SSHTunnel Class

Properties   Methods   Events   Config Settings   Errors  

The SSHTunnel class can be used to tunnel data through a Secure Shell (SSH) server to a remote location.

Syntax

class ipworksssh.SSHTunnel

Remarks

The SSHTunnel class implements a daemon that accepts connections and tunnels the data from those connections over a Secure Shell (SSH) connection to a remote location.

First, set ssh_host to the server you wish to use to tunnel the data. ssh_user, ssh_password, and the ssh_cert* properties can be used to authenticate the tunneling connection.

Second, set ssh_forward_host to the hostname or IP address of the destination machine, and ssh_forward_port to the port to which you wish to send data. Finally, call start_listening. The class will listen for connections on the interface identified by local_host and local_port.

When a client attempts to connect to the class, the class will fire a on_connection_request event that can be used to accept or reject the connection. If the connection is accepted, the class will attempt to logon to the ssh_host and will tell the server to connect remotely to another machine. Once this process is complete, the tunnel will be established and data can be securely transmitted from end to end.

Example. Connecting Between Networks:

A client that exists in Network A wishes to connect to a resource that exists in Network B. Both networks are secured by a firewall, making it difficult to freely connect to resources within the other network. Network B, however, contains an SSH server that supports tunneling. An SSHTunnel class set up with Network A can be used to access any resource in Network B.

The ssh_host and ssh_port properties must be set to the hostname and port exposed by Network B's firewall. ssh_forward_host and ssh_forward_port are then set to the value of the resource within Network B to which the client in Network A wishes to connect. Any client in Network A can then connect to the SSHTunnel instance's local_host and local_port.

As clients within Network A connect to the SSHTunnel, the class will forward the connections, secured by SSH, through the network firewalls to the SSH server in Network B. The SSH server will then connect to the resource within Network B and forward all data received from the SSHTunnel instance to that resource. All data received from the resource will then be forwarded to the original client in Network A.

Dynamic Forwarding

Dynamic forwarding is a feature provided by SSH that leverages the SOCKS protocol. With dynamic forwarding, the SSHTunnel component acts as a SOCKS proxy, and all relevant traffic is relayed through the SSH connection to the destination defined by the client that made the request. The SSHTunnel component supports dynamic forwarding automatically when ssh_forward_host and ssh_forward_port are not specified (the forwarding host is determined dynamically).

The client making requests through SSHTunnel must be configured to use a SOCKS proxy, in which case the proxy port is the same as the local_port property. In IPWorks components, a SOCKS proxy can be enabled as follows:

// Enable the SOCKS proxy for IPWorks' HTTP component http.Firewall.FirewallType = nsoftware.IPWorks.FirewallTypes.fwSOCKS5; http.Firewall.Port = 1234; //The port set in the SSHTunnel LocalPort property http.Firewall.Host = "localhost"; //The hostname or IP address where SSHTunnel is listening

Note: SSHTunnel can support either dynamic forwarding (ssh_forward_host and ssh_forward_port are not set) or standard forwarding (ssh_forward_host and ssh_forward_port are set). It cannot support both modes at the same time. As a result, it is expected that clients connecting to the SSHTunnel component are configured in a way that matches the configuration of the SSHTunnel component (dynamic or standard forwarding). For example, if SSHTunnel has the ssh_forward_host and ssh_forward_port properties set, then the client must not treat SSHTunnel as a SOCKS proxy. If the SSHTunnel does not have the aforementioned properties set, then the client must treat SSHTunnel as a SOCKS proxy.

Note: Server components are designed to process events as they occur. To ensure that events are processed in a timely manner, do_events should be called in a loop after the server is started.

Property List

The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

Method List

The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

Event List

The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

Config Settings

The following is a list of config settings for the class with short descriptions. Click on the links for further details.

connected Property

Whether the class is connected.

Syntax

def get_connected() -> bool: ...

connected = property(get_connected, None)

Default Value

FALSE

Remarks

This property is used to determine whether or not the class is connected to the remote host. Use the connect and disconnect methods to manage the connection.

This property is read-only.

connection_backlog Property

This property includes the maximum number of pending connections maintained by the Transmission Control Protocol (TCP)/IP subsystem.

Syntax

def get_connection_backlog() -> int: ...
def set_connection_backlog(value: int) -> None: ...

connection_backlog = property(get_connection_backlog, set_connection_backlog)

Default Value

5

Remarks

This property contains the maximum number of pending connections maintained by the TCP/IP subsystem. This value reflects the SOMAXCONN option for the main listening socket. The default value for most systems is 5. You may set this property to a larger value if the server is expected to receive a large number of connections, and queuing them is desirable.

client_count Property

The number of records in the Client arrays.

Syntax

def get_client_count() -> int: ...

client_count = property(get_client_count, None)

Default Value

0

Remarks

This property controls the size of the following arrays:

• client_accept_data
• client_bytes_sent
• client_connected
• client_connection_id
• client_eol
• client_idle_timeout
• client_local_address
• client_ready_to_send
• client_record_length
• client_remote_host
• client_remote_port
• client_single_line_mode
• client_timeout
• client_user_data

The array indices start at 0 and end at client_count - 1.

This property is read-only.

client_accept_data Property

This property indicates whether data reception is currently enabled.

Syntax

def get_client_accept_data(client_id: int) -> bool: ...

Default Value

TRUE

Remarks

This property indicates whether data reception is currently enabled. When False, data reception is disabled and the on_data_in event will not fire for the connection. Use the pause_data and process_data methods to pause and resume data reception.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

This property is read-only.

client_bytes_sent Property

This property shows how many bytes were sent after calling Send or SendBytes .

Syntax

def get_client_bytes_sent(client_id: int) -> int: ...

Default Value

0

Remarks

This property shows how many bytes were sent after calling send or send_bytes. Please see send or send_bytes for more information.

Note: This property will always return 0 when the class is operating in the synchronous mode (i.e., the client_timeout property is set to a positive value).

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

This property is read-only.

client_connected Property

This property indicates the status of individual connections.

Syntax

def get_client_connected(client_id: int) -> bool: ...

Default Value

FALSE

Remarks

This property indicates the status of individual connections.

When True, the connection is established. Use the disconnect method to disconnect an existing connection.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

This property is read-only.

client_connection_id Property

This property contains an identifier generated by the class to identify each connection.

Syntax

def get_client_connection_id(client_id: int) -> int: ...

Default Value

0

Remarks

This property contains an identifier generated by the class to identify each connection. This identifier is unique to this connection.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

This property is read-only.

client_eol Property

The EOL property is used to define boundaries in the input stream using the value of the property.

Syntax

def get_client_eol(client_id: int) -> bytes: ...
def set_client_eol(client_id: int, value: bytes) -> None: ...

Default Value

""

Remarks

The client_eol property is used to define boundaries in the input stream using the value of the property.

The client_eol property is especially useful with ASCII files. By setting it to CRLF ("\r\n") , the incoming ASCII text stream can be split into lines. In this case, one event is fired for each line received (as well as in packet boundaries). The CRLF ("\r\n") . bytes are discarded.

The client_eol property is a binary string. This means that it can be more than one byte long, and it can contain NULL bytes.

When reading the value of the property, if ConnectionId does not belong to a valid connection, then NULL will be returned, and the last_error property will contain a corresponding error message. If no error is encountered, then last_error will contain NULL.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

client_idle_timeout Property

This property contains the idle timeout for this connection.

Syntax

def get_client_idle_timeout(client_id: int) -> int: ...
def set_client_idle_timeout(client_id: int, value: int) -> None: ...

Default Value

0

Remarks

This property contains the idle timeout for this connection. This property is similar to default_idle_timeout but may be set on a per-connection basis to override default_idle_timeout. This property specifies the idle timeout (in seconds) for the connected client. When set to a positive value, the class will disconnect idle clients after the specified timeout.

