class SshSession : public Ssh
This class encapsulates a secure shell (version 2) client session. It is responsible for establishing, authenticating, and managing a cryptographically secured shell session on an SSH2 compliant server. SshSession class is derived from Ssh base class, and has pick semantics.
SshSession& Timeout(int ms)
Sets timeout value in miliseconds. Setting the timeout value to Null puts the SshSession object into blocking mode. Returns *this for method chaining. Note that ssh subsystems and channels inherit their default timeout values from their session.
SshSession& Compression(bool b = true)
Enables or disables Z compression for data transfers. Returns *this for method chaining. Compression is disabled by default. This method affects the whole session. Therefore it must be invoked either before any connection attempt or within the WhenConfig event. Compression schemes can be specified via the transport method settings.
SshSession& NoCompression()
Disables Z compression. Same as Compression(false). Returns *this for method chaining. Compression is disabled by default. This method affects the whole session. Therefore it must be invoked either before any connection attempt or within the WhenConfig event.
SshSession& Keys(const String& prikey, const String& pubkey, const String& phrase, bool fromfile = true)
Sets the asymmetric encryption keys to be used to authenticate the session. phrase can be used to decipher the private key, or it can be empty (not recommended). Returns *this for method chaining. Note that when the fromfile parameter is true, prikey and pubkey strings will be treated as file paths to the respective key files. This is the default behaviour. Otherwise they will be treated as memory buffers containing the actual keys.
SshSession& Method(int type, Value method)
Sets the preferred transport method for the method type. Transport method parameter may contain a single method, or a list of methods, with the most preferred method listed as first and the least preferred as last. Returns *this for method chaining.
SshSession& Methods(ValueMap methods)
Sets transport methods. Methods list should contain key-value pairs, where keys represent possible method types, and values represent a single or multiple transport method(s), with the most preferred listed as first and the least preferred as last. Returns *this for method chaining.
SshSession& PasswordAuth()
Sets the authentication method to basic password authentication. Returns *this for method chaining.
SshSession& PublicKeyAuth()
Sets the authentication method to public key authentication. Returns *this for method chaining.
SshSession& HostBasedAuth()
Sets the authentication method to host based authentication. Returns *this for method chaining.
SshSession& KeyboardAuth()
Sets the authentication method to keyboard-interactive (challenge/response) authentication. Returns *this for method chaining.
SshSession& AgentAuth()
Enables using an ssh-agent for authentication. Returns this for method chaining. This method requires public and private keys to be present.
LIBSSH2_SESSION* GetHandle()
Returns a pointer to the libssh2 session handle on success, NULL on failure.
String GetBanner() const
Returns the server's banner if available.
String GetMD5Fingerprint() const
String GetSHA1Fingerprint() const
String GetSHA256Fingerprint() const
These methods return the computed digest of the server's hostkey on success, or.Null on failure Note that The fingerprint consists of raw binary bytes, not hex digits, so it is not directly printable.
TcpSocket& GetSocket()
Returns a reference to the session socket.
ValueMap GetMethods() const
Returns a list of supported transport methods on success, and an empty list on failure. Supported method types are represented by "keys", and available methods, which can be a single string or a list of strings, are represented by "values". Note that all values are in lowercase letters.
Vector<String> GetAuthMethods()
Returns a list of supported user authentication methods. Returns an empty vector on failure. The following four authentication methods are currently supported: "password", "publickey", "hostbased", "keyboard-interactive", and "none". The "none" method allows logging in without an authentication scheme. It is rarely used by the servers, and handled automatically by the session.
SFtp CreateSFtp()
Creates an sftp channel instance.
SshChannel CreateChannel()
Creates a generic channel instance.
SshExec CreateExec()
Creates an exec channel instance.
Scp CreateScp()
Creates an scp channel instance.
SshTunnel CreateTunnel()
Creates a tcp-ip and port forwarding channel instance.
SshShell CreateShell()
Creates a remote shell channel instance.
bool Connect(const String& url)
Connects to a SSH2 server specified by the url. Returns true on success.
Syntax of the URL is as follows: [ssh|scp|sftp|exec]://[user:password@]host[:port].
bool Connect(const String& host, int port, const String& user, const String& password)
Connects to a SSH2 server specified at host and port. Returns true on success.
void Disconnect()
Disconnects from the SSH2 server.
