SSHDaemon Class

Properties   Methods   Events   Configuration Settings   Errors  

The SSHDaemon class is used to create Secure Shell (SSH) servers. The class handles multiple simultaneous connections on the same TCP/IP port (service port). It is designed to balance the load between connections for a fast, powerful server.

Class Name

IPWorksSSH_SSHDaemon

Procedural Interface

 ipworksssh_sshdaemon_open();
 ipworksssh_sshdaemon_close($res);
 ipworksssh_sshdaemon_register_callback($res, $id, $function);
 ipworksssh_sshdaemon_get_last_error($res);
 ipworksssh_sshdaemon_get_last_error_code($res);
 ipworksssh_sshdaemon_set($res, $id, $index, $value);
 ipworksssh_sshdaemon_get($res, $id, $index);
 ipworksssh_sshdaemon_do_closechannel($res, $channelid);
 ipworksssh_sshdaemon_do_config($res, $configurationstring);
 ipworksssh_sshdaemon_do_disconnect($res, $connectionid);
 ipworksssh_sshdaemon_do_doevents($res);
 ipworksssh_sshdaemon_do_exchangekeys($res, $connectionid);
 ipworksssh_sshdaemon_do_getsshparam($res, $payload, $field);
 ipworksssh_sshdaemon_do_getsshparambytes($res, $payload, $field);
 ipworksssh_sshdaemon_do_openchannel($res, $connectionid, $channeltype);
 ipworksssh_sshdaemon_do_reset($res);
 ipworksssh_sshdaemon_do_sendchanneldata($res, $channelid, $data);
 ipworksssh_sshdaemon_do_sendsshpacket($res, $channelid, $packettype, $payload);
 ipworksssh_sshdaemon_do_setsshparam($res, $payload, $fieldtype, $fieldvalue);
 ipworksssh_sshdaemon_do_shutdown($res);

Remarks

The SSHDaemon class is the SSH-enabled equivalent of the IPWorks IPDaemon class, extended by a set of new properties and events that deal with SSH security. The SSHCompressionAlgorithms and SSHEncryptionAlgorithms properties determine which protocols are enabled for the SSH handshake. The SSHCert* properties are used to select a certificate for the server (please note that a valid certificate MUST be selected before the server can function). The SSHUserAuthRequest event will allow you to use authenticate clients using digital certificates or passwords. Finally, the SSHStatus event provides information about the SSH handshake and underlying protocol notifications.

By default, each instance of SSHDaemon can handle up to 1000 simultaneous incoming connections (this number may be increased up to 100,000, or decreased to a lower value by using the MaxConnections configuration setting).

SSH connections are identified by a ConnectionId. Events relating to these connections as a whole will use the ConnectionId to identify the specific connection. Connections may also contained one or more multiplexed channels, which are identified by a ChannelId. Channel-level events will specify the ChannelId to which they relate.

SSHDaemon can start to listen on a port by setting the Listening property to True. When a remote host asks for a connection, the ConnectionRequest event is fired. At that point, the connection can either be accepted or rejected. If the connection is accepted, a ConnectionId is assigned, and communication can start. From this point on, the operation is very similar to SSHClient. Data can be sent to an individual SSHChannel using SendChannelData. The address and port of the incoming connection can be found by querying the ClientRemoteHost and ClientRemotePort properties.

Note: Server components are designed to process events as they occur. To ensure events are processed in a timely manner DoEvents should be called in a loop after the server is started.

Property List


The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

SSHChannelCountThe number of records in the arrays.
BytesSentThe number of bytes actually sent after a sending channel data.
ChannelIdAn id generated by the class to identify the current SSH channel.
DataToSendA string of data to be sent to the remote host.
ReadyToSendThis property is True when data can be sent over the SSH Channel.
RecordLengthThe length of received data records.
ServiceThis property holds the channel type that was requested when opening the channel.
ConnectionBacklogThe maximum number of pending connections maintained by the TCP/IP subsystem.
SSHConnectionCountThe number of records in the SSHConnection arrays.
SSHConnectionConnectedUsed to disconnect individual connections and/or show their status.
SSHConnectionLocalAddressThis property shows the IP address of the interface through which the connection is passing.
SSHConnectionRemoteHostThe RemoteHost shows the IP address of the remote host through which the connection is coming.
SSHConnectionRemotePortThe RemotePort shows the TCP port on the remote host through which the connection is coming.
SSHConnectionTimeoutA timeout for the class.
DefaultAuthMethodsSpecifies the supported authentication methods.
DefaultTimeoutAn initial timeout value to be used by incoming connections.
KeyboardInteractiveMessageThe instructions to send to the client during keyboard-interactive authentication.
KeyboardInteractivePromptCountThe number of records in the KeyboardInteractivePrompt arrays.
KeyboardInteractivePromptEchoSpecifies if the client should echo the value entered by the user or not.
KeyboardInteractivePromptPromptThe prompt label/text the client should present to the user.
ListeningIf True, the class accepts incoming connections on LocalPort.
LocalHostThe name of the local host or user-assigned IP interface through which connections are initiated or accepted.
LocalPortThe TCP port in the local host where the class listens.
SSHCertEncodedThe certificate (PEM/base64 encoded).
SSHCertStoreThe name of the certificate store for the client certificate.
SSHCertStorePasswordIf the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store.
SSHCertStoreTypeThe type of certificate store for this certificate.
SSHCertSubjectThe subject of the certificate used for client authentication.
SSHCompressionAlgorithmsA comma-separated list containing all allowable compression algorithms.
SSHEncryptionAlgorithmsA comma-separated list containing all allowable encryption algorithms.