This applies only to clients that have not sent to received data within the specified number of seconds.

If set to 0 (default), no idle timeout is applied.

Note: do_events must be called for the class to check existing connections.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

client_local_address Property

This property shows the IP address of the interface through which the connection is passing.

Syntax

def get_client_local_address(client_id: int) -> str: ...

Default Value

""

Remarks

This property shows the IP address of the interface through which the connection is passing.

client_local_address is important for multihomed hosts so that it can be used to find the particular network interface through which an individual connection is going.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

This property is read-only.

client_ready_to_send Property

This property indicates whether the class is ready to send data.

Syntax

def get_client_ready_to_send(client_id: int) -> bool: ...

Default Value

FALSE

Remarks

This property indicates whether the class is ready to send data.

This is True after a client connects but will become False after a failed call to send or send_bytes. After a failed call to send or send_bytes, the on_ready_to_send event will fire and this property will be True when data can be sent again.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

This property is read-only.

client_record_length Property

This property holds the current record length set by ChangeRecordLength .

Syntax

def get_client_record_length(client_id: int) -> int: ...

Default Value

0

Remarks

This property holds the current record length set by change_record_length. When this value is a positive number, the class will accumulate data until client_record_length is reached and only then will fire the on_data_in event with the data of length client_record_length. This allows data to be received as records of known length. This value can be changed at any time by calling change_record_length, including within the on_data_in event.

A value of 0 (default) means this setting is not used.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

This property is read-only.

client_remote_host Property

This property shows the IP address of the remote host through which the connection is coming.

Syntax

def get_client_remote_host(client_id: int) -> str: ...

Default Value

""

Remarks

This property shows the IP address of the remote host through which the connection is coming.

The connection must be valid or an error will be fired.

If the class is configured to use a SOCKS firewall, the value assigned to this property may be preceded with an "*". If this is the case, the host name is passed to the firewall unresolved and the firewall performs the DNS resolution.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

This property is read-only.

client_remote_port Property

This property shows the Transmission Control Protocol (TCP) port on the remote host through which the connection is coming.

Syntax

def get_client_remote_port(client_id: int) -> int: ...

Default Value

0

Remarks

This property shows the Transmission Control Protocol (TCP) port on the remote host through which the connection is coming.

The connection must be valid or an error will be fired.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

This property is read-only.

client_single_line_mode Property

This property shows the special mode for line-oriented protocols.

Syntax

def get_client_single_line_mode(client_id: int) -> bool: ...
def set_client_single_line_mode(client_id: int, value: bool) -> None: ...

Default Value

FALSE

Remarks

This property shows the special mode for line-oriented protocols. When single_line_mode is True, the class treats the incoming data stream as lines separated by carriage return (CR), line feed (LF), or CRLF. The eol property is ignored.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

client_timeout Property

This property specifies a timeout for the class.

Syntax

def get_client_timeout(client_id: int) -> int: ...
def set_client_timeout(client_id: int, value: int) -> None: ...

Default Value

0

Remarks

This property specifies a timeout for the class.

If the client_timeout property is set to 0, all operations return immediately, potentially failing with a WOULDBLOCK error if data cannot be sent immediately.

If client_timeout is set to a positive value, data is sent in a blocking manner and the class will wait for the operation to complete before returning control. The class will handle any potential WOULDBLOCK errors internally and automatically retry the operation for a maximum of client_timeout seconds.

The class will use do_events to enter an efficient wait loop during any potential waiting period, making sure that all system events are processed immediately as they arrive. This ensures that the host application does not freeze and remains responsive.

If timeout expires, and the operation is not yet complete, the class fails with an error.

Note: By default, all timeouts are inactivity timeouts, that is, the timeout period is extended by timeout seconds when any amount of data is successfully sent or received.

The default value for the client_timeout property is 0 (asynchronous operation).

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

client_user_data Property

The UserData property holds connection-specific user-specified data.

Syntax

def get_client_user_data(client_id: int) -> bytes: ...
def set_client_user_data(client_id: int, value: bytes) -> None: ...

Default Value

""

Remarks

The client_user_data property holds connection-specific user-specified data.

User-specified data may be set or retrieved at any point while the connection is valid. This provides a simple way to associate arbitrary data with a specific connection.

The client_id parameter specifies the index of the item in the array. The size of the array is controlled by the client_count property.

default_eol Property

This property includes a default end-of-line (EOL) value to be used by incoming connections.

Syntax

def get_default_eol() -> bytes: ...
def set_default_eol(value: bytes) -> None: ...

default_eol = property(get_default_eol, set_default_eol)

Default Value

""

Remarks

This property contains a default end-of-line (EOL) value to be used by incoming connections. Once the class accepts and establishes an inbound connection, it will set that connection's EOL to the value in this property. By default, this value is empty (""), meaning that data will be fired as it is received.

default_single_line_mode Property

This property tells the class whether or not to treat new connections as line oriented.

Syntax

def get_default_single_line_mode() -> bool: ...
def set_default_single_line_mode(value: bool) -> None: ...

default_single_line_mode = property(get_default_single_line_mode, set_default_single_line_mode)

Default Value

FALSE

Remarks

This property instructs the component whether or not to treat newly established connections as line-oriented protocols. If this value is True, newly accepted connections will read the incoming data stream as lines separated by a carriage return line feed (CRLF), carriage return (CR), or line feed (LF) and will ignore the end of lines (EOLs).

default_timeout Property

This property includes an initial timeout value to be used by incoming connections.

Syntax

def get_default_timeout() -> int: ...
def set_default_timeout(value: int) -> None: ...

default_timeout = property(get_default_timeout, set_default_timeout)

Default Value

0

Remarks

This property is used by the class to set the operational timeout value of all inbound connections once they are established.

By default, the timeout is 0, meaning that all inbound connections will behave asynchronously.

firewall_auto_detect Property

Whether to automatically detect and use firewall system settings, if available.

Syntax

def get_firewall_auto_detect() -> bool: ...
def set_firewall_auto_detect(value: bool) -> None: ...

firewall_auto_detect = property(get_firewall_auto_detect, set_firewall_auto_detect)

Default Value

FALSE

Remarks

Whether to automatically detect and use firewall system settings, if available.

firewall_type Property

The type of firewall to connect through.

Syntax

def get_firewall_type() -> int: ...
def set_firewall_type(value: int) -> None: ...

firewall_type = property(get_firewall_type, set_firewall_type)

Default Value

0

Remarks

The type of firewall to connect through. The applicable values are as follows:

firewall_host Property

The name or IP address of the firewall (optional).

Syntax

def get_firewall_host() -> str: ...
def set_firewall_host(value: str) -> None: ...

firewall_host = property(get_firewall_host, set_firewall_host)

Default Value

""

Remarks

The name or IP address of the firewall (optional). If a firewall_host is given, the requested connections will be authenticated through the specified firewall when connecting.

If this property is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, this property is set to the corresponding address. If the search is not successful, the class fails with an error.

firewall_password Property

A password if authentication is to be used when connecting through the firewall.

Syntax

def get_firewall_password() -> str: ...
def set_firewall_password(value: str) -> None: ...

firewall_password = property(get_firewall_password, set_firewall_password)

Default Value

""

Remarks

A password if authentication is to be used when connecting through the firewall. If firewall_host is specified, the firewall_user and firewall_password properties are used to connect and authenticate to the given firewall. If the authentication fails, the class fails with an error.

firewall_port Property

The Transmission Control Protocol (TCP) port for the firewall Host .

