How to use asyncssh - 10 common examples
To help you get started, we’ve selected a few asyncssh examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
ronf / asyncssh / tests / test_channel.py View on Github 
try:
await chan.accept(SSHUNIXStreamSession, b'\xff')
except asyncssh.ChannelOpenError:
stdout.channel.exit(1)
elif action == 'late_auth_banner':
try:
self._conn.send_auth_banner('auth banner')
except OSError:
stdin.channel.exit(1)
elif action == 'invalid_open_confirm':
stdin.channel.send_packet(MSG_CHANNEL_OPEN_CONFIRMATION,
UInt32(0), UInt32(0), UInt32(0))
elif action == 'invalid_open_failure':
stdin.channel.send_packet(MSG_CHANNEL_OPEN_FAILURE,
UInt32(0), String(''), String(''))
elif action == 'env':
value = stdin.channel.get_environment().get('TEST', '')
stdout.write(value + '\n')
elif action == 'term':
chan = stdin.channel
info = str((chan.get_terminal_type(), chan.get_terminal_size(),
chan.get_terminal_mode(asyncssh.PTY_OP_OSPEED)))
stdout.write(info + '\n')
elif action == 'xon_xoff':
stdin.channel.set_xon_xoff(True)
elif action == 'no_xon_xoff':
stdin.channel.set_xon_xoff(False)
elif action == 'signals':
try:
await stdin.readline()
except asyncssh.BreakReceived as exc:def test_ec_explicit(self):
"""Test EC certificate with explcit parameters"""
if _openssl_available: # pragma: no branch
for curve in ('secp256r1', 'secp384r1', 'secp521r1'):
with self.subTest('Import EC key with explicit parameters',
curve=curve):
run('openssl ecparam -out priv -noout -genkey -name %s '
'-param_enc explicit' % curve)
asyncssh.read_private_key('priv')async def test_dh_errors(self):
"""Unit test error conditions in DH key exchange"""
client_conn, server_conn = \
_KexClientStub.make_pair(b'diffie-hellman-group14-sha1')
host_key = server_conn.get_server_host_key()
with self.subTest('Init sent to client'):
with self.assertRaises(asyncssh.ProtocolError):
client_conn.process_packet(Byte(MSG_KEXDH_INIT))
with self.subTest('Reply sent to server'):
with self.assertRaises(asyncssh.ProtocolError):
server_conn.process_packet(Byte(MSG_KEXDH_REPLY))
with self.subTest('Invalid e value'):
with self.assertRaises(asyncssh.ProtocolError):
server_conn.simulate_dh_init(0)
with self.subTest('Invalid f value'):
with self.assertRaises(asyncssh.ProtocolError):
client_conn.start()
client_conn.simulate_dh_reply(host_key.public_data, 0, b'')
with self.subTest('Invalid signature'):
with self.assertRaises(asyncssh.KeyExchangeFailed):def simulate_dh_gex_init(self, e):
"""Simulate receiving a DH GEX init packet"""
self.process_packet(Byte(MSG_KEX_DH_GEX_INIT) + MPInt(e))async def test_dh_errors(self):
"""Unit test error conditions in DH key exchange"""
client_conn, server_conn = \
_KexClientStub.make_pair(b'diffie-hellman-group14-sha1')
host_key = server_conn.get_server_host_key()
with self.subTest('Init sent to client'):
with self.assertRaises(asyncssh.ProtocolError):
client_conn.process_packet(Byte(MSG_KEXDH_INIT))
with self.subTest('Reply sent to server'):
with self.assertRaises(asyncssh.ProtocolError):
server_conn.process_packet(Byte(MSG_KEXDH_REPLY))
with self.subTest('Invalid e value'):
with self.assertRaises(asyncssh.ProtocolError):
server_conn.simulate_dh_init(0)
with self.subTest('Invalid f value'):
with self.assertRaises(asyncssh.ProtocolError):
client_conn.start()
client_conn.simulate_dh_reply(host_key.public_data, 0, b'')
with self.subTest('Invalid signature'):
with self.assertRaises(asyncssh.KeyExchangeFailed):
client_conn.start()
client_conn.simulate_dh_reply(host_key.public_data, 1, b'')
client_conn.close()self.assertTrue(self.pubkey.verify(data, sig))
badsig = bytearray(sig)
badsig[-1] ^= 0xff
badsig = bytes(badsig)
with self.subTest('Bad signature'):
self.assertFalse(self.pubkey.verify(data, badsig))
with self.subTest('Missing signature'):
self.assertFalse(self.pubkey.verify(
data, String(self.pubkey.algorithm)))
with self.subTest('Empty signature'):
self.assertFalse(self.pubkey.verify(
data, String(self.pubkey.algorithm) + String(b'')))
