Documentation
¶
Index ¶
- Constants
- Variables
- type AlgorithmSelection
- type ClientImplementation
- type Config
- type Conn
- type Cookie
- type DHParams
- type HandshakeLog
- type KeyExchangeDHGroupInit
- type KeyExchangeDHGroupParameters
- type KeyExchangeDHGroupReply
- type KeyExchangeDHGroupRequest
- type KeyExchangeDHInit
- type KeyExchangeDHInitReply
- type KeyExchangeInit
- type NameList
- type ProtocolAgreement
- type ProtocolVersion
Constants ¶
View Source
const ( KEX_CURVE_25519_SHA256_OPENSSH = "curve25519-sha256@libssh.org" KEX_ECDH_SHA2_NISTP256 = "ecdh-sha2-nistp256" KEX_ECDH_SHA2_NISTP384 = "ecdh-sha2-nistp384" KEX_ECDH_SHA2_NISTP521 = "ecdh-sha2-nistp521" KEX_DH_SHA256 = "diffie-hellman-group-exchange-sha256" KEX_DH_SHA1 = "diffie-hellman-group-exchange-sha1" KEX_DH_GROUP14_SHA1 = "diffie-hellman-group14-sha1" KEX_DH_GROUP1_SHA1 = "diffie-hellman-group1-sha1" )
SSH key exchange types
View Source
const ( HOST_KEY_ECDSA_SHA2_NISTP256_CERT_V01_OPENSSH = "ecdsa-sha2-nistp256-cert-v01@openssh.com" HOST_KEY_ECDSA_SHA2_NISTP384_CERT_V01_OPENSSH = "ecdsa-sha2-nistp384-cert-v01@openssh.com" HOST_KEY_ECDSA_SHA2_NISTP521_CERT_V01_OPENSSH = "ecdsa-sha2-nistp521-cert-v01@openssh.com" HOST_KEY_ECDSA_SHA2_NISTP256 = "ecdsa-sha2-nistp256" HOST_KEY_ECDSA_SHA2_NISTP384 = "ecdsa-sha2-nistp384" HOST_KEY_ECDSA_SHA2_NISTP521 = "ecdsa-sha2-nistp521" HOST_KEY_ED_25519_CERT_V01_OPENSSH = "ssh-ed25519-cert-v01@openssh.com" HOST_KEY_RSA_CERT_V01 = "ssh-rsa-cert-v01@openssh.com" HOST_KEY_DSS_CERT_V01 = "ssh-dss-cert-v01@openssh.com" HOST_KEY_RSA_CERT_V00_OPENSSH = "ssh-rsa-cert-v00@openssh.com" HOST_KEY_DSS_CERT_V00_OPENSSH = "ssh-dss-cert-v00@openssh.com" HOST_KEY_ED_25519 = "ssh-ed25519" HOST_KEY_RSA = "ssh-rsa" HOST_KEY_DSS = "ssh-dss" )
Host key algorithms ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-ed25519,ssh-rsa,ssh-dss
View Source
const ( ENCRYPTION_AES_128_CTR = "aes128-ctr" ENCRYPTION_AES_192_CTR = "aes192-ctr" ENCRYPTION_AES_256_CTR = "aes256-ctr" ENCRPTION_ARCFOUR_256 = "arcfour256" ENCRYPTION_ARCFOUR_128 = "arcfour128" ENCRYPTION_AES_128_GCM_OPENSSH = "aes128-gcm@openssh.com" ENCRYPTION_AES_256_GCM_OPENSSH = "aes256-gcm@openssh.com" ENCRYPTION_CHACHA_20_POLY_1305_OPENSSH = "chacha20-poly1305@openssh.com" ENCRYPTION_AES_128_CBC = "aes128-cbc" ENCRYPTION_3DES_CBC = "3des-cbc" ENCRYPTION_BLOWFISH_CBC = "blowfish-cbc" ENCRYPTION_CAST_128_CBC = "cast128-cbc" ENCRYPTION_AES_192_CBC = "aes192-cbc" ENCRYPTION_AES_256_CBC = "aes256-cbc" ENCRYPTION_ARCFOUR = "arcfour" ENCRYPTION_RIJNDAEL_CBC_LYSATOR = "rijndael-cbc@lysator.liu.se" )