Syntax

def get_firewall_port() -> int: ...
def set_firewall_port(value: int) -> None: ...

firewall_port = property(get_firewall_port, set_firewall_port)

Default Value

0

Remarks

The Transmission Control Protocol (TCP) port for the firewall firewall_host. See the description of the firewall_host property for details.

Note: This property is set automatically when firewall_type is set to a valid value. See the description of the firewall_type property for details.

firewall_user Property

A username if authentication is to be used when connecting through a firewall.

Syntax

def get_firewall_user() -> str: ...
def set_firewall_user(value: str) -> None: ...

firewall_user = property(get_firewall_user, set_firewall_user)

Default Value

""

Remarks

A username if authentication is to be used when connecting through a firewall. If firewall_host is specified, this property and the firewall_password property are used to connect and authenticate to the given Firewall. If the authentication fails, the class fails with an error.

keep_alive Property

When True, KEEPALIVE packets are enabled (for long connections).

Syntax

def get_keep_alive() -> bool: ...
def set_keep_alive(value: bool) -> None: ...

keep_alive = property(get_keep_alive, set_keep_alive)

Default Value

FALSE

Remarks

This property enables the SO_KEEPALIVE option on the incoming connections. This option prevents long connections from timing out in case of inactivity.

Note: System Transmission Control Protocol (TCP)/IP stack implementations are not required to support SO_KEEPALIVE.

This property is shared among incoming connections. When the property is set, the corresponding value is set for incoming connections as they are accepted. Existing connections are not modified.

linger Property

When set to True, connections are terminated gracefully.

Syntax

def get_linger() -> bool: ...
def set_linger(value: bool) -> None: ...

linger = property(get_linger, set_linger)

Default Value

TRUE

Remarks

This property controls how a connection is closed. The default is True. In this case, the connection is closed only after all the data are sent. Setting it to False forces an abrupt (hard) disconnection. Any data that were in the sending queue may be lost.

The default behavior (which is also the default mode for stream sockets) might result in an indefinite delay in closing the connection. Although the class returns control immediately, the system might indefinitely hold system resources until all pending data are sent (even after your application closes). This means that valuable system resources might be wasted.

Setting this property to False forces an immediate disconnection. If you know that the other side has received all the data you have sent (e.g., by a client acknowledgment), then setting this property to False might be the appropriate course of action.

This property is shared among incoming connections. When the property is set, the corresponding value is set for incoming connections as they are accepted. Existing connections are not modified.

listening Property

This property indicates whether the class is listening for incoming connections on LocalPort.

Syntax

def get_listening() -> bool: ...

listening = property(get_listening, None)

Default Value

FALSE

Remarks

This property indicates whether the class is listening for connections on the port specified by the local_port property. Use the start_listening and stop_listening methods to control whether the class is listening.

This property is read-only.

local_host Property

The name of the local host or user-assigned IP interface through which connections are initiated or accepted.

Syntax

def get_local_host() -> str: ...
def set_local_host(value: str) -> None: ...

local_host = property(get_local_host, set_local_host)

Default Value

""

Remarks

This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multihomed hosts (machines with more than one IP interface) setting LocalHost to the IP address of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface. It is recommended to provide an IP address rather than a hostname when setting this property to ensure the desired interface is used.

If the class is connected, the local_host property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).

Note: local_host is not persistent. You must always set it in code, and never in the property window.

local_port Property

The TCP port in the local host where the class binds.

Syntax

def get_local_port() -> int: ...
def set_local_port(value: int) -> None: ...

local_port = property(get_local_port, set_local_port)

Default Value

0

Remarks

This property must be set before the class can start listening. If its value is 0, then the TCP/IP subsystem picks a port number at random. The port number can be found by checking the value of this property after the class is listening (i.e., after successfully assigning True to the listening property).

The service port is not shared among servers so two classs cannot be listening on the same port at the same time.

This property must be set before a connection is attempted. It instructs the class to bind to a specific port (or communication endpoint) in the local machine.

Setting this property to 0 (default) enables the system to choose an open port at random. The chosen port will be returned by the local_port property after the connection is established.

local_port cannot be changed once a connection is made. Any attempt to set this property when a connection is active will generate an error.

This property is useful when trying to connect to services that require a trusted port on the client side.

ssh_accept_server_host_key_effective_date Property

The date on which this certificate becomes valid.

Syntax

def get_ssh_accept_server_host_key_effective_date() -> str: ...

ssh_accept_server_host_key_effective_date = property(get_ssh_accept_server_host_key_effective_date, None)

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

ssh_accept_server_host_key_expiration_date Property

The date on which the certificate expires.

Syntax

def get_ssh_accept_server_host_key_expiration_date() -> str: ...

ssh_accept_server_host_key_expiration_date = property(get_ssh_accept_server_host_key_expiration_date, None)

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

ssh_accept_server_host_key_extended_key_usage Property

A comma-delimited list of extended key usage identifiers.

Syntax

def get_ssh_accept_server_host_key_extended_key_usage() -> str: ...

ssh_accept_server_host_key_extended_key_usage = property(get_ssh_accept_server_host_key_extended_key_usage, None)

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

ssh_accept_server_host_key_fingerprint Property

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

def get_ssh_accept_server_host_key_fingerprint() -> str: ...

ssh_accept_server_host_key_fingerprint = property(get_ssh_accept_server_host_key_fingerprint, None)

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

ssh_accept_server_host_key_fingerprint_sha1 Property

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

def get_ssh_accept_server_host_key_fingerprint_sha1() -> str: ...

ssh_accept_server_host_key_fingerprint_sha1 = property(get_ssh_accept_server_host_key_fingerprint_sha1, None)

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

ssh_accept_server_host_key_fingerprint_sha256 Property

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

def get_ssh_accept_server_host_key_fingerprint_sha256() -> str: ...

ssh_accept_server_host_key_fingerprint_sha256 = property(get_ssh_accept_server_host_key_fingerprint_sha256, None)

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

ssh_accept_server_host_key_issuer Property

The issuer of the certificate.

Syntax

def get_ssh_accept_server_host_key_issuer() -> str: ...

ssh_accept_server_host_key_issuer = property(get_ssh_accept_server_host_key_issuer, None)

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

ssh_accept_server_host_key_private_key Property

The private key of the certificate (if available).

Syntax

def get_ssh_accept_server_host_key_private_key() -> str: ...

ssh_accept_server_host_key_private_key = property(get_ssh_accept_server_host_key_private_key, None)

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The ssh_accept_server_host_key_private_key may be available but not exportable. In this case, ssh_accept_server_host_key_private_key returns an empty string.

This property is read-only.

ssh_accept_server_host_key_private_key_available Property

Whether a PrivateKey is available for the selected certificate.

Syntax

def get_ssh_accept_server_host_key_private_key_available() -> bool: ...

ssh_accept_server_host_key_private_key_available = property(get_ssh_accept_server_host_key_private_key_available, None)

Default Value

FALSE

Remarks

Whether a ssh_accept_server_host_key_private_key is available for the selected certificate. If ssh_accept_server_host_key_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

ssh_accept_server_host_key_private_key_container Property

The name of the PrivateKey container for the certificate (if available).

Syntax

def get_ssh_accept_server_host_key_private_key_container() -> str: ...

ssh_accept_server_host_key_private_key_container = property(get_ssh_accept_server_host_key_private_key_container, None)

Default Value

""

Remarks

The name of the ssh_accept_server_host_key_private_key container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

ssh_accept_server_host_key_public_key Property

The public key of the certificate.

Syntax

def get_ssh_accept_server_host_key_public_key() -> str: ...

ssh_accept_server_host_key_public_key = property(get_ssh_accept_server_host_key_public_key, None)

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

ssh_accept_server_host_key_public_key_algorithm Property

The textual description of the certificate's public key algorithm.

