From ed280d5ac360e2af796e9bd973d7b4df89f0c449 Mon Sep 17 00:00:00 2001 From: "Jeremy T. Bouse" Date: Fri, 27 Nov 2009 16:20:12 -0500 Subject: Imported Upstream version 1.7.4 --- docs/paramiko.Transport-class.html | 2343 ++++++++++++++++++++++++++++++++++++ 1 file changed, 2343 insertions(+) create mode 100644 docs/paramiko.Transport-class.html (limited to 'docs/paramiko.Transport-class.html') diff --git a/docs/paramiko.Transport-class.html b/docs/paramiko.Transport-class.html new file mode 100644 index 0000000..98758da --- /dev/null +++ b/docs/paramiko.Transport-class.html @@ -0,0 +1,2343 @@ + + + + + paramiko.Transport + + + + + + + + + + + + + + + + + + + + + + +
   Home      Trees      Indices      Help   
+ + + + + +
+ + Package paramiko :: + Class Transport + + + + + +
[frames] | no frames]
+
+ +

Class Transport

source code

+
+        object --+        
+                 |        
+threading._Verbose --+    
+                     |    
+      threading.Thread --+
+                         |
+                        Transport
+
+ +
+

An SSH Transport attaches to a stream (usually a socket), negotiates + an encrypted session, authenticates, and then creates stream tunnels, + called Channels, + across the session. Multiple channels can be multiplexed across a single + session (and often are, in the case of port forwardings).

