number)
- Determine if the client will be provided with an X11 session.		 - source code - -
- -
- bool - - - - - - -
check_global_request(self, - kind, - msg)
- Handle a global request of the given kind.		 - source code - -
- -
- int - - - - - - -
check_port_forward_request(self, - address, - port)
- Handle a request for port forwarding.		 - source code - -
- -
- str - - - - - - -
get_allowed_auths(self, - username)
- Return a list of authentication methods supported by the server.		 - source code - -
- -
-

Inherited from object: - __delattr__, - __format__, - __getattribute__, - __hash__, - __init__, - __new__, - __reduce__, - __reduce_ex__, - __repr__, - __setattr__, - __sizeof__, - __str__, - __subclasshook__ -

-
- - - - - - - - - -
- Properties
-

Inherited from object: - __class__ -

-
- - - - - - -
- Method Details
- -
- -
- - -
-

cancel_port_forward_request(self, - address, - port) -

- 		source code  -
- -

The client would like to cancel a previous port-forwarding request. If - the given address and port is being forwarded across this ssh connection, - the port should be closed.

-
-
Parameters:
-
    -
  • address (str) - the forwarded address
    • -
  • port (int) - the forwarded port
    • -
-
-
-
- -
- -
- - -
-

check_auth_interactive(self, - username, - submethods) -

- 		source code  -
- -

Begin an interactive authentication challenge, if supported. You - should override this method in server mode if you want to support the - "keyboard-interactive" auth type, which requires - you to send a series of questions for the client to answer.

-

Return AUTH_FAILED if this auth method isn't supported. Otherwise, - you should return an InteractiveQuery object containing the prompts and - instructions for the user. The response will be sent via a call to check_auth_interactive_response.

-

The default implementation always returns AUTH_FAILED.

-
-
Parameters:
-
    -
  • username (str) - the username of the authenticating client
    • -
  • submethods (str) - a comma-separated list of methods preferred by the client - (usually empty)
    • -
-
Returns: int or InteractiveQuery
-
AUTH_FAILED if this auth method isn't supported; otherwise an - object containing queries for the user
-
-
-
- -
- -
- - -
-

check_auth_interactive_response(self, - responses) -

- 		source code  -
- -

Continue or finish an interactive authentication challenge, if - supported. You should override this method in server mode if you want to - support the "keyboard-interactive" auth type.

-

Return AUTH_FAILED if the responses are not accepted, AUTH_SUCCESSFUL - if the responses are accepted and complete the authentication, or - AUTH_PARTIALLY_SUCCESSFUL if your authentication is stateful, and this - set of responses is accepted for authentication, but more authentication - is required. (In this latter case, get_allowed_auths will be called to report to the client - what options it has for continuing the authentication.)

-

If you wish to continue interactive authentication with more - questions, you may return an InteractiveQuery object, which should cause - the client to respond with more answers, calling this method again. This - cycle can continue indefinitely.

-

The default implementation always returns AUTH_FAILED.

-
-
Parameters:
-
    -
  • responses (list(str)) - list of responses from the client
    • -
-
Returns: int or InteractiveQuery
-
AUTH_FAILED if the authentication fails; AUTH_SUCCESSFUL if it - succeeds; AUTH_PARTIALLY_SUCCESSFUL if the interactive auth is - successful, but authentication must continue; otherwise an object - containing queries for the user
-
-
-
- -
- -
- - -
-

check_auth_none(self, - username) -

- 		source code  -
- -

Determine if a client may open channels with no (further) - authentication.

-

Return AUTH_FAILED if the client must authenticate, or AUTH_SUCCESSFUL - if it's okay for the client to not authenticate.

-

The default implementation always returns AUTH_FAILED.

-
-
Parameters:
-
    -
  • username (str) - the username of the client.
    • -
-
Returns: int
-
AUTH_FAILED if the authentication fails; AUTH_SUCCESSFUL if it - succeeds.
-
-
-
- -
- -
- - -
-

check_auth_password(self, - username, - password) -

- 		source code  -
- -

Determine if a given username and password supplied by the client is - acceptable for use in authentication.