Syntax

def get_ssh_accept_server_host_key_public_key_algorithm() -> str: ...

ssh_accept_server_host_key_public_key_algorithm = property(get_ssh_accept_server_host_key_public_key_algorithm, None)

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssh_accept_server_host_key_public_key_length Property

The length of the certificate's public key (in bits).

Syntax

def get_ssh_accept_server_host_key_public_key_length() -> int: ...

ssh_accept_server_host_key_public_key_length = property(get_ssh_accept_server_host_key_public_key_length, None)

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

ssh_accept_server_host_key_serial_number Property

The serial number of the certificate encoded as a string.

Syntax

def get_ssh_accept_server_host_key_serial_number() -> str: ...

ssh_accept_server_host_key_serial_number = property(get_ssh_accept_server_host_key_serial_number, None)

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

ssh_accept_server_host_key_signature_algorithm Property

The text description of the certificate's signature algorithm.

Syntax

def get_ssh_accept_server_host_key_signature_algorithm() -> str: ...

ssh_accept_server_host_key_signature_algorithm = property(get_ssh_accept_server_host_key_signature_algorithm, None)

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssh_accept_server_host_key_store Property

The name of the certificate store for the client certificate.

Syntax

def get_ssh_accept_server_host_key_store() -> bytes: ...
def set_ssh_accept_server_host_key_store(value: bytes) -> None: ...

ssh_accept_server_host_key_store = property(get_ssh_accept_server_host_key_store, set_ssh_accept_server_host_key_store)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The ssh_accept_server_host_key_store_type property denotes the type of the certificate store specified by ssh_accept_server_host_key_store. If the store is password-protected, specify the password in ssh_accept_server_host_key_store_password.

ssh_accept_server_host_key_store is used in conjunction with the ssh_accept_server_host_key_subject property to specify client certificates. If ssh_accept_server_host_key_store has a value, and ssh_accept_server_host_key_subject or ssh_accept_server_host_key_encoded is set, a search for a certificate is initiated. Please see the ssh_accept_server_host_key_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

ssh_accept_server_host_key_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_ssh_accept_server_host_key_store_password() -> str: ...
def set_ssh_accept_server_host_key_store_password(value: str) -> None: ...

ssh_accept_server_host_key_store_password = property(get_ssh_accept_server_host_key_store_password, set_ssh_accept_server_host_key_store_password)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

ssh_accept_server_host_key_store_type Property

The type of certificate store for this certificate.

Syntax

def get_ssh_accept_server_host_key_store_type() -> int: ...
def set_ssh_accept_server_host_key_store_type(value: int) -> None: ...

ssh_accept_server_host_key_store_type = property(get_ssh_accept_server_host_key_store_type, set_ssh_accept_server_host_key_store_type)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

ssh_accept_server_host_key_subject_alt_names Property

Comma-separated lists of alternative subject names for the certificate.

Syntax

def get_ssh_accept_server_host_key_subject_alt_names() -> str: ...

ssh_accept_server_host_key_subject_alt_names = property(get_ssh_accept_server_host_key_subject_alt_names, None)

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

ssh_accept_server_host_key_thumbprint_md5 Property

The MD5 hash of the certificate.

Syntax

def get_ssh_accept_server_host_key_thumbprint_md5() -> str: ...

ssh_accept_server_host_key_thumbprint_md5 = property(get_ssh_accept_server_host_key_thumbprint_md5, None)

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssh_accept_server_host_key_thumbprint_sha1 Property

The SHA-1 hash of the certificate.

Syntax

def get_ssh_accept_server_host_key_thumbprint_sha1() -> str: ...

ssh_accept_server_host_key_thumbprint_sha1 = property(get_ssh_accept_server_host_key_thumbprint_sha1, None)

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssh_accept_server_host_key_thumbprint_sha256 Property

The SHA-256 hash of the certificate.

Syntax

def get_ssh_accept_server_host_key_thumbprint_sha256() -> str: ...

ssh_accept_server_host_key_thumbprint_sha256 = property(get_ssh_accept_server_host_key_thumbprint_sha256, None)

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssh_accept_server_host_key_usage Property

The text description of UsageFlags .

Syntax

def get_ssh_accept_server_host_key_usage() -> str: ...

ssh_accept_server_host_key_usage = property(get_ssh_accept_server_host_key_usage, None)

Default Value

""

Remarks

The text description of ssh_accept_server_host_key_usage_flags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

ssh_accept_server_host_key_usage_flags Property

The flags that show intended use for the certificate.

Syntax

def get_ssh_accept_server_host_key_usage_flags() -> int: ...

ssh_accept_server_host_key_usage_flags = property(get_ssh_accept_server_host_key_usage_flags, None)

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of ssh_accept_server_host_key_usage_flags is a combination of the following flags:

Please see the ssh_accept_server_host_key_usage property for a text representation of ssh_accept_server_host_key_usage_flags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

ssh_accept_server_host_key_version Property

The certificate's version number.

Syntax

def get_ssh_accept_server_host_key_version() -> str: ...

ssh_accept_server_host_key_version = property(get_ssh_accept_server_host_key_version, None)

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

ssh_accept_server_host_key_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_ssh_accept_server_host_key_subject() -> str: ...
def set_ssh_accept_server_host_key_subject(value: str) -> None: ...

ssh_accept_server_host_key_subject = property(get_ssh_accept_server_host_key_subject, set_ssh_accept_server_host_key_subject)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

ssh_accept_server_host_key_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_ssh_accept_server_host_key_encoded() -> bytes: ...
def set_ssh_accept_server_host_key_encoded(value: bytes) -> None: ...

ssh_accept_server_host_key_encoded = property(get_ssh_accept_server_host_key_encoded, set_ssh_accept_server_host_key_encoded)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssh_accept_server_host_key_store and ssh_accept_server_host_key_subject properties also may be used to specify a certificate.

When ssh_accept_server_host_key_encoded is set, a search is initiated in the current ssh_accept_server_host_key_store for the private key of the certificate. If the key is found, ssh_accept_server_host_key_subject is updated to reflect the full subject of the selected certificate; otherwise, ssh_accept_server_host_key_subject is set to an empty string.

ssh_auth_mode Property

The authentication method to be used with the class when calling SSHLogon .

Syntax

def get_ssh_auth_mode() -> int: ...
def set_ssh_auth_mode(value: int) -> None: ...

ssh_auth_mode = property(get_ssh_auth_mode, set_ssh_auth_mode)

Default Value

2

Remarks

The Secure Shell (SSH) Authentication specification (RFC 4252) specifies multiple methods by which a user can be authenticated by an SSH server. When a call is made to ssh_logon, the class will connect to the SSH server and establish the security layer. After the connection has been secured, the client will send an authentication request to the ssh_host containing the ssh_user. The server will respond containing a list of methods by which that user may be authenticated.

The class will attempt to authenticate the user by one of those methods based on the value of ssh_auth_mode and other property values supplied by the user. Currently, the class supports the following authentication methods:

Example 1. User/Password Authentication: Control.SSHAuthMode = SftpSSHAuthModes.amPassword Control.SSHUser = "username" Control.SSHPassword = "password" Control.SSHLogon("server", 22) Example 2. Public Key Authentication: Control.SSHAuthMode = SftpSSHAuthModes.amPublicKey Control.SSHUser = "username" Control.SSHCertStoreType = SSHCertStoreTypes.cstPFXFile; Control.SSHCertStore = "cert.pfx"; Control.SSHCertStorePassword = "certpassword"; Control.SSHCertSubject = "*"; Control.SSHLogon("server", 22)

ssh_cert_effective_date Property

The date on which this certificate becomes valid.