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Instance Methods
+   + + + + + + +
__init__(self, + sock)
+ Create a new SSH session over an existing socket, or socket-like + object.		 + source code + +
+ +
+ str + + + + + + +
__repr__(self)
+ Returns a string representation of this object, for debugging.		 + source code + +
+ +
+ Channel + + + + + + +
accept(self, + timeout=None)
+ Return the next channel opened by the client over this transport, in + server mode.		 + source code + +
+ +
+   + + + + + + +
add_server_key(self, + key)
+ Add a host key to the list of keys used for server mode.		 + source code + +
+ +
+   + + + + + + +
atfork(self)
+ Terminate this Transport without closing the session.		 + source code + +
+ +
+ list + + + + + + +
auth_interactive(self, + username, + handler, + submethods='')
+ Authenticate to the server interactively.		 + source code + +
+ +
+ list + + + + + + +
auth_none(self, + username)
+ Try to authenticate to the server using no authentication at all.		 + source code + +
+ +
+ list + + + + + + +
auth_password(self, + username, + password, + event=None, + fallback=True)
+ Authenticate to the server using a password.		 + source code + +
+ +
+ list + + + + + + +
auth_publickey(self, + username, + key, + event=None)
+ Authenticate to the server using a private key.		 + source code + +
+ +
+   + + + + + + +
cancel_port_forward(self, + address, + port)
+ Ask the server to cancel a previous port-forwarding request.		 + source code + +
+ +
+   + + + + + + +
close(self)
+ Close this session, and any open channels that are tied to it.		 + source code + +
+ +
+   + + + + + + +
connect(self, + hostkey=None, + username='', + password=None, + pkey=None)
+ Negotiate an SSH2 session, and optionally verify the server's host + key and authenticate using a password or private key.		 + source code + +
+ +
+ Exception + + + + + + +
get_exception(self)
+ Return any exception that happened during the last server request.		 + source code + +
+ +
+ bool + + + + + + +
get_hexdump(self)
+ Return True if the transport is currently logging hex + dumps of protocol traffic.		 + source code + +
+ +
+ str + + + + + + +
get_log_channel(self)
+ Return the channel name used for this transport's logging.		 + source code + +
+ +
+ PKey + + + + + + +
get_remote_server_key(self)
+ Return the host key of the server (in client mode).		 + source code + +
+ +
+ SecurityOptions + + + + + + +
get_security_options(self)
+ Return a SecurityOptions object which can be used to tweak + the encryption algorithms this transport will permit, and the order + of preference for them.		 + source code + +
+ +
+ PKey + + + + + + +
get_server_key(self)
+ Return the active host key, in server mode.		 + source code + +
+ +
+ string + + + + + + +
get_username(self)
+ Return the username this connection is authenticated for.		 + source code + +
+ +
+ tuple(str, int) + + + + + + +
getpeername(self)
+ Return the address of the remote side of this Transport, if possible.		 + source code + +
+ +
+ Message + + + + + + +
global_request(self, + kind, + data=None, + wait=True)
+ Make a global request to the remote host.		 + source code + +
+ +
+ bool + + + + + + +
is_active(self)
+ Return true if this session is active (open).		 + source code + +
+ +
+ bool + + + + + + +
is_authenticated(self)
+ Return true if this session is active and authenticated.		 + source code + +
+ +
+ Channel + + + + + + +
open_channel(self, + kind, + dest_addr=None, + src_addr=None)
+ Request a new channel to the server.		 + source code + +
+ +
+   + + + + + + +
open_forwarded_tcpip_channel(self, + (src_addr, src_port), + (dest_addr, dest_port))
+ Request a new channel back to the client, of type + "forwarded-tcpip".		 + source code + +
+ +
+ Channel + + + + + + +
open_session(self)
+ Request a new channel to the server, of type + "session".		 + source code + +
+ +
+ SFTPClient + + + + + + +
open_sftp_client(self)
+ Create an SFTP client channel from an open transport.		 + source code + +
+ +
+ Channel + + + + + + +
open_x11_channel(self, + src_addr=None)
+ Request a new channel to the client, of type + "x11".		 + source code + +
+ +
+   + + + + + + +
renegotiate_keys(self)
+ Force this session to switch to new keys.		 + source code + +
+ +
+ int + + + + + + +
request_port_forward(self, + address, + port, + handler=None)
+ Ask the server to forward TCP connections from a listening port on + the server, across this SSH session.		 + source code + +
+ +
+   + + + + + + +
run(self) + source code + +
+ +
+   + + + + + + +
send_ignore(self, + bytes=None)
+ Send a junk packet across the encrypted link.		 + source code + +
+ +
+   + + + + + + +
set_hexdump(self, + hexdump)
+ Turn on/off logging a hex dump of protocol traffic at DEBUG level in + the logs.		 + source code + +
+ +
+   + + + + + + +
set_keepalive(self, + interval)
+ Turn on/off keepalive packets (default is off).		 + source code + +
+ +
+   + + + + + + +
set_log_channel(self, + name)
+ Set the channel for this transport's logging.		 + source code + +
+ +
+   + + + + + + +
set_subsystem_handler(self, + name, + handler, + *larg, + **kwarg)
+ Set the handler class for a subsystem in server mode.		 + source code + +
+ +
+   + + + + + + +
start_client(self, + event=None)
+ Negotiate a new SSH2 session as a client.		 + source code + +
+ +
+   + + + + + + +
start_server(self, + event=None, + server=None)
+ Negotiate a new SSH2 session as a server.		 + source code + +
+ +
+   + + + + + + +
stop_thread(self) + source code + +
+ +
+   + + + + + + +
use_compression(self, + compress=True)
+ Turn on/off compression.		 + source code + +
+ +
+

Inherited from threading.Thread: + getName, + isAlive, + isDaemon, + join, + setDaemon, + setName, + start +

+

Inherited from object: + __delattr__, + __getattribute__, + __hash__, + __new__, + __reduce__, + __reduce_ex__, + __setattr__, + __str__ +

+
+ + + + + + + + + +
+ Static Methods
+ bool + + + + + + +
load_server_moduli(filename=None)
+ (optional) Load a file of prime moduli for use in doing + group-exchange key negotiation in server mode.		 + source code + +
+ +
+ + + + + + + + + +
+ Properties
+

Inherited from object: + __class__ +

+
+ + + + + + +
+ Method Details
+ +
+ +
+ + +
+

__init__(self, + sock) +
(Constructor) +

+ 		source code  +
+ +

Create a new SSH session over an existing socket, or socket-like + object. This only creates the Transport object; it doesn't begin the SSH + session yet. Use connect or start_client to begin a client session, or start_server to begin a server session.