Encryption types
View Source
const ( MAC_HMAC_MD5_ETM_OPENSSH = "hmac-md5-etm@openssh.com" MAC_HMAC_SHA1_ETM_OPENSSH = "hmac-sha1-etm@openssh.com" MAC_UMAC_64_ETM_OPENSSH = "umac-64-etm@openssh.com" MAC_UMAC_128_ETM_OPENSSH = "umac-128-etm@openssh.com" MAC_HMAC_SHA2_256_ETM_OPENSSH = "hmac-sha2-256-etm@openssh.com" MAC_HMAC_SHA2_512_ETM_OPENSSH = "hmac-sha2-512-etm@openssh.com" MAC_HMAC_RIPEMD_160_ETM_OPENSSH = "hmac-ripemd160-etm@openssh.com" MAC_HMAC_SHA1_96_ETM_OPENSSH = "hmac-sha1-96-etm@openssh.com" MAC_HMAC_MD5_96_ETM = "hmac-md5-96-etm@openssh.com" MAC_HMAC_MD5 = "hmac-md5" MAC_HMAC_SHA1 = "hmac-sha1" MAC_UMAC_64_OPENSSH = "umac-64@openssh.com" MAC_UMAC_128_OPENSSH = "umac-128@openssh.com" MAC_HMAC_SHA2_256 = "hmac-sha2-256" MAC_HMAC_SHA2_512 = "hmac-sha2-512" MAC_HMAC_RIPEMD_160 = "hmac-ripemd160" MAC_HMAC_RIPEMD_160_OPENSSH = "hmac-ripemd160@openssh.com" MAC_HMAC_SHA1_96 = "hmac-sha1-96" MAC_HMAC_MD5_96 = "hmac-md5-96" )
MAC types
View Source
const ( COMPRESSION_NONE = "none" COMPRESSION_ZLIB_OPENSSH = "zlib@openssh.com" COMPRESSION_ZLIB = "zlib" )
Compression types
Variables ¶
View Source
var KnownCompressionAlgorithmNames = []string{ COMPRESSION_NONE, COMPRESSION_ZLIB_OPENSSH, COMPRESSION_ZLIB, }
View Source
var KnownEncryptionAlgorithmNames = []string{ ENCRYPTION_AES_128_CTR, ENCRYPTION_AES_192_CTR, ENCRYPTION_AES_256_CTR, ENCRPTION_ARCFOUR_256, ENCRYPTION_ARCFOUR_128, ENCRYPTION_AES_128_GCM_OPENSSH, ENCRYPTION_AES_256_GCM_OPENSSH, ENCRYPTION_CHACHA_20_POLY_1305_OPENSSH, ENCRYPTION_AES_128_CBC, ENCRYPTION_3DES_CBC, ENCRYPTION_BLOWFISH_CBC, ENCRYPTION_CAST_128_CBC, ENCRYPTION_AES_192_CBC, ENCRYPTION_AES_256_CBC, ENCRYPTION_ARCFOUR, ENCRYPTION_RIJNDAEL_CBC_LYSATOR, }
View Source
var KnownHostKeyAlgorithmNames = []string{ HOST_KEY_ECDSA_SHA2_NISTP256_CERT_V01_OPENSSH, HOST_KEY_ECDSA_SHA2_NISTP384_CERT_V01_OPENSSH, HOST_KEY_ECDSA_SHA2_NISTP521_CERT_V01_OPENSSH, HOST_KEY_ECDSA_SHA2_NISTP256, HOST_KEY_ECDSA_SHA2_NISTP384, HOST_KEY_ECDSA_SHA2_NISTP521, HOST_KEY_ED_25519_CERT_V01_OPENSSH, HOST_KEY_RSA_CERT_V01, HOST_KEY_DSS_CERT_V01, HOST_KEY_RSA_CERT_V00_OPENSSH, HOST_KEY_DSS_CERT_V00_OPENSSH, HOST_KEY_ED_25519, HOST_KEY_RSA, HOST_KEY_DSS, }
View Source
var KnownKexAlgorithmNames = []string{ KEX_CURVE_25519_SHA256_OPENSSH, KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2_NISTP521, KEX_DH_SHA256, KEX_DH_SHA1, KEX_DH_GROUP14_SHA1, KEX_DH_GROUP1_SHA1, }
KnownKexAlgorithmNames is an array of all key exchange methods known to this package. All key exchange methods are not necessarily implemented.