Syntax

def get_ssh_cert_effective_date() -> str: ...

ssh_cert_effective_date = property(get_ssh_cert_effective_date, None)

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

ssh_cert_expiration_date Property

The date on which the certificate expires.

Syntax

def get_ssh_cert_expiration_date() -> str: ...

ssh_cert_expiration_date = property(get_ssh_cert_expiration_date, None)

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

ssh_cert_extended_key_usage Property

A comma-delimited list of extended key usage identifiers.

Syntax

def get_ssh_cert_extended_key_usage() -> str: ...

ssh_cert_extended_key_usage = property(get_ssh_cert_extended_key_usage, None)

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

ssh_cert_fingerprint Property

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

def get_ssh_cert_fingerprint() -> str: ...

ssh_cert_fingerprint = property(get_ssh_cert_fingerprint, None)

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

ssh_cert_fingerprint_sha1 Property

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

def get_ssh_cert_fingerprint_sha1() -> str: ...

ssh_cert_fingerprint_sha1 = property(get_ssh_cert_fingerprint_sha1, None)

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

ssh_cert_fingerprint_sha256 Property

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

def get_ssh_cert_fingerprint_sha256() -> str: ...

ssh_cert_fingerprint_sha256 = property(get_ssh_cert_fingerprint_sha256, None)

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

ssh_cert_issuer Property

The issuer of the certificate.

Syntax

def get_ssh_cert_issuer() -> str: ...

ssh_cert_issuer = property(get_ssh_cert_issuer, None)

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

ssh_cert_private_key Property

The private key of the certificate (if available).

Syntax

def get_ssh_cert_private_key() -> str: ...

ssh_cert_private_key = property(get_ssh_cert_private_key, None)

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The ssh_cert_private_key may be available but not exportable. In this case, ssh_cert_private_key returns an empty string.

This property is read-only.

ssh_cert_private_key_available Property

Whether a PrivateKey is available for the selected certificate.

Syntax

def get_ssh_cert_private_key_available() -> bool: ...

ssh_cert_private_key_available = property(get_ssh_cert_private_key_available, None)

Default Value

FALSE

Remarks

Whether a ssh_cert_private_key is available for the selected certificate. If ssh_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

ssh_cert_private_key_container Property

The name of the PrivateKey container for the certificate (if available).

Syntax

def get_ssh_cert_private_key_container() -> str: ...

ssh_cert_private_key_container = property(get_ssh_cert_private_key_container, None)

Default Value

""

Remarks

The name of the ssh_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

ssh_cert_public_key Property

The public key of the certificate.

Syntax

def get_ssh_cert_public_key() -> str: ...

ssh_cert_public_key = property(get_ssh_cert_public_key, None)

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

ssh_cert_public_key_algorithm Property

The textual description of the certificate's public key algorithm.

Syntax

def get_ssh_cert_public_key_algorithm() -> str: ...

ssh_cert_public_key_algorithm = property(get_ssh_cert_public_key_algorithm, None)

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssh_cert_public_key_length Property

The length of the certificate's public key (in bits).

Syntax

def get_ssh_cert_public_key_length() -> int: ...

ssh_cert_public_key_length = property(get_ssh_cert_public_key_length, None)

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

ssh_cert_serial_number Property

The serial number of the certificate encoded as a string.

Syntax

def get_ssh_cert_serial_number() -> str: ...

ssh_cert_serial_number = property(get_ssh_cert_serial_number, None)

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

ssh_cert_signature_algorithm Property

The text description of the certificate's signature algorithm.

Syntax

def get_ssh_cert_signature_algorithm() -> str: ...

ssh_cert_signature_algorithm = property(get_ssh_cert_signature_algorithm, None)

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssh_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_ssh_cert_store() -> bytes: ...
def set_ssh_cert_store(value: bytes) -> None: ...

ssh_cert_store = property(get_ssh_cert_store, set_ssh_cert_store)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The ssh_cert_store_type property denotes the type of the certificate store specified by ssh_cert_store. If the store is password-protected, specify the password in ssh_cert_store_password.

ssh_cert_store is used in conjunction with the ssh_cert_subject property to specify client certificates. If ssh_cert_store has a value, and ssh_cert_subject or ssh_cert_encoded is set, a search for a certificate is initiated. Please see the ssh_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

ssh_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_ssh_cert_store_password() -> str: ...
def set_ssh_cert_store_password(value: str) -> None: ...

ssh_cert_store_password = property(get_ssh_cert_store_password, set_ssh_cert_store_password)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

ssh_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_ssh_cert_store_type() -> int: ...
def set_ssh_cert_store_type(value: int) -> None: ...

ssh_cert_store_type = property(get_ssh_cert_store_type, set_ssh_cert_store_type)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

ssh_cert_subject_alt_names Property

Comma-separated lists of alternative subject names for the certificate.

Syntax

def get_ssh_cert_subject_alt_names() -> str: ...

ssh_cert_subject_alt_names = property(get_ssh_cert_subject_alt_names, None)

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

ssh_cert_thumbprint_md5 Property

The MD5 hash of the certificate.

Syntax

def get_ssh_cert_thumbprint_md5() -> str: ...

ssh_cert_thumbprint_md5 = property(get_ssh_cert_thumbprint_md5, None)

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssh_cert_thumbprint_sha1 Property

The SHA-1 hash of the certificate.

Syntax

def get_ssh_cert_thumbprint_sha1() -> str: ...

ssh_cert_thumbprint_sha1 = property(get_ssh_cert_thumbprint_sha1, None)

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssh_cert_thumbprint_sha256 Property

The SHA-256 hash of the certificate.

Syntax

def get_ssh_cert_thumbprint_sha256() -> str: ...

ssh_cert_thumbprint_sha256 = property(get_ssh_cert_thumbprint_sha256, None)

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssh_cert_usage Property

The text description of UsageFlags .

Syntax

def get_ssh_cert_usage() -> str: ...

ssh_cert_usage = property(get_ssh_cert_usage, None)

Default Value

""

Remarks

The text description of ssh_cert_usage_flags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

ssh_cert_usage_flags Property

The flags that show intended use for the certificate.

Syntax

def get_ssh_cert_usage_flags() -> int: ...

ssh_cert_usage_flags = property(get_ssh_cert_usage_flags, None)

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of ssh_cert_usage_flags is a combination of the following flags:

Please see the ssh_cert_usage property for a text representation of ssh_cert_usage_flags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

ssh_cert_version Property

The certificate's version number.

Syntax

def get_ssh_cert_version() -> str: ...

ssh_cert_version = property(get_ssh_cert_version, None)

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

ssh_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_ssh_cert_subject() -> str: ...
def set_ssh_cert_subject(value: str) -> None: ...

ssh_cert_subject = property(get_ssh_cert_subject, set_ssh_cert_subject)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

ssh_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_ssh_cert_encoded() -> bytes: ...
def set_ssh_cert_encoded(value: bytes) -> None: ...

ssh_cert_encoded = property(get_ssh_cert_encoded, set_ssh_cert_encoded)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssh_cert_store and ssh_cert_subject properties also may be used to specify a certificate.

When ssh_cert_encoded is set, a search is initiated in the current ssh_cert_store for the private key of the certificate. If the key is found, ssh_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssh_cert_subject is set to an empty string.

ssh_compression_algorithms Property

The comma-separated list containing all allowable compression algorithms.

Syntax

def get_ssh_compression_algorithms() -> str: ...
def set_ssh_compression_algorithms(value: str) -> None: ...

ssh_compression_algorithms = property(get_ssh_compression_algorithms, set_ssh_compression_algorithms)

Default Value

"none,zlib"

Remarks

During the Secure Shell (SSH) handshake, this list will be used to negotiate the compression algorithm to be used between the client and server. This list is used for both directions: client to server and server to client. When negotiating algorithms, each side sends a list of all algorithms it supports or allows. The algorithm chosen for each direction is the first algorithm to appear in the sender's list that the receiver supports. Therefore, it is important to list multiple algorithms in preferential order. If no algorithm can be agreed on, the class will raise an error and the connection will be aborted.