+

If the object is not actually a socket, it must have the following + methods:

+
    +
  • + send(str): Writes from 1 to len(str) bytes, + and returns an int representing the number of bytes written. Returns + 0 or raises EOFError if the stream has been closed. +
    • +
  • + recv(int): Reads from 1 to int bytes and + returns them as a string. Returns 0 or raises EOFError + if the stream has been closed. +
    • +
  • + close(): Closes the socket. +
    • +
  • + settimeout(n): Sets a (float) timeout on I/O operations. +
    • +
+

For ease of use, you may also pass in an address (as a tuple) or a + host string as the sock argument. (A host string is a + hostname with an optional port (separated by ":") + which will be converted into a tuple of (hostname, port).) + A socket will be connected to this address and used for communication. + Exceptions from the socket call may be thrown in this + case.

+
+
Parameters:
+
    +
  • sock (socket) - a socket or socket-like object to create the session over.
    • +
+
Overrides: + object.__init__ +
+
+
+
+ +
+ +
+ + +
+

__repr__(self) +
(Representation operator) +

+ 		source code  +
+ +

Returns a string representation of this object, for debugging.

+
+
Returns: str
+
Overrides: + object.__repr__ +
+
+
+
+ +
+ +
+ + +
+

accept(self, + timeout=None) +

+ 		source code  +
+ +

Return the next channel opened by the client over this transport, in + server mode. If no channel is opened before the given timeout, + None is returned.

+
+
Parameters:
+
    +
  • timeout (int) - seconds to wait for a channel, or None to wait + forever
    • +
+
Returns: Channel
+
a new Channel opened by the client
+
+
+
+ +
+ +
+ + +
+

add_server_key(self, + key) +

+ 		source code  +
+ +

Add a host key to the list of keys used for server mode. When + behaving as a server, the host key is used to sign certain packets during + the SSH2 negotiation, so that the client can trust that we are who we say + we are. Because this is used for signing, the key must contain private + key info, not just the public half. Only one key of each type (RSA or + DSS) is kept.

+
+
Parameters:
+
+
+
+
+ +
+ +
+ + +
+

atfork(self) +

+ 		source code  +
+ +

Terminate this Transport without closing the session. On posix + systems, if a Transport is open during process forking, both parent and + child will share the underlying socket, but only one process can use the + connection (without corrupting the session). Use this method to clean up + a Transport object without disrupting the other process.

+
+
+

Since: + 1.5.3 +

+
+
+ +
+ +
+ + +
+

auth_interactive(self, + username, + handler, + submethods='') +

+ 		source code  +
+ +

Authenticate to the server interactively. A handler is used to answer + arbitrary questions from the server. On many servers, this is just a + dumb wrapper around PAM.

+

This method will block until the authentication succeeds or fails, + peroidically calling the handler asynchronously to get answers to + authentication questions. The handler may be called more than once if + the server continues to ask questions.

+

The handler is expected to be a callable that will handle calls of the + form: handler(title, instructions, prompt_list). The + title is meant to be a dialog-window title, and the + instructions are user instructions (both are strings). + prompt_list will be a list of prompts, each prompt being a + tuple of (str, bool). The string is the prompt and the + boolean indicates whether the user text should be echoed.

+

A sample call would thus be: handler('title', 'instructions', + [('Password:', False)]).

+

The handler should return a list or tuple of answers to the server's + questions.

+

If the server requires multi-step authentication (which is very rare), + this method will return a list of auth types permissible for the next + step. Otherwise, in the normal case, an empty list is returned.

+
+
Parameters:
+
    +
  • username (string) - the username to authenticate as
    • +
  • handler (callable) - a handler for responding to server questions
    • +
  • submethods (str) - a string list of desired submethods (optional)
    • +
+
Returns: list
+
list of auth types permissible for the next stage of + authentication (normally empty).
+
Raises:
+
+
+

Since: + 1.5 +

+
+
+ +
+ +
+ + +
+

auth_none(self, + username) +

+ 		source code  +
+ +

Try to authenticate to the server using no authentication at all. This + will almost always fail. It may be useful for determining the list of + authentication types supported by the server, by catching the BadAuthenticationType exception raised.

