[Twisted-Python] Limiting cipher options for SSH/SFTP
I need to limit the ciphers offered for an ssh/sftp connection. class ESFTPServerForUnixConchUser(SFTPServerForUnixConchUser): """Main local proxy class for file transfer access. Many methods are overriden to support file encryption and encrypted file name mappings. """ def __init__(self, avatar): """Initialize class with avatar representing user information""" SFTPServerForUnixConchUser.__init__(self, avatar) I'm unclear as to how to restrict which ciphers to use at this level. --Ray -- Ray Cote, President Appropriate Solutions, Inc. We Build Software www.AppropriateSolutions.com 603.924.6079
Hi I have not used it myself but this seems what you're looking for: http://twistedmatrix.com/documents/13.0.0/api/twisted.conch.ssh.transport.SS... I guess you need to subclass SSHTransport and give it the list of ciphers you want. -- Nacim. 2013/10/29 Ray Cote <rgacote@appropriatesolutions.com>
I need to limit the ciphers offered for an ssh/sftp connection.
class ESFTPServerForUnixConchUser(SFTPServerForUnixConchUser): """Main local proxy class for file transfer access.
Many methods are overriden to support file encryption and encrypted file name mappings. """
def __init__(self, avatar): """Initialize class with avatar representing user information""" SFTPServerForUnixConchUser.__init__(self, avatar)
I'm unclear as to how to restrict which ciphers to use at this level. --Ray
-- Ray Cote, President Appropriate Solutions, Inc. We Build Software www.AppropriateSolutions.com 603.924.6079
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
Hi Ray! This seems like a clear failure of the documentation. Please file a ticket so that it can be alleviated at some point :) cheers lvh
Thanks Nacim: I had found the supported ciphers. However, I'm unclear as to how to present a subclassed SSHTransport to the SFTPServer. (And, once I understand how I will issue a documentation bug with details...) --Ray ----- Original Message -----
From: "Flint" <grindizer@gmail.com> To: "Ray Cote" <rgacote@appropriatesolutions.com>, "Twisted general discussion" <twisted-python@twistedmatrix.com> Sent: Wednesday, October 30, 2013 5:39:44 AM Subject: Re: [Twisted-Python] Limiting cipher options for SSH/SFTP
Hi
I have not used it myself but this seems what you're looking for: http://twistedmatrix.com/documents/13.0.0/api/twisted.conch.ssh.transport.SS...
I guess you need to subclass SSHTransport and give it the list of ciphers you want.
--
Nacim.
2013/10/29 Ray Cote < rgacote@appropriatesolutions.com >
I need to limit the ciphers offered for an ssh/sftp connection.
class ESFTPServerForUnixConchUser(SFTPServerForUnixConchUser):
"""Main local proxy class for file transfer access.
Many methods are overriden to support file encryption and
encrypted file name mappings.
"""
def __init__(self, avatar):
"""Initialize class with avatar representing user information"""
SFTPServerForUnixConchUser.__init__(self, avatar)
I'm unclear as to how to restrict which ciphers to use at this level.
--Ray
--
Ray Cote, President Appropriate Solutions, Inc.
We Build Software
www.AppropriateSolutions.com 603.924.6079
_______________________________________________
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
-- Ray Cote, President Appropriate Solutions, Inc. We Build Software www.AppropriateSolutions.com 603.924.6079
participants (3)
-
Flint
-
Laurens Van Houtven
-
Ray Cote