At least one supported algorithm must appear in this list. The following compression algorithms are supported by the class:

• zlib
• zlib@openssh.com
• none

ssh_encryption_algorithms Property

The comma-separated list containing all allowable encryption algorithms.

Syntax

def get_ssh_encryption_algorithms() -> str: ...
def set_ssh_encryption_algorithms(value: str) -> None: ...

ssh_encryption_algorithms = property(get_ssh_encryption_algorithms, set_ssh_encryption_algorithms)

Default Value

"aes256-ctr,aes192-ctr,aes128-ctr,3des-ctr,arcfour256,arcfour128,arcfour,aes256-gcm@openssh.com,aes128-gcm@openssh.com,chacha20-poly1305@openssh.com"

Remarks

During the Secure Shell (SSH) handshake, this list will be used to negotiate the encryption algorithm to be used between the client and server. This list is used for both directions: client to server and server to client. When negotiating algorithms, each side sends a list of all algorithms it supports or allows. The algorithm chosen for each direction is the first algorithm to appear in the sender's list that the receiver supports. Therefore, it is important to list multiple algorithms in preferential order. If no algorithm can be agreed on, the class will raise an error and the connection will be aborted.

At least one supported algorithm must appear in this list. The following encryption algorithms are supported by the class:

ssh_forward_host Property

The address of the remote host. Domain names are resolved to IP addresses.

Syntax

def get_ssh_forward_host() -> str: ...
def set_ssh_forward_host(value: str) -> None: ...

ssh_forward_host = property(get_ssh_forward_host, set_ssh_forward_host)

Default Value

""

Remarks

The ssh_forward_host property specifies the IP address (IP number in dotted internet format) or domain name of the remote host. It is set before a connection is attempted and cannot be changed once a connection is established.

If the ssh_forward_host property is set to a domain name, a DNS request is initiated. Upon successful termination of the request, the ssh_forward_host property is set to the corresponding address. If the search is not successful, an error is returned.

If the class is configured to use a SOCKS firewall, the value assigned to this property may be preceded with an "*". If this is the case, the host name is passed to the firewall unresolved and the firewall performs the DNS resolution.

ssh_forward_port Property

The Transmission Control Protocol (TCP) port in the remote host.

Syntax

def get_ssh_forward_port() -> int: ...
def set_ssh_forward_port(value: int) -> None: ...

ssh_forward_port = property(get_ssh_forward_port, set_ssh_forward_port)

Default Value

0

Remarks

The ssh_forward_port property specifies a service port on the remote host to connect to.

A valid port number (a value between 1 and 65535) is required for the connection to take place. The property must be set before a connection is attempted and cannot be changed once a connection is established. Any attempt to change this property while connected will fail with an error.

ssh_host Property

The address of the Secure Shell (SSH) host.

Syntax

def get_ssh_host() -> str: ...
def set_ssh_host(value: str) -> None: ...

ssh_host = property(get_ssh_host, set_ssh_host)

Default Value

""

Remarks

The ssh_host property specifies the IP address (IP number in dotted internet format) or domain name of the remote host. It is set before a connection is attempted and cannot be changed once a connection is established.

If the ssh_host property is set to a domain name, a DNS request is initiated, and upon successful termination of the request, the ssh_host property is set to the corresponding address. If the search is not successful, an error is returned.

The ssh_host must be the same host that will be assumed for SSH as for the remote service being connected to.

ssh_password Property

The password for Secure Shell (SSH) password-based authentication.

Syntax

def get_ssh_password() -> str: ...
def set_ssh_password(value: str) -> None: ...

ssh_password = property(get_ssh_password, set_ssh_password)

Default Value

""

Remarks

ssh_password specifies the password that is used to authenticate the client to the SSH server.

ssh_port Property

The port on the Secure Shell (SSH) server where the SSH service is running; by default, 22.

Syntax

def get_ssh_port() -> int: ...
def set_ssh_port(value: int) -> None: ...

ssh_port = property(get_ssh_port, set_ssh_port)

Default Value

22

Remarks

The ssh_port specifies a service port on the SSH host to connect to.

A valid port number (a value between 1 and 65535) is required for the connection to take place. The property must be set before a connection is attempted and cannot be changed once a connection is established. Any attempt to change this property while connected will fail with an error.

ssh_user Property

The username for Secure Shell (SSH) authentication.

Syntax

def get_ssh_user() -> str: ...
def set_ssh_user(value: str) -> None: ...

ssh_user = property(get_ssh_user, set_ssh_user)

Default Value

""

Remarks

ssh_user specifies the username that is used to authenticate the client to the SSH server. This property is required.

Example 1. User/Password Authentication: Control.SSHAuthMode = SftpSSHAuthModes.amPassword Control.SSHUser = "username" Control.SSHPassword = "password" Control.SSHLogon("server", 22) Example 2. Public Key Authentication: Control.SSHAuthMode = SftpSSHAuthModes.amPublicKey Control.SSHUser = "username" Control.SSHCertStoreType = SSHCertStoreTypes.cstPFXFile; Control.SSHCertStore = "cert.pfx"; Control.SSHCertStorePassword = "certpassword"; Control.SSHCertSubject = "*"; Control.SSHLogon("server", 22)

config Method

Sets or retrieves a configuration setting.

Syntax

def config(configuration_string: str) -> str: ...

Remarks

config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

connect Method

Connects to the Secure Shell (SSH) host without logging in.

Syntax

def connect() -> None: ...

Remarks

This method establishes a connection with the ssh_host but does not log in. In most cases, it is recommended to use the start_listening method that will both establish a connection and log in to the server.

This method may be useful in cases in which it is desirable to separate the connection and logon operations, for instance, when confirming a host is available by first creating the connection.

decode_packet Method

Decodes a hex-encoded Secure Shell (SSH) packet.

Syntax

def decode_packet(encoded_packet: str) -> bytes: ...

Remarks

This method is used to decode an SSH packet created by encode_packet.

Note: This method is applicable only for reading and creating Secure Shell (SSH) packets for use within the on_ssh_custom_auth event.

disconnect Method

This method disconnects the specified client.

Syntax

def disconnect(connection_id: int) -> None: ...

Remarks

This method immediately disconnects from the server without first logging off.

In most cases, the stop_listening method should be used to log off and disconnect from the server. Call the disconnect method in cases in which it is desirable to immediately disconnect without first logging off.

Calling this method will disconnect the client specified by the ConnectionId parameter.

do_events Method

This method processes events from the internal message queue.

Syntax

def do_events() -> None: ...

Remarks

When do_events is called, the class processes any available events. If no events are available, it waits for a preset period of time, and then returns.

encode_packet Method

Hex encodes a Secure Shell (SSH) packet.

Syntax

def encode_packet(packet: bytes) -> str: ...

Remarks

This method is used to encode a raw SSH packet created by set_ssh_param.

Note: This method is applicable only for reading and creating Secure Shell (SSH) packets for use within the on_ssh_custom_auth event.

get_ssh_param Method

Reads a field from a Secure Shell (SSH) packet's payload.

Syntax

def get_ssh_param(payload: bytes, field: str) -> str: ...

Remarks

This method is used to read the value of a particular field from an SSH packet's payload. Payload should contain the full payload of a packet received by an event such as on_ssh_channel_request. Field is the name of a field to be read out of the packet.