View Source
var KnownMACAlgorithmNames = []string{ MAC_HMAC_MD5_ETM_OPENSSH, MAC_HMAC_SHA1_ETM_OPENSSH, MAC_UMAC_64_ETM_OPENSSH, MAC_UMAC_128_ETM_OPENSSH, MAC_HMAC_SHA2_256_ETM_OPENSSH, MAC_HMAC_SHA2_512_ETM_OPENSSH, MAC_HMAC_RIPEMD_160_ETM_OPENSSH, MAC_HMAC_SHA1_96_ETM_OPENSSH, MAC_HMAC_MD5_96_ETM, MAC_HMAC_MD5, MAC_HMAC_SHA1, MAC_UMAC_64_OPENSSH, MAC_UMAC_128_OPENSSH, MAC_HMAC_SHA2_256, MAC_HMAC_SHA2_512, MAC_HMAC_RIPEMD_160, MAC_HMAC_RIPEMD_160_OPENSSH, MAC_HMAC_SHA1_96, MAC_HMAC_MD5_96, }
View Source
var OpenSSH_6_6p1 = ClientImplementation{ // contains filtered or unexported fields }
Functions ¶
This section is empty.
Types ¶
type AlgorithmSelection ¶
type ClientImplementation ¶
type ClientImplementation struct {
// contains filtered or unexported fields
}
func ClientImplementationByName ¶
func ClientImplementationByName(name string) (c *ClientImplementation, ok bool)
func (*ClientImplementation) HostKeyAlgorithms ¶
func (c *ClientImplementation) HostKeyAlgorithms() NameList
func (*ClientImplementation) KexAlgorithms ¶
func (c *ClientImplementation) KexAlgorithms() NameList
type Conn ¶
type Conn struct {
// contains filtered or unexported fields
}
func (*Conn) ClientHandshake ¶
func (*Conn) HandshakeLog ¶
func (c *Conn) HandshakeLog() *HandshakeLog
type Cookie ¶
type Cookie [16]byte
The Cookie type represents the random cookie sent during the server key exchange.
func (*Cookie) MarshalJSON ¶
MarshalJSON encodes a Cookie to JSON as a base64-encoded byte array.
func (*Cookie) UnmarshalJSON ¶
UnmarshalJSON unmarshal a byte-array encoded in base64 to a cookie. The byte array must be either null, empty array, or exactly 16 bytes long.