+
+
Parameters:
+
    +
  • username (string) - the username to authenticate as
    • +
+
Returns: list
+
list of auth types permissible for the next stage of + authentication (normally empty)
+
Raises:
+
    +
  • BadAuthenticationType - if "none" authentication isn't allowed by the server for + this user
    • +
  • SSHException - if the authentication failed due to a network error
    • +
+
+

Since: + 1.5 +

+
+
+ +
+ +
+ + +
+

auth_password(self, + username, + password, + event=None, + fallback=True) +

+ 		source code  +
+ +

Authenticate to the server using a password. The username and + password are sent over an encrypted link.

+

If an event is passed in, this method will return + immediately, and the event will be triggered once authentication succeeds + or fails. On success, is_authenticated will return True. On + failure, you may use get_exception to get more detailed error + information.

+

Since 1.1, if no event is passed, this method will block until the + authentication succeeds or fails. On failure, an exception is raised. + Otherwise, the method simply returns.

+

Since 1.5, if no event is passed and fallback is + True (the default), if the server doesn't support plain + password authentication but does support so-called + "keyboard-interactive" mode, an attempt will be made to + authenticate using this interactive mode. If it fails, the normal + exception will be thrown as if the attempt had never been made. This is + useful for some recent Gentoo and Debian distributions, which turn off + plain password authentication in a misguided belief that interactive + authentication is "more secure". (It's not.)

+

If the server requires multi-step authentication (which is very rare), + this method will return a list of auth types permissible for the next + step. Otherwise, in the normal case, an empty list is returned.

+
+
Parameters:
+
    +
  • username (str) - the username to authenticate as
    • +
  • password (str or unicode) - the password to authenticate with
    • +
  • event (threading.Event) - an event to trigger when the authentication attempt is complete + (whether it was successful or not)
    • +
  • fallback (bool) - True if an attempt at an automated + "interactive" password auth should be made if the + server doesn't support normal password auth
    • +
+
Returns: list
+
list of auth types permissible for the next stage of + authentication (normally empty)
+
Raises:
+
+
+
+
+ +
+ +
+ + +
+

auth_publickey(self, + username, + key, + event=None) +

+ 		source code  +
+ +

Authenticate to the server using a private key. The key is used to + sign data from the server, so it must include the private part.

+

If an event is passed in, this method will return + immediately, and the event will be triggered once authentication succeeds + or fails. On success, is_authenticated will return True. On + failure, you may use get_exception to get more detailed error + information.

+

Since 1.1, if no event is passed, this method will block until the + authentication succeeds or fails. On failure, an exception is raised. + Otherwise, the method simply returns.

+

If the server requires multi-step authentication (which is very rare), + this method will return a list of auth types permissible for the next + step. Otherwise, in the normal case, an empty list is returned.

+
+
Parameters:
+
    +
  • username (string) - the username to authenticate as
    • +
  • key (PKey) - the private key to authenticate with
    • +
  • event (threading.Event) - an event to trigger when the authentication attempt is complete + (whether it was successful or not)
    • +
+
Returns: list
+
list of auth types permissible for the next stage of + authentication (normally empty)
+
Raises:
+
+
+
+
+ +
+ +
+ + +
+

cancel_port_forward(self, + address, + port) +

+ 		source code  +
+ +

Ask the server to cancel a previous port-forwarding request. No more + connections to the given address & port will be forwarded across this + ssh connection.

+
+
Parameters:
+
    +
  • address (str) - the address to stop forwarding
    • +
  • port (int) - the port to stop forwarding
    • +
+
+
+
+ +
+ +
+ + +
+

connect(self, + hostkey=None, + username='', + password=None, + pkey=None) +

+ 		source code  +
+ +

Negotiate an SSH2 session, and optionally verify the server's host key + and authenticate using a password or private key. This is a shortcut for + start_client, get_remote_server_key, and Transport.auth_password or Transport.auth_publickey. Use those methods if you want + more control.