with self.subTest('Sign with bad algorithm'):
with self.assertRaises(ValueError):
self.privkey.sign(data, 'xxx')
with self.subTest('Verify with bad algorithm'):
self.assertFalse(self.pubkey.verify(
data, String('xxx') + String('')))
with self.subTest('Sign with public key'):
with self.assertRaises(ValueError):
self.pubkey.sign(data, self.pubkey.algorithm)with self.subTest('Certificate principal mismatch'):
cert = self.privca.generate_x509_user_certificate(
self.pubkey, 'OU=user', 'OU=root', principals=['name'])
with self.assertRaises(ValueError):
self.validate_x509(cert, 'name2')
for fmt in ('rfc4716', 'xxx'):
with self.subTest('Invalid certificate export format', fmt=fmt):
with self.assertRaises(asyncssh.KeyExportError):
self.userx509.export_certificate(fmt)
with self.subTest('Empty certificate chain'):
with self.assertRaises(asyncssh.KeyImportError):
decode_ssh_certificate(String('x509v3-ssh-rsa') +
UInt32(0) + UInt32(0))valid_before=0xffffffffffffffff, options=None,
extensions=None, bad_signature=False):
"""Construct an SSH certificate"""
keydata = key.encode_ssh_public()
principals = b''.join((String(p) for p in principals))
options = _encode_options(options) if options else b''
extensions = _encode_options(extensions) if extensions else b''
signing_keydata = b''.join((String(signing_key.algorithm),
signing_key.encode_ssh_public()))
data = b''.join((String(cert_version), String(os.urandom(32)), keydata,
UInt64(0), UInt32(cert_type), String(key_id),
String(principals), UInt64(valid_after),
UInt64(valid_before), String(options),
String(extensions), String(''), String(signing_keydata)))
if bad_signature:
data += String('')
else:
data += String(signing_key.sign(data, signing_key.algorithm))
return b''.join((cert_version.encode('ascii'), b' ',
binascii.b2a_base64(data)))async def test_forced_exec(self):
"""Test execution of a forced remote command"""
ckey = asyncssh.read_private_key('ckey')
cert = make_certificate('ssh-rsa-cert-v01@openssh.com',
CERT_TYPE_USER, ckey, ckey, ['ckey'],
options={'force-command': String('echo')})
async with self.connect(username='ckey',
client_keys=[(ckey, cert)]) as conn:
await self._check_session(conn)with self.assertRaises(asyncssh.KeyImportError):
asyncssh.import_certificate('\u0080\n')
with self.subTest('Invalid SSH format'):
with self.assertRaises(asyncssh.KeyImportError):
asyncssh.import_certificate('xxx\n')
with self.subTest('Invalid certificate packetization'):
with self.assertRaises(asyncssh.KeyImportError):
asyncssh.import_certificate(
b'xxx ' + binascii.b2a_base64(b'\x00'))
with self.subTest('Invalid certificate algorithm'):
with self.assertRaises(asyncssh.KeyImportError):
asyncssh.import_certificate(
b'xxx ' + binascii.b2a_base64(String(b'xxx')))
with self.subTest('Invalid certificate critical option'):
with self.assertRaises(asyncssh.KeyImportError):
cert = self.make_certificate(cert_type, self.pubkey,
self.privca, ('name',),
options={b'xxx': b''})
asyncssh.import_certificate(cert)
with self.subTest('Ignored certificate extension'):
cert = self.make_certificate(cert_type, self.pubkey,
self.privca, ('name',),
extensions={b'xxx': b''})
self.assertIsNotNone(asyncssh.import_certificate(cert))
with self.subTest('Invalid certificate signature'):
with self.assertRaises(asyncssh.KeyImportError):asyncssh
AsyncSSH: Asynchronous SSHv2 client and server library
Package Health Score
83 / 100Popular asyncssh functions
- asyncssh.asn1.ASN1DecodeError
- asyncssh.asn1.BitString
- asyncssh.asn1.der_encode
- asyncssh.asn1.ObjectIdentifier
- asyncssh.connect
- asyncssh.create_server
- asyncssh.Error
- asyncssh.generate_private_key
- asyncssh.load_keypairs
- asyncssh.misc.ProtocolError
- asyncssh.packet.Byte
- asyncssh.packet.MPInt
- asyncssh.packet.SSHPacket
- asyncssh.packet.String
- asyncssh.packet.UInt32
- asyncssh.pbe.KeyEncryptionError
- asyncssh.public_key.KeyExportError
- asyncssh.public_key.KeyImportError
- asyncssh.read_private_key
- asyncssh.sftp.SFTPError