-

Return AUTH_FAILED if the password is not accepted, AUTH_SUCCESSFUL if - the password is accepted and completes the authentication, or - AUTH_PARTIALLY_SUCCESSFUL if your authentication is stateful, and this - key is accepted for authentication, but more authentication is required. - (In this latter case, get_allowed_auths will be called to report to the client - what options it has for continuing the authentication.)

-

The default implementation always returns AUTH_FAILED.

-
-
Parameters:
-
    -
  • username (str) - the username of the authenticating client.
    • -
  • password (str) - the password given by the client.
    • -
-
Returns: int
-
AUTH_FAILED if the authentication fails; AUTH_SUCCESSFUL if it - succeeds; AUTH_PARTIALLY_SUCCESSFUL if the password auth is - successful, but authentication must continue.
-
-
-
- -
- -
- - -
-

check_auth_publickey(self, - username, - key) -

- 		source code  -
- -

Determine if a given key supplied by the client is acceptable for use - in authentication. You should override this method in server mode to - check the username and key and decide if you would accept a signature - made using this key.

-

Return AUTH_FAILED if the key is not accepted, AUTH_SUCCESSFUL if the - key is accepted and completes the authentication, or - AUTH_PARTIALLY_SUCCESSFUL if your authentication is stateful, and this - password is accepted for authentication, but more authentication is - required. (In this latter case, get_allowed_auths will be called to report to the client - what options it has for continuing the authentication.)

-

Note that you don't have to actually verify any key signtature here. - If you're willing to accept the key, paramiko will do the work of - verifying the client's signature.

-

The default implementation always returns AUTH_FAILED.

-
-
Parameters:
-
    -
  • username (str) - the username of the authenticating client
    • -
  • key (PKey) - the key object provided by the client
    • -
-
Returns: int
-
AUTH_FAILED if the client can't authenticate with this key; - AUTH_SUCCESSFUL if it can; AUTH_PARTIALLY_SUCCESSFUL if it can - authenticate with this key but must continue with authentication
-
-
-
- -
- -
- - -
-

check_channel_direct_tcpip_request(self, - chanid, - origin, - destination) -

- 		source code  -
- -

Determine if a local port forwarding channel will be granted, and - return OPEN_SUCCEEDED or an error code. This method is - called in server mode when the client requests a channel, after - authentication is complete.

-

The chanid parameter is a small number that uniquely - identifies the channel within a Transport. A Channel object is not created unless this method returns - OPEN_SUCCEEDED -- once a Channel object is - created, you can call Channel.get_id to retrieve the channel ID.

-

The origin and destination parameters are (ip_address, port) tuples - that correspond to both ends of the TCP connection in the forwarding - tunnel.

-

The return value should either be OPEN_SUCCEEDED (or - 0) to allow the channel request, or one of the following - error codes to reject it:

-
    -
  • - OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED -
    • -
  • - OPEN_FAILED_CONNECT_FAILED -
    • -
  • - OPEN_FAILED_UNKNOWN_CHANNEL_TYPE -
    • -
  • - OPEN_FAILED_RESOURCE_SHORTAGE -
    • -
-

The default implementation always returns - OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED.

-
-
Parameters:
-
    -
  • chanid (int) - ID of the channel
    • -
  • origin (tuple) - 2-tuple containing the IP address and port of the originator - (client side)
    • -
  • destination (tuple) - 2-tuple containing the IP address and port of the destination - (server side)
    • -
-
Returns: int
-
a success or failure code (listed above)
-
-
-
- -
- -
- - -
-

check_channel_exec_request(self, - channel, - command) -

- 		source code  -
- -

Determine if a shell command will be executed for the client. If this - method returns True, the channel should be connected to the - stdin, stdout, and stderr of the shell command.

-

The default implementation always returns False.