+

You can use this method immediately after creating a Transport to + negotiate encryption with a server. If it fails, an exception will be + thrown. On success, the method will return cleanly, and an encrypted + session exists. You may immediately call open_channel or open_session to get a Channel object, which + is used for data transfer.

+
+
Parameters:
+
    +
  • hostkey (PKey) - the host key expected from the server, or None if + you don't want to do host key verification.
    • +
  • username (str) - the username to authenticate as.
    • +
  • password (str) - a password to use for authentication, if you want to use password + authentication; otherwise None.
    • +
  • pkey (PKey) - a private key to use for authentication, if you want to use + private key authentication; otherwise None.
    • +
+
Raises:
+
    +
  • SSHException - if the SSH2 negotiation fails, the host key supplied by the server + is incorrect, or authentication fails.
    • +
+
+

Note: + If you fail to supply a password or private key, this method may + succeed, but a subsequent open_channel or open_session call may fail because you haven't + authenticated yet. +

+
+
+ +
+ +
+ + +
+

get_exception(self) +

+ 		source code  +
+ +

Return any exception that happened during the last server request. + This can be used to fetch more specific error information after using + calls like start_client. The exception (if any) is cleared after + this call.

+
+
Returns: Exception
+
an exception, or None if there is no stored + exception.
+
+

Since: + 1.1 +

+
+
+ +
+ +
+ + +
+

get_hexdump(self) +

+ 		source code  +
+ +

Return True if the transport is currently logging hex + dumps of protocol traffic.

+
+
Returns: bool
+
True if hex dumps are being logged
+
+

Since: + 1.4 +

+
+
+ +
+ +
+ + +
+

get_log_channel(self) +

+ 		source code  +
+ +

Return the channel name used for this transport's logging.

+
+
Returns: str
+
channel name.
+
+

Since: + 1.2 +

+
+
+ +
+ +
+ + +
+

get_remote_server_key(self) +

+ 		source code  +
+ +

Return the host key of the server (in client mode).

+
+
Returns: PKey
+
public key of the remote server
+
Raises:
+
+
+

Note: + Previously this call returned a tuple of (key type, key string). + You can get the same effect by calling PKey.get_name for the key type, and + str(key) for the key string. +

+
+
+ +
+ +
+ + +
+

get_security_options(self) +

+ 		source code  +
+ +

Return a SecurityOptions object which can be used to tweak the + encryption algorithms this transport will permit, and the order of + preference for them.

+
+
Returns: SecurityOptions
+
an object that can be used to change the preferred algorithms for + encryption, digest (hash), public key, and key exchange.
+
+
+
+ +
+ +
+ + +
+

get_server_key(self) +

+ 		source code  +
+ +

Return the active host key, in server mode. After negotiating with + the client, this method will return the negotiated host key. If only one + type of host key was set with add_server_key, that's the only key that will ever be + returned. But in cases where you have set more than one type of host key + (for example, an RSA key and a DSS key), the key type will be negotiated + by the client, and this method will return the key of the type agreed on. + If the host key has not been negotiated yet, None is + returned. In client mode, the behavior is undefined.

+
+
Returns: PKey
+
host key of the type negotiated by the client, or + None.
+
+
+
+ +
+ +
+ + +
+

get_username(self) +

+ 		source code  +
+ +

Return the username this connection is authenticated for. If the + session is not authenticated (or authentication failed), this method + returns None.

+
+
Returns: string
+
username that was authenticated, or None.
+
+
+
+ +
+ +
+ + +
+

getpeername(self) +

+ 		source code  +
+ +

Return the address of the remote side of this Transport, if possible. + This is effectively a wrapper around 'getpeername' on the + underlying socket. If the socket-like object has no + 'getpeername' method, then ("unknown", + 0) is returned.

