The opening of SSH channels from the server and the client side is possible
using the server_channel
and
client_channel
hashes. These hashes are indexed by the
channel type (e.g.: session
). The available channel types
are listed in the following table.
Name | Value |
---|---|
session | Channels for terminal shells, remote execution requests (e.g.: scp), and SFTP. |
direct-tcpip | Channels for client-to-server forwarded connections. |
forwarded-tcpip | Channels for server-to-client forwarded connections. |
auth-agent | Channels for forwarding authentication agents. |
auth-agent@openssh.com | Channels for forwarding authentication agents, as implemented in OpenSSH. |
x11 | Channels for forwarding graphical interfaces. |
Table 4.71. The list of available channel types.
The possible actions are described in the following table. See also Section 2.1, Policies for requests and responses.
Action | Description |
---|---|
SSH_CHAN_ACCEPT | Accept the request without any modification. |
SSH_CHAN_REJECT | Reject the channel opening request. |
SSH_CHAN_POLICY | Call the function specified to make a decision about the channel opening request. |
SSH_CHAN_ABORT | Reject the channel opening request and terminate the connection. |
Table 4.72. Action codes for SSH channel open requests.
Example 4.45. Enabling and disabling SSH channels |
---|
The following proxy class accepts only terminal session (shell) connections, and rejects all other channel types. class ShellonlySshProxy(SshProxy): def config(self): SshProxy.config(self) self.client_channel["session"] = (SSH_CHAN_ACCEPT) self.client_channel["session-shell"] = (SSH_CHAN_ACCEPT) self.client_channel["*"] = (SSH_CHAN_REJECT) |
Published on June 04, 2020
© 2007-2019 BalaSys
Send your comments to support@balasys.hu