-
-
Parameters:
-
    -
  • channel (Channel) - the Channel the request arrived on.
    • -
  • command (str) - the command to execute.
    • -
-
Returns: bool
-
True if this channel is now hooked up to the stdin, - stdout, and stderr of the executing command; False - if the command will not be executed.
-
-

Since: - 1.1 -

-
-
- -
- -
- - -
-

check_channel_pty_request(self, - channel, - term, - width, - height, - pixelwidth, - pixelheight, - modes) -

- 		source code  -
- -

Determine if a pseudo-terminal of the given dimensions (usually - requested for shell access) can be provided on the given channel.

-

The default implementation always returns False.

-
-
Parameters:
-
    -
  • channel (Channel) - the Channel the pty request arrived on.
    • -
  • term (str) - type of terminal requested (for example, - "vt100").
    • -
  • width (int) - width of screen in characters.
    • -
  • height (int) - height of screen in characters.
    • -
  • pixelwidth (int) - width of screen in pixels, if known (may be 0 if - unknown).
    • -
  • pixelheight (int) - height of screen in pixels, if known (may be 0 if - unknown).
    • -
-
Returns: bool
-
True if the psuedo-terminal has been allocated; - False otherwise.
-
-
-
- -
- -
- - -
-

check_channel_request(self, - kind, - chanid) -

- 		source code  -
- -

Determine if a channel request of a given type will be granted, and - return OPEN_SUCCEEDED or an error code. This method is - called in server mode when the client requests a channel, after - authentication is complete.

-

If you allow channel requests (and an ssh server that didn't would be - useless), you should also override some of the channel request methods - below, which are used to determine which services will be allowed on a - given channel:

- -

The chanid parameter is a small number that uniquely - identifies the channel within a Transport. A Channel object is not created unless this method returns - OPEN_SUCCEEDED -- once a Channel object is - created, you can call Channel.get_id to retrieve the channel ID.

-

The return value should either be OPEN_SUCCEEDED (or - 0) to allow the channel request, or one of the following - error codes to reject it:

-
    -
  • - OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED -
    • -
  • - OPEN_FAILED_CONNECT_FAILED -
    • -
  • - OPEN_FAILED_UNKNOWN_CHANNEL_TYPE -
    • -
  • - OPEN_FAILED_RESOURCE_SHORTAGE -
    • -
-

The default implementation always returns - OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED.

-
-
Parameters:
-
    -
  • kind (str) - the kind of channel the client would like to open (usually - "session").
    • -
  • chanid (int) - ID of the channel
    • -
-
Returns: int
-
a success or failure code (listed above)
-
-
-
- -
- -
- - -
-

check_channel_shell_request(self, - channel) -

- 		source code  -
- -

Determine if a shell will be provided to the client on the given - channel. If this method returns True, the channel should be - connected to the stdin/stdout of a shell (or something that acts like a - shell).

-

The default implementation always returns False.

-
-
Parameters:
-
-
Returns: bool
-
True if this channel is now hooked up to a shell; - False if a shell can't or won't be provided.
-
-
-
- -
- -
- - -
-

check_channel_subsystem_request(self, - channel, - name) -

- 		source code  -
- -

Determine if a requested subsystem will be provided to the client on - the given channel. If this method returns True, all future - I/O through this channel will be assumed to be connected to the requested - subsystem. An example of a subsystem is sftp.

-

The default implementation checks for a subsystem handler assigned via - Transport.set_subsystem_handler. If one has been set, - the handler is invoked and this method returns True. - Otherwise it returns False.

-
-
Parameters:
-
    -
  • channel (Channel) - the Channel the pty request arrived on.
    • -
  • name (str) - name of the requested subsystem.
    • -
-
Returns: bool
-
True if this channel is now hooked up to the - requested subsystem; False if that subsystem can't - or won't be provided.
-
-

Note: - Because the default implementation uses the Transport to - identify valid subsystems, you probably won't need to override this - method. -

-
-
- -
- -
- - -
-

check_channel_window_change_request(self, - channel, - width, - height, - pixelwidth, - pixelheight) -

- 		source code  -
- -

Determine if the pseudo-terminal on the given channel can be resized. - This only makes sense if a pty was previously allocated on it.