type DHParams ¶
type DHParams struct {
Prime *big.Int
Generator *big.Int
// contains filtered or unexported fields
}
func (*DHParams) MarshalJSON ¶
func (*DHParams) UnmarshalJSON ¶
type HandshakeLog ¶
type HandshakeLog struct {
ClientProtocol *ProtocolAgreement `json:"client_protocol,omitempty"`
ServerProtocol *ProtocolAgreement `json:"server_protocol,omitempty"`
ClientKexExchangeInit *KeyExchangeInit `json:"client_key_exchange_init,omitempty"`
ServerKeyExchangeInit *KeyExchangeInit `json:"server_key_exchange_init,omitempty"`
Algorithms *AlgorithmSelection `json:"algorithms,omitempty"`
KexDHGroupRequest *KeyExchangeDHGroupRequest `json:"key_exchange_dh_group_request,omitempty"`
KexDHGroupParams *KeyExchangeDHGroupParameters `json:"key_exchange_dh_group_params,omitempty"`
KexDHGroupInit *KeyExchangeDHGroupInit `json:"key_excahnge_dh_group_init,omitempty"`
KexDHGroupReply *KeyExchangeDHGroupReply `json:"key_exchange_dh_group_reply,omitempty"`
DHInit *KeyExchangeDHInit `json:"key_exchange_dh_init,omitempty"`
DHReply *KeyExchangeDHInitReply `json:"key_exchange_dh_reply,omitempty"`
}
HandshakeLog contains detailed information about each step of the SSH handshake, and can be encoded to JSON.
type KeyExchangeDHGroupInit ¶
type KeyExchangeDHGroupInit struct {
KeyExchangeDHInit
}
func (*KeyExchangeDHGroupInit) MsgType ¶
func (gex *KeyExchangeDHGroupInit) MsgType() byte
type KeyExchangeDHGroupParameters ¶
type KeyExchangeDHGroupParameters struct {
Prime mpint `json:"prime"`
Generator mpint `json:"generator"`
}
func (*KeyExchangeDHGroupParameters) Marshal ¶
func (gex *KeyExchangeDHGroupParameters) Marshal() ([]byte, error)
func (*KeyExchangeDHGroupParameters) MsgType ¶
func (gex *KeyExchangeDHGroupParameters) MsgType() byte
func (*KeyExchangeDHGroupParameters) Unmarshal ¶
func (gex *KeyExchangeDHGroupParameters) Unmarshal(raw []byte) (ok bool)
type KeyExchangeDHGroupReply ¶
type KeyExchangeDHGroupReply struct {
KeyExchangeDHInitReply
}
func (*KeyExchangeDHGroupReply) MsgType ¶
func (gex *KeyExchangeDHGroupReply) MsgType() byte
type KeyExchangeDHGroupRequest ¶
type KeyExchangeDHGroupRequest struct {
Min uint32 `json:"min"`
Preferred uint32 `json:"preferred"`
Max uint32 `json:"max"`
}
byte SSH_MSG_KEY_DH_GEX_REQUEST uint32 min, minimal size in bits of an acceptable group uint32 n, preferred size in bits of the group the server will send uint32 max, maximal size in bits of an acceptable group
func (*KeyExchangeDHGroupRequest) Marshal ¶
func (gex *KeyExchangeDHGroupRequest) Marshal() ([]byte, error)
func (*KeyExchangeDHGroupRequest) MsgType ¶
func (gex *KeyExchangeDHGroupRequest) MsgType() byte
func (*KeyExchangeDHGroupRequest) Unmarshal ¶
func (gex *KeyExchangeDHGroupRequest) Unmarshal([]byte) bool
type KeyExchangeDHInit ¶
type KeyExchangeDHInit struct {
E mpint
// contains filtered or unexported fields
}
KeyExchangeDHInit represent the SSH_MSG_KEXDH_INIT message for transferring Diffie-Hellman public values. E = G^X mod P, where G is the generator and P is the prime. E is the public DHE value. See RFC 4253 Section 8.