+
+
Returns: tuple(str, int)
+
the address if the remote host, if known
+
+
+
+ +
+ +
+ + +
+

global_request(self, + kind, + data=None, + wait=True) +

+ 		source code  +
+ +

Make a global request to the remote host. These are normally + extensions to the SSH2 protocol.

+
+
Parameters:
+
    +
  • kind (str) - name of the request.
    • +
  • data (tuple) - an optional tuple containing additional data to attach to the + request.
    • +
  • wait (bool) - True if this method should not return until a + response is received; False otherwise.
    • +
+
Returns: Message
+
a Message + containing possible additional data if the request was successful + (or an empty Message if wait was + False); None if the request was denied.
+
+
+
+ +
+ +
+ + +
+

is_active(self) +

+ 		source code  +
+ +

Return true if this session is active (open).

+
+
Returns: bool
+
True if the session is still active (open); False if the session + is closed
+
+
+
+ +
+ +
+ + +
+

is_authenticated(self) +

+ 		source code  +
+ +

Return true if this session is active and authenticated.

+
+
Returns: bool
+
True if the session is still open and has been authenticated + successfully; False if authentication failed and/or the session + is closed.
+
+
+
+ +
+ +
+ + +
+

load_server_moduli(filename=None) +
Static Method +

+ 		source code  +
+ +

(optional) Load a file of prime moduli for use in doing + group-exchange key negotiation in server mode. It's a rather obscure + option and can be safely ignored.

+

In server mode, the remote client may request + "group-exchange" key negotiation, which asks the server to send + a random prime number that fits certain criteria. These primes are + pretty difficult to compute, so they can't be generated on demand. But + many systems contain a file of suitable primes (usually named something + like /etc/ssh/moduli). If you call + load_server_moduli and it returns True, then + this file of primes has been loaded and we will support + "group-exchange" in server mode. Otherwise server mode will + just claim that it doesn't support that method of key negotiation.

+
+
Parameters:
+
    +
  • filename (str) - optional path to the moduli file, if you happen to know that it's + not in a standard location.
    • +
+
Returns: bool
+
True if a moduli file was successfully loaded; False otherwise.
+
+

Note: + This has no effect when used in client mode. +

+
+
+ +
+ +
+ + +
+

open_channel(self, + kind, + dest_addr=None, + src_addr=None) +

+ 		source code  +
+ +

Request a new channel to the server. Channels are + socket-like objects used for the actual transfer of data across the + session. You may only request a channel after negotiating encryption + (using connect or start_client) and authenticating.

+
+
Parameters:
+
    +
  • kind (str) - the kind of channel requested (usually + "session", + "forwarded-tcpip", + "direct-tcpip", or + "x11")
    • +
  • dest_addr ((str, int)) - the destination address of this port forwarding, if + kind is "forwarded-tcpip" or + "direct-tcpip" (ignored for other channel + types)
    • +
  • src_addr ((str, int)) - the source address of this port forwarding, if kind + is "forwarded-tcpip", + "direct-tcpip", or + "x11"
    • +
+
Returns: Channel
+
a new Channel on success
+
Raises:
+
    +
  • SSHException - if the request is rejected or the session ends prematurely
    • +
+
+
+
+ +
+ +
+ + +
+

open_forwarded_tcpip_channel(self, + (src_addr, src_port), + (dest_addr, dest_port)) +

+ 		source code  +
+ +

Request a new channel back to the client, of type + "forwarded-tcpip". This is used after a client has + requested port forwarding, for sending incoming connections back to the + client.

+
+
Parameters:
+
    +
  • src_addr - originator's address
    • +
  • src_port - originator's port
    • +
  • dest_addr - local (server) connected address
    • +
  • dest_port - local (server) connected port
    • +
+
+
+
+ +
+ +
+ + +
+

open_session(self) +

+ 		source code  +
+ +

Request a new channel to the server, of type + "session". This is just an alias for + open_channel('session').

+
+
Returns: Channel
+
a new Channel
+
Raises:
+
    +
  • SSHException - if the request is rejected or the session ends prematurely
    • +
+
+
+
+ +
+ +
+ + +
+

open_sftp_client(self) +

+ 		source code  +
+ +

Create an SFTP client channel from an open transport. On success, an + SFTP session will be opened with the remote host, and a new SFTPClient + object will be returned.