The following is a list of the names of well-known channel request field names and their encodings:

The remaining fields that are available in the payload are dependent on the value of RequestType.

pty-req

Pty-req is a request to open a pseudo terminal on the specified channel. The following fields are available:

x11-req

X11-req is a request to forward x11 sessions over a channel. The following fields are available:

env

Env is a request to set an environment variable to be passed into a shell that may be started later. The following fields are available:

exec

Exec is a request to execute a command on the channel using the authenticated user's shell. The following field is available:

subsystem

Subsystem is a request to start a subsystem on the specified channel. The following field is available:

xon-xoff

Xon-xoff instructs the server to allow or disallow control-S/control-Q style flow control. The following field is available:

signal

Sends a signal to the remote process/service. The following field is available:

If the packet type is not well known, Field should start with the special character "%" and contain a comma-separated list of field types as defined in set_ssh_param. For example, reading out the X11AuthProtocol of an x11-req payload, you can use "%s,f".

Note: The return value is a string encoded the same way as the FieldValue param in set_ssh_param.

Note: This method is applicable only for reading and creating Secure Shell (SSH) packets for use within the on_ssh_custom_auth event.

get_ssh_param_bytes Method

Reads a field from a Secure Shell (SSH) packet's payload.

Syntax

def get_ssh_param_bytes(payload: bytes, field: str) -> bytes: ...

Remarks

This method is the same as calling get_ssh_param, but it returns raw bytes instead of strings.

Note: This method is applicable only for reading and creating Secure Shell (SSH) packets for use within the on_ssh_custom_auth event.

reset Method

This method will reset the class.

Syntax

def reset() -> None: ...

Remarks

This method will reset the class's properties to their default values.

set_ssh_param Method

Writes a field to the end of a payload.

Syntax

def set_ssh_param(payload: bytes, field_type: str, field_value: str) -> bytes: ...

Remarks

This method is used to build the payload portion of a Secure Shell (SSH) packet to be sent later by a call to send_ssh_packet. Payload should contain the result of a previous call to set_ssh_param. FieldType is a string defining the type of field to be written to the packet. FieldValue should be the string representation of the field to be written.

The following is a list of supported field types and a description of how FieldValue should be encoded:

Note: Integer values may be hexadecimal encoded by prefixing "0x" to the beginning of the string; otherwise, the value is assumed to be Base10.

Note: This method is applicable only for reading and creating Secure Shell (SSH) packets for use within the on_ssh_custom_auth event.

shutdown Method

This method shuts down the server.

Syntax

def shutdown() -> None: ...

Remarks

This method shuts down the server. Calling this method is equivalent to calling stop_listening and then breaking every client connection by calling disconnect.

start_listening Method

This method starts listening for incoming connections.

Syntax

def start_listening() -> None: ...

Remarks

This method begins listening for incoming connections on the port specified by local_port. Once listening, events will fire as new clients connect and data are transferred.

To stop listening for new connections, call stop_listening. To stop listening for new connections and to disconnect all existing clients, call shutdown.

stop_listening Method

This method stops listening for new connections.

Syntax

def stop_listening() -> None: ...

Remarks

This method stops listening for new connections. After being called, any new connection attempts will be rejected. Calling this method does not disconnect existing connections.

To stop listening and to disconnect all existing clients, call shutdown instead.

on_connected Event

This event is fired immediately after a connection completes (or fails).

Syntax

class SSHTunnelConnectedEventParams(object):
  @property
  def connection_id() -> int: ...

  @property
  def status_code() -> int: ...

  @property
  def description() -> str: ...

# In class SSHTunnel:
@property
def on_connected() -> Callable[[SSHTunnelConnectedEventParams], None]: ...
@on_connected.setter
def on_connected(event_hook: Callable[[SSHTunnelConnectedEventParams], None]) -> None: ...

Remarks

If the connection is made normally, StatusCode is 0, and Description is "OK".

If the connection fails, StatusCode has the error code returned by the system. Description contains a description of this code. The value of StatusCode is equal to the value of the system error.

Please refer to the Error Codes section for more information.

on_connection_request Event

This event is fired when a request for connection comes from a remote host.

Syntax

class SSHTunnelConnectionRequestEventParams(object):
  @property
  def address() -> str: ...

  @property
  def port() -> int: ...

  @property
  def accept() -> bool: ...
  @accept.setter
  def accept(value) -> None: ...

# In class SSHTunnel:
@property
def on_connection_request() -> Callable[[SSHTunnelConnectionRequestEventParams], None]: ...
@on_connection_request.setter
def on_connection_request(event_hook: Callable[[SSHTunnelConnectionRequestEventParams], None]) -> None: ...

Remarks

This event indicates an incoming connection. The connection is accepted by default. Address and Port will contain information about the remote host requesting the inbound connection. If you want to refuse it, you can set the Accept parameter to False.

on_data_in Event

This event is fired when data come in.

Syntax

class SSHTunnelDataInEventParams(object):
  @property
  def connection_id() -> int: ...

  @property
  def text() -> bytes: ...

  @property
  def eol() -> bool: ...

# In class SSHTunnel:
@property
def on_data_in() -> Callable[[SSHTunnelDataInEventParams], None]: ...
@on_data_in.setter
def on_data_in(event_hook: Callable[[SSHTunnelDataInEventParams], None]) -> None: ...

Remarks

Trapping the on_data_in event is your only chance to get the data coming from the other end of the connection specified by ConnectionId. The incoming data are provided through the Text parameter.

EOL indicates whether or not the eol string was found at the end of Text. If the eol string was found, then EOL is True.

If Text is part of the data portion of length larger than either default_max_line_length or with no eol strings in it, then EOL is False. Please note that this means that one or more on_data_in events with EOL set to False can be received during a connection.

If the eol property is "" (empty string), then EOL can be disregarded (it is always True).

Note: Events are not re-entrant. Performing time-consuming operations within this event will prevent it from firing again in a timely manner and may affect overall performance.

on_disconnected Event

Fired when a connection is closed.

Syntax

class SSHTunnelDisconnectedEventParams(object):
  @property
  def connection_id() -> int: ...

  @property
  def status_code() -> int: ...

  @property
  def description() -> str: ...

# In class SSHTunnel:
@property
def on_disconnected() -> Callable[[SSHTunnelDisconnectedEventParams], None]: ...
@on_disconnected.setter
def on_disconnected(event_hook: Callable[[SSHTunnelDisconnectedEventParams], None]) -> None: ...

Remarks

If the connection is broken normally, StatusCode is 0, and Description is "OK".

If the connection is broken for any other reason, StatusCode has the error code returned by the system. Description contains a description of this code. The value of StatusCode is equal to the value of the system error.

Please refer to the Error Codes section for more information.

Note: When the class is disconnected from the Secure Shell (SSH) server for any reason the ConnectionId parameter will be -1.

on_error Event

Fired when errors occur during data delivery.

Syntax

class SSHTunnelErrorEventParams(object):
  @property
  def connection_id() -> int: ...

  @property
  def error_code() -> int: ...

  @property
  def description() -> str: ...

# In class SSHTunnel:
@property
def on_error() -> Callable[[SSHTunnelErrorEventParams], None]: ...
@on_error.setter
def on_error(event_hook: Callable[[SSHTunnelErrorEventParams], None]) -> None: ...

Remarks

The on_error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.

ConnectionId contains an error code and Description contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

ErrorCode contains an error code and Description contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

on_log Event

Fired once for each log message.

Syntax

class SSHTunnelLogEventParams(object):
  @property
  def log_level() -> int: ...

  @property
  def message() -> str: ...

  @property
  def log_type() -> str: ...

# In class SSHTunnel:
@property
def on_log() -> Callable[[SSHTunnelLogEventParams], None]: ...
@on_log.setter
def on_log(event_hook: Callable[[SSHTunnelLogEventParams], None]) -> None: ...