Event<> WhenConfig
This event is emitted at the beginning of the protocol handshake phase to allow user to query or set the transport methods.
Event<> WhenAuth
This event is emitted at the beginning of the session authentication phase to allow user to query or set the authentication method(s)
Function<String(void)> WhenPasswordChange
If this function is defined, it will be invoked when a password change request is issued by the server. Client should return the new password. Returning an empty string is also allowed.
Event<int> WhenPhase
This event is invoked at certain phases of connection process, and is meant to be informational. Possible values of its parameter are: PHASE_DNS, PHASE_CONNECTION, PHASE_HANDSHAKE, PHASE_AUTHORIZATION, PHASE_SUCCESS
Gate<String, int> WhenVerify
This gate is invoked after a successful protocol handshake to allow user to verify the host against a list of known (trusted) hosts. Passes the target hostname and port number as its parameters. Returning false halts the connection process.
Gate<> WhenProxy
If this gate is defined it will be invoked right before the initial socket connection. It is meant to allow utilizing third party -"plug-in" network proxy adapters on-demand. Returning false halts the connection process.
Event<SshX11Handle> WhenX11
POSIX only. Requires a running X server.
This event will forward the X11 connections to the SshShell instances that accept X11 requests. See SshShell.
Function<String(String, String, String)> WhenKeyboard
This callback is required by the keyboard-interactive (challenge/response) authentication method. The host will issue one or more challenges and require a response for each challenge. Therefore this callback, responsible for obtaining user responses, may be invoked more than once, and has 3 additional parameters (as strings): title, instructions, and prompt. Title and instructions may be empty strings. Returned responses will be evaluated by the host. Returning an empty string will halt the connection attempt.
SshSession()
Default constructor.
~SshSession()
Default destructor. Automatically closes the session.
Below is a list of transport method types (keys) and methods (values) supported by SSH package.
Key Exchange
|
Key
|
Value(s)
|
SshSession::METHOD_EXCHANGE
|
diffie-hellman-group1-sha1
|
diffie-hellman-group14-sha1
|
diffie-hellman-group14-sha256
|
diffie-hellman-group16-sha512
|
diffie-hellman-group18-sha512
|
diffie-hellman-group-exchange-sha1
|
diffie-hellman-group-exchange-sha256
|
ecdh-sha2-nistp256
|
ecdh-sha2-nistp384
|
ecdh-sha2-nistp521
|
curve25519-sha256@libssh.org
|
curve25519-sha256
|
HostKey
|
Key
|
Value(s)
|
SshSession::METHOD_HOSTKEY
|
ssh-dss
|
ssh-rsa
|
ecdsa-sha2-nistp256
|
ecdsa-sha2-nistp384
|
ecdsa-sha2-nistp521
|
ssh-ed25519
|
Cipher (Client and/or Server)
|
Key
|
Value(s)
|
SshSession::METHOD_CENCRYPTION
SshSession::METHOD_SENCRYPTION
|
aes256-ctr
|
aes192-ctr
|
aes192-ctr
|
aes256-cbc (rijndael-cbc@lysator.liu.se)
|
aes192-cbc
|
aes128-cbc
|
3des-cbc
|
3des-cbc
|
cast128-cbc
|
arcfour
|
arcfour128
|
none
|
MAC Hashing (Client and/or Server)
|
Key
|
Value(s)
|
SshSession::METHOD_CMAC
SshSession::METHOD_SMAC
|
hmac-sha2-256
|
hmac-sha2-512
|
hmac-sha1
|
hmac-sha1-96
|
hmac-md5
|
hmac-md5-96
|
hmac-ripemd160 (hmac-ripemd160@openssh.com)
|
none
|
Compression (Client and/or Server)
|
Key
|
Value(s)
|
SshSession::METHOD_SCOMPRESSION
SshSession::METHOD_CCOMPRESSION
|
zlib@openssh.com
|
zlib
|
none
|
Language (Client and/or Server)
|
Key
|
Value(s)
|
SshSession::METHOD_CLANGUAGE
SshSession::METHOD_SLANGUAGE
|
See RFC-4646 for details.
|
|
|