+
+
Returns: SFTPClient
+
a new SFTPClient object, referring to an sftp session + (channel) across this transport
+
+
+
+ +
+ +
+ + +
+

open_x11_channel(self, + src_addr=None) +

+ 		source code  +
+ +

Request a new channel to the client, of type + "x11". This is just an alias for + open_channel('x11', src_addr=src_addr).

+
+
Parameters:
+
    +
  • src_addr ((str, int)) - the source address of the x11 server (port is the x11 port, ie. + 6010)
    • +
+
Returns: Channel
+
a new Channel
+
Raises:
+
    +
  • SSHException - if the request is rejected or the session ends prematurely
    • +
+
+
+
+ +
+ +
+ + +
+

renegotiate_keys(self) +

+ 		source code  +
+ +

Force this session to switch to new keys. Normally this is done + automatically after the session hits a certain number of packets or bytes + sent or received, but this method gives you the option of forcing new + keys whenever you want. Negotiating new keys causes a pause in traffic + both ways as the two sides swap keys and do computations. This method + returns when the session has switched to new keys.

+
+
Raises:
+
    +
  • SSHException - if the key renegotiation failed (which causes the session to end)
    • +
+
+
+
+ +
+ +
+ + +
+

request_port_forward(self, + address, + port, + handler=None) +

+ 		source code  +
+ +

Ask the server to forward TCP connections from a listening port on the + server, across this SSH session.

+

If a handler is given, that handler is called from a different thread + whenever a forwarded connection arrives. The handler parameters are:

+
+   handler(channel, (origin_addr, origin_port), (server_addr, server_port))
+
+

where server_addr and server_port are the + address and port that the server was listening on.

+

If no handler is set, the default behavior is to send new incoming + forwarded connections into the accept queue, to be picked up via accept.

+
+
Parameters:
+
    +
  • address (str) - the address to bind when forwarding
    • +
  • port (int) - the port to forward, or 0 to ask the server to allocate any port
    • +
  • handler (function(Channel, (str, int), (str, int))) - optional handler for incoming forwarded connections
    • +
+
Returns: int
+
the port # allocated by the server
+
Raises:
+
    +
  • SSHException - if the server refused the TCP forward request
    • +
+
+
+
+ +
+ +
+ + +
+

run(self) +

+ 		source code  +
+ + +
+
Overrides: + threading.Thread.run +
+
+
+
+ +
+ +
+ + +
+

send_ignore(self, + bytes=None) +

+ 		source code  +
+ +

Send a junk packet across the encrypted link. This is sometimes used + to add "noise" to a connection to confuse would-be attackers. + It can also be used as a keep-alive for long lived connections traversing + firewalls.

+
+
Parameters:
+
    +
  • bytes (int) - the number of random bytes to send in the payload of the ignored + packet -- defaults to a random number from 10 to 41.
    • +
+
+
+
+ +
+ +
+ + +
+

set_hexdump(self, + hexdump) +

+ 		source code  +
+ +

Turn on/off logging a hex dump of protocol traffic at DEBUG level in + the logs. Normally you would want this off (which is the default), but + if you are debugging something, it may be useful.

+
+
Parameters:
+
    +
  • hexdump (bool) - True to log protocol traffix (in hex) to the log; + False otherwise.
    • +
+
+
+
+ +
+ +
+ + +
+

set_keepalive(self, + interval) +

+ 		source code  +
+ +

Turn on/off keepalive packets (default is off). If this is set, after + interval seconds without sending any data over the + connection, a "keepalive" packet will be sent (and ignored by + the remote host). This can be useful to keep connections alive over a + NAT, for example.

+
+
Parameters:
+
    +
  • interval (int) - seconds to wait before sending a keepalive packet (or 0 to + disable keepalives).
    • +
+
+
+
+ +
+ +
+ + +
+

set_log_channel(self, + name) +

+ 		source code  +
+ +

Set the channel for this transport's logging. The default is + "paramiko.transport" but it can be set to anything + you want. (See the logging module for more info.) SSH + Channels will log to a sub-channel of the one specified.