Remarks

Fired once for each log message generated by the class. The verbosity is controlled by the LogLevel setting.

LogLevel indicates the detail level of the message. Possible values are as follows:

Message is the log message.

LogType is reserved for future use.

on_reconnect_attempt Event

Fired when attempting to reconnect.

Syntax

class SSHTunnelReconnectAttemptEventParams(object):
  @property
  def host() -> str: ...

  @property
  def port() -> int: ...

  @property
  def retry_count() -> int: ...

  @property
  def retries_remaining() -> int: ...

  @property
  def max_retry_count() -> int: ...

  @property
  def retry_interval() -> int: ...

  @property
  def retry_type() -> int: ...

  @property
  def remote_listening_port() -> int: ...

  @property
  def cancel() -> bool: ...
  @cancel.setter
  def cancel(value) -> None: ...

# In class SSHTunnel:
@property
def on_reconnect_attempt() -> Callable[[SSHTunnelReconnectAttemptEventParams], None]: ...
@on_reconnect_attempt.setter
def on_reconnect_attempt(event_hook: Callable[[SSHTunnelReconnectAttemptEventParams], None]) -> None: ...

Remarks

This event fires both when attempting to reconnect to the ssh_host and when reestablishing a Secure Shell (SSH) tunnel.

This is applicable only when AutoReconnect is enabled. To determine which type of connection is being established check the RetryType parameter.

The following table provides details about the parameters:

on_ssh_custom_auth Event

Fired when the class is doing a custom authentication.

Syntax

class SSHTunnelSSHCustomAuthEventParams(object):
  @property
  def packet() -> str: ...
  @packet.setter
  def packet(value) -> None: ...

# In class SSHTunnel:
@property
def on_ssh_custom_auth() -> Callable[[SSHTunnelSSHCustomAuthEventParams], None]: ...
@on_ssh_custom_auth.setter
def on_ssh_custom_auth(event_hook: Callable[[SSHTunnelSSHCustomAuthEventParams], None]) -> None: ...

Remarks

on_ssh_custom_auth is fired during the user authentication stage of the Secure Shell (SSH) logon process if ssh_auth_mode is set to amCustom. Packet contains the last raw SSH packet sent by the server, in HEX-encoded format.

The client should create a new raw SSH packet to send to the server and set Packet to the HEX-encoded representation of the packet to send.

In all cases, Packet will start with the message type field.

To read the incoming packet, call decode_packet and then use the get_ssh_param and get_ssh_param_bytes methods. To create a packet, use the set_ssh_param method and then call encode_packet to obtain a HEX-encoded value and assign this to the Packet parameter.

on_ssh_keyboard_interactive Event

Fired when the class receives a request for user input from the server.

Syntax

class SSHTunnelSSHKeyboardInteractiveEventParams(object):
  @property
  def name() -> str: ...

  @property
  def instructions() -> str: ...

  @property
  def prompt() -> str: ...

  @property
  def response() -> str: ...
  @response.setter
  def response(value) -> None: ...

  @property
  def echo_response() -> bool: ...

# In class SSHTunnel:
@property
def on_ssh_keyboard_interactive() -> Callable[[SSHTunnelSSHKeyboardInteractiveEventParams], None]: ...
@on_ssh_keyboard_interactive.setter
def on_ssh_keyboard_interactive(event_hook: Callable[[SSHTunnelSSHKeyboardInteractiveEventParams], None]) -> None: ...

Remarks

on_ssh_keyboard_interactive is fired during the user authentication stage of the Secure Shell (SSH) logon process. During authentication, the class will request a list of available authentication methods for the ssh_user. For example, if the ssh_host responds with "keyboard-interactive", the class will fire this event to allow the client application to set the password.

During authentication, the SSH server may respond with a request for the user's authentication information. Name is a server-provided value associated with the authentication method such as "CRYPTOCard Authentication". Instructions will contain specific instructions, also supplied by the server, for how the user should respond.

Along with these values, the server will also send at least one input Prompt to be displayed to and filled out by the user. Response should be set to the user's input, and will be sent back in the user authentication information response. EchoResponse is a server recommendation for whether or not the user's response should be echoed back during input.

Note: The server may send several prompts in a single packet. The class will fire the on_ssh_keyboard_interactive event once for each prompt.

on_ssh_server_authentication Event

Fired after the server presents its public key to the client.

Syntax

class SSHTunnelSSHServerAuthenticationEventParams(object):
  @property
  def host_key() -> bytes: ...

  @property
  def fingerprint() -> str: ...

  @property
  def key_algorithm() -> str: ...

  @property
  def cert_subject() -> str: ...

  @property
  def cert_issuer() -> str: ...

  @property
  def status() -> str: ...

  @property
  def accept() -> bool: ...
  @accept.setter
  def accept(value) -> None: ...

# In class SSHTunnel:
@property
def on_ssh_server_authentication() -> Callable[[SSHTunnelSSHServerAuthenticationEventParams], None]: ...
@on_ssh_server_authentication.setter
def on_ssh_server_authentication(event_hook: Callable[[SSHTunnelSSHServerAuthenticationEventParams], None]) -> None: ...

Remarks

This event is fired when the client can decide whether or not to continue with the connection process. If the public key is known to be a valid key for the Secure Shell (SSH) server, Accept should be set to True within the event. Otherwise, the server will not be authenticated and the connection will be broken.

Accept will be True only if either HostKey or Fingerprint is identical to the value of ssh_accept_server_host_key.

Accept may be set to True manually to accept the server host key.

Note: SSH's security inherently relies on client verification of the host key. Ignoring the host key and always setting Accept to True is strongly discouraged, and could cause potentially serious security vulnerabilities in your application. It is recommended that clients maintain a list of known keys for each server and check HostKey against this list each time a connection is attempted.

Host Key contains the full binary text of the key, in the same format used internally by SSH.

Fingerprint holds the SHA-256 hash of HostKey in the hex-encoded form: 0a:1b:2c:3d. To configure the hash algorithm used to calculate this value, see SSHFingerprintHashAlgorithm.

KeyAlgorithm identifies the host key algorithm. The following values are supported:

• ssh-rsa
• ssh-dss
• rsa-sha2-256
• rsa-sha2-512
• x509v3-sign-rsa
• x509v3-sign-dss
• ecdsa-sha2-nistp256
• ecdsa-sha2-nistp384
• ecdsa-sha2-nistp521

CertSubject is the subject of the certificate. This is applicable only when KeyAlgorithm is "x509v3-sign-rsa" or "x509v3-sign-dss".

CertIssuer is the issuer of the certificate. This is applicable only when KeyAlgorithm is "x509v3-sign-rsa" or "x509v3-sign-dss".

Status is reserved for future use.

on_ssh_status Event

Fired to track the progress of the secure connection.

Syntax

class SSHTunnelSSHStatusEventParams(object):
  @property
  def message() -> str: ...

# In class SSHTunnel:
@property
def on_ssh_status() -> Callable[[SSHTunnelSSHStatusEventParams], None]: ...
@on_ssh_status.setter
def on_ssh_status(event_hook: Callable[[SSHTunnelSSHStatusEventParams], None]) -> None: ...

Remarks

The event is fired for informational and logging purposes only. Used to track the progress of the connection.

SSHTunnel Config Settings

SSHTunnel Config Settings

SSHClient Config Settings

*SSH-1.99-*,*SSH-2.0-*,*SSH-2.99-*

TCPClient Config Settings

Socket Config Settings

TCPServer Config Settings

Base Config Settings

SSHTunnel Errors

SSHTunnel Errors

SSHClient Errors

The class may also return one of the following error codes, which are inherited from other classes.

TCPClient Errors

TCP/IP Errors