-

The default implementation always returns False.

-
-
Parameters:
-
    -
  • channel (Channel) - the Channel the pty request arrived on.
    • -
  • width (int) - width of screen in characters.
    • -
  • height (int) - height of screen in characters.
    • -
  • pixelwidth (int) - width of screen in pixels, if known (may be 0 if - unknown).
    • -
  • pixelheight (int) - height of screen in pixels, if known (may be 0 if - unknown).
    • -
-
Returns: bool
-
True if the terminal was resized; False - if not.
-
-
-
- -
- -
- - -
-

check_channel_x11_request(self, - channel, - single_connection, - auth_protocol, - auth_cookie, - screen_number) -

- 		source code  -
- -

Determine if the client will be provided with an X11 session. If this - method returns True, X11 applications should be routed - through new SSH channels, using Transport.open_x11_channel.

-

The default implementation always returns False.

-
-
Parameters:
-
    -
  • channel (Channel) - the Channel the X11 request arrived on
    • -
  • single_connection (bool) - True if only a single X11 channel should be opened
    • -
  • auth_protocol (str) - the protocol used for X11 authentication
    • -
  • auth_cookie (str) - the cookie used to authenticate to X11
    • -
  • screen_number (int) - the number of the X11 screen to connect to
    • -
-
Returns: bool
-
True if the X11 session was opened; - False if not
-
-
-
- -
- -
- - -
-

check_global_request(self, - kind, - msg) -

- 		source code  -
- -

Handle a global request of the given kind. This method - is called in server mode and client mode, whenever the remote host makes - a global request. If there are any arguments to the request, they will - be in msg.

-

There aren't any useful global requests defined, aside from port - forwarding, so usually this type of request is an extension to the - protocol.

-

If the request was successful and you would like to return contextual - data to the remote host, return a tuple. Items in the tuple will be sent - back with the successful result. (Note that the items in the tuple can - only be strings, ints, longs, or bools.)

-

The default implementation always returns False, - indicating that it does not support any global requests.

-
-
Parameters:
-
    -
  • kind (str) - the kind of global request being made.
    • -
  • msg (Message) - any extra arguments to the request.
    • -
-
Returns: bool
-
True or a tuple of data if the request was granted; - False otherwise.
-
-

Note: - Port forwarding requests are handled separately, in check_port_forward_request. -

-
-
- -
- -
- - -
-

check_port_forward_request(self, - address, - port) -

- 		source code  -
- -

Handle a request for port forwarding. The client is asking that - connections to the given address and port be forwarded back across this - ssh connection. An address of "0.0.0.0" indicates - a global address (any address associated with this server) and a port of - 0 indicates that no specific port is requested (usually the - OS will pick a port).

-

The default implementation always returns False, - rejecting the port forwarding request. If the request is accepted, you - should return the port opened for listening.

-
-
Parameters:
-
    -
  • address (str) - the requested address
    • -
  • port (int) - the requested port
    • -
-
Returns: int
-
the port number that was opened for listening, or - False to reject
-
-
-
- -
- -
- - -
-

get_allowed_auths(self, - username) -

- 		source code  -
- -

Return a list of authentication methods supported by the server. This - list is sent to clients attempting to authenticate, to inform them of - authentication methods that might be successful.

-

The "list" is actually a string of comma-separated names of - types of authentication. Possible values are - "password", "publickey", - and "none".

-

The default implementation always returns - "password".

-
-
Parameters:
-
    -
  • username (str) - the username requesting authentication.
    • -
-
Returns: str
-
a comma-separated list of authentication types
-
-
-
-
- - - - - - - - - - - - - - - - - -
   Home      Trees      Indices      Help   
- - - - - -
- Generated by Epydoc 3.0.1 on Mon May 23 13:50:03 2011 - - http://epydoc.sourceforge.net -
- - - - -- cgit v1.2.3