func (*KeyExchangeDHInit) Marshal ¶
func (dhi *KeyExchangeDHInit) Marshal() ([]byte, error)
Marshal encodes a KeyExchangeDHInit message payload
func (*KeyExchangeDHInit) MsgType ¶
func (dhi *KeyExchangeDHInit) MsgType() byte
MsgType returns the SSH_MSG_KEXDH_INIT message type
func (*KeyExchangeDHInit) Unmarshal ¶
func (dhi *KeyExchangeDHInit) Unmarshal(raw []byte) bool
type KeyExchangeDHInitReply ¶
type KeyExchangeDHInitReply struct {
K_S []byte `json:"k_s"`
F mpint `json:"f"`
Signature []byte `json:"signature"`
// contains filtered or unexported fields
}
func (*KeyExchangeDHInitReply) Marshal ¶
func (dhr *KeyExchangeDHInitReply) Marshal() ([]byte, error)
func (*KeyExchangeDHInitReply) MsgType ¶
func (dhr *KeyExchangeDHInitReply) MsgType() byte
func (*KeyExchangeDHInitReply) Unmarshal ¶
func (dhr *KeyExchangeDHInitReply) Unmarshal(raw []byte) bool
type KeyExchangeInit ¶
type KeyExchangeInit struct {
Cookie Cookie `json:"cookie"`
KexAlgorithms NameList `json:"key_exchange_algorithms"`
HostKeyAlgorithms NameList `json:"host_key_algorithms"`
EncryptionClientToServer NameList `json:"encryption_client_to_server"`
EncryptionServerToClient NameList `json:"encryption_server_to_client"`
MACClientToServer NameList `json:"mac_client_to_server"`
MACServerToClient NameList `json:"mac_server_to_client"`
CompressionClientToServer NameList `json:"compression_client_to_server"`
CompressionServerToClient NameList `json:"compression_server_to_client"`
LanguageClientToServer NameList `json:"language_client_to_server"`
LanguageServerToClient NameList `json:"language_server_to_client"`
FirstKexPacketFollows bool `json:"first_kex_packet_follows"`
Zero uint32 `json:"zero"`
// contains filtered or unexported fields
}
func GenerateKeyExchangeInit ¶
func GenerateKeyExchangeInit(c *Config) (*KeyExchangeInit, error)
GenerateKeyExchangeInit generates a KeyExchangeInit message sutiable for transmission over the wire based on the configuration passed.
func (*KeyExchangeInit) Marshal ¶
func (kxi *KeyExchangeInit) Marshal() ([]byte, error)
func (*KeyExchangeInit) MsgType ¶
func (kxi *KeyExchangeInit) MsgType() byte
func (*KeyExchangeInit) Unmarshal ¶
func (kxi *KeyExchangeInit) Unmarshal(raw []byte) bool
Unmarshal a byte array into a KeyExchangeInit struct. The byte array should be the entire KeyExchangeInit message payload starting after the SSH_MSG_KEXINIT byte.
type NameList ¶
type NameList []string
NameList represents the name-list structure described in RFC 4251. See https://tools.ietf.org/html/rfc4251 for details.
func (*NameList) MarshaledLength ¶
type ProtocolAgreement ¶
type ProtocolAgreement struct {
RawBanner string `json:"raw_banner,omitempty"`
ProtocolVersion string `json:"protocol_version,omitempty"`
SoftwareVersion string `json:"software_version,omitempty"`
Comments string `json:"comments,omitempty"`
}
ProtocolAgreement represents the client and server protocol banners
RFC specifies the format for the banner as specified in RFC 4523 Section 4.2
SSH-protoversion-softwareversion SP comments CR LF
The server MAY send other lines of data before sending the version. The lines are terminated by CR LF, and SHOULD be encoded as UTF-8
See http://tools.ietf.org/html/rfc4253 for details
func MakeZGrabProtocolAgreement ¶
func MakeZGrabProtocolAgreement() *ProtocolAgreement
MakeZGrabProtocolAgreement returns the default client ProtocolAgreement message for ZGrab.
This sets protocol version to "2.0", software version to "ZGrab", and comments to "ZGrab SSH Survey"
func (*ProtocolAgreement) Marshal ¶
func (h *ProtocolAgreement) Marshal() []byte
Marshal returns a byte array suitable for a call to write
func (*ProtocolAgreement) ParseRawBanner ¶
func (h *ProtocolAgreement) ParseRawBanner()
ParseRawBanner populates a ProtocolAgreement struct based on the contents of the RawBanner field.
type ProtocolVersion ¶
type ProtocolVersion string
Source Files
Click to show internal directories.
Click to hide internal directories.