Method List


The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

CloseChannelCloses a existing SSHChannel .
ConfigSets or retrieves a configuration setting.
DisconnectDisconnect the specified client.
DoEventsProcesses events from the internal message queue.
ExchangeKeysCauses the class to exchange a new set of session keys on the specified connection.
GetSSHParamUsed to read a field from an SSH packet's payload.
GetSSHParamBytesUsed to read a field from an SSH packet's payload.
OpenChannelOpens a new SSHChannel .
ResetReset the class.
SendChannelDataUsed to send regular data over an SSH channel.
SendSSHPacketUsed to send an encoded SSH packet to the server.
SetSSHParamUsed to write a field to the end of a payload.
ShutdownShuts down the server.

Event List


The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

ConnectedFired immediately after a connection completes (or fails).
ConnectionRequestFired when a request for connection comes from a remote host.
DisconnectedFired when a connection is closed.
ErrorInformation about errors during data delivery.
LogFires once for each log message.
SSHChannelClosedFired when a channel is closed.
SSHChannelDataInFired when data is received on an SSH channel.
SSHChannelEOFFired when the remote peer signals the end of the data stream for the channel.
SSHChannelOpenedFired when a channel is successfully opened.
SSHChannelOpenRequestFired when a client attempts to open a new channel.
SSHChannelReadyToSendFired when the class is ready to send data.
SSHChannelRequestFired when the SSHHost sends a channel request to the client.
SSHChannelRequestedFired if the SSHChannelRequest was successful, any further processing for the channel request should be done here.
SSHServiceRequestFired when a client requests a service to be started.
SSHStatusShows the progress of the secure connection.
SSHUserAuthRequestFires when a client attempts to authenticate a connection.

Configuration Settings


The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.

AltSSHCertCountThe number of records in the AltSSHCert configuration settings.
AltSSHCertStore[i]The name of the certificate store.
AltSSHCertStorePassword[i]The password used to open the certificate store.
AltSSHCertStoreType[i]The type of certificate store.
AltSSHCertSubject[i]The alternative certificate subject.
ClientSSHVersionString[ConnectionId]The client's version string.
DefaultIdleTimeoutSpecifies the default idle timeout for inactive clients.
KeyboardInteractivePrompts[ConnectionId]Specifies custom keyboard-interactive prompts for particular connections.
KeyRenegotiationThresholdSets the threshold for the SSH Key Renegotiation.
LogLevelSpecifies the level of detail that is logged.
MaxAuthAttemptsThe maximum authentication attempts allowed before forcing a disconnect.
ServerSSHVersionStringThe SSH version string sent to connecting clients.
SSHKeepAliveCountMaxThe maximum number of keep alive packets to send without a response.
SSHKeepAliveIntervalThe interval between keep alive packets.
SSHKeyExchangeAlgorithmsSpecifies the supported key exchange algorithms.
SSHMacAlgorithmsSpecifies the supported Mac algorithms.
SSHPubKeyAuthSigAlgorithmsSpecifies the allowed signature algorithms used by a client performing public key authentication.
SSHPublicKeyAlgorithmsSpecifies the supported public key algorithms.
SSHVersionPatternThe pattern used to match the remote host's version string.
UserAuthBanner[ConnectionId]A custom user authentication banner.
AllowedClientsA comma-separated list of host names or IP addresses that can access the class.
BindExclusivelyWhether or not the class considers a local port reserved for exclusive use.
ConnectionUIDThe unique connectionId for a connection.
DefaultConnectionTimeoutThe inactivity timeout applied to the SSL handshake.
InBufferSizeThe size in bytes of the incoming queue of the socket.
KeepAliveIntervalThe retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received.
KeepAliveRetryCountThe number of keep-alive packets to be sent before the remotehost is considered disconnected.
KeepAliveTimeThe inactivity time in milliseconds before a TCP keep-alive packet is sent.
MaxConnectionsThe maximum number of connections available.
OutBufferSizeThe size in bytes of the outgoing queue of the socket.
TcpNoDelayWhether or not to delay when sending packets.
UseIOCPWhether to use the completion port I/O model.
UseIPv6Whether to use IPv6.
UseWindowsMessagesWhether to use the WSAAsyncSelect I/O model.
BuildInfoInformation about the product's build.
CodePageThe system code page used for Unicode to Multibyte translations.
LicenseInfoInformation about the current license.
ProcessIdleEventsWhether the class uses its internal event loop to process events when the main thread is idle.
SelectWaitMillisThe length of time in milliseconds the class will wait when DoEvents is called if there are no events to process.
UseInternalSecurityAPITells the class whether or not to use the system security libraries or an internal implementation.

Copyright (c) 2023 /n software inc. - All rights reserved.
IPWorks SSH 2020 PHP Edition - Version 20.0 [Build 8501]