+
+
Parameters:
+
    +
  • name (str) - new channel name for logging
    • +
+
+

Since: + 1.1 +

+
+
+ +
+ +
+ + +
+

set_subsystem_handler(self, + name, + handler, + *larg, + **kwarg) +

+ 		source code  +
+ +

Set the handler class for a subsystem in server mode. If a request + for this subsystem is made on an open ssh channel later, this handler + will be constructed and called -- see SubsystemHandler for more detailed documentation.

+

Any extra parameters (including keyword arguments) are saved and + passed to the SubsystemHandler constructor later.

+
+
Parameters:
+
    +
  • name (str) - name of the subsystem.
    • +
  • handler (class) - subclass of SubsystemHandler that handles this subsystem.
    • +
+
+
+
+ +
+ +
+ + +
+

start_client(self, + event=None) +

+ 		source code  +
+ +

Negotiate a new SSH2 session as a client. This is the first step + after creating a new Transport. A separate thread is created for protocol + negotiation.

+

If an event is passed in, this method returns immediately. When + negotiation is done (successful or not), the given Event + will be triggered. On failure, is_active + will return False.

+

(Since 1.4) If event is None, this method + will not return until negotation is done. On success, the method returns + normally. Otherwise an SSHException is raised.

+

After a successful negotiation, you will usually want to authenticate, + calling auth_password or auth_publickey.

+
+
Parameters:
+
    +
  • event (threading.Event) - an event to trigger when negotiation is complete (optional)
    • +
+
Raises:
+
    +
  • SSHException - if negotiation fails (and no event was passed in)
    • +
+
+
Notes: +
    +
  • + connect is a simpler method for connecting as a + client. +
    • +
  • + After calling this method (or start_server or connect), you should no longer directly read from + or write to the original socket object. +
    • +
+
+
+ +
+ +
+ + +
+

start_server(self, + event=None, + server=None) +

+ 		source code  +
+ +

Negotiate a new SSH2 session as a server. This is the first step + after creating a new Transport and setting up your server host key(s). A + separate thread is created for protocol negotiation.

+

If an event is passed in, this method returns immediately. When + negotiation is done (successful or not), the given Event + will be triggered. On failure, is_active + will return False.

+

(Since 1.4) If event is None, this method + will not return until negotation is done. On success, the method returns + normally. Otherwise an SSHException is raised.

+

After a successful negotiation, the client will need to authenticate. + Override the methods get_allowed_auths, check_auth_none, check_auth_password, and check_auth_publickey in the given server + object to control the authentication process.

+

After a successful authentication, the client should request to open a + channel. Override check_channel_request in the given server + object to allow channels to be opened.

+
+
Parameters:
+
    +
  • event (threading.Event) - an event to trigger when negotiation is complete.
    • +
  • server (server.ServerInterface) - an object used to perform authentication and create Channels.
    • +
+
Raises:
+
    +
  • SSHException - if negotiation fails (and no event was passed in)
    • +
+
+

Note: + After calling this method (or start_client or connect), you should no longer directly read from + or write to the original socket object. +

+
+
+ +
+ +
+ + +
+

use_compression(self, + compress=True) +

+ 		source code  +
+ +

Turn on/off compression. This will only have an affect before + starting the transport (ie before calling connect, + etc). By default, compression is off since it negatively affects + interactive sessions.

+
+
Parameters:
+
    +
  • compress (bool) - True to ask the remote client/server to compress + traffic; False to refuse compression
    • +
+
+

Since: + 1.5.2 +

+
+
+
+ + + + + + + + + + + + + + + + + +
   Home      Trees      Indices      Help   
+ + + + + +
+ Generated by Epydoc 3.0.1 on Sun Jul 6 18:30:30 2008 + + http://epydoc.sourceforge.net +
+ + + + -- cgit v1.2.3