Server : Apache/2.4.52 (Ubuntu) System : Linux webserver 6.8.0-49-generic #49~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Wed Nov 6 17:42:15 UTC 2 x86_64 User : www-data ( 33) PHP Version : 8.1.2-1ubuntu2.21 Disable Function : NONE Directory : /lib/python3/dist-packages/twisted/conch/ssh/__pycache__/ |
o
�����bSl����������������������@���s��d�Z�ddlZddlmZmZ�ddlmZmZmZ�ddl m
Z
m
Z
�ddl
m
Z
�ddlmZ�ddlmZmZ�dd lmZ�dd
lmZ�dd
lmZ�G�d
d
��d
ej�ZG�dd��dej�ZdZ
dZ
dZ
dZ dZ dZ!i�Z"e#e$���%���D�]\Z&Z'e&dd��dkr}e&e"e'<�qme"e_(e"e_(["['dZ)dZ*dS�)z�
Implementation of the ssh-userauth service.
Currently implemented authentication types are public-key and password.
Maintainer: Paul Swartz
�����N)�error�
interfaces)�keys�service� transport)�NS�getNS)�
credentials)�UnauthorizedLogin)�defer�reactor)�Logger)�failure)�
nativeStringc�������������������@���s����e�Zd�ZdZdZdZdZdZeZ e
j
de
j
diZ
e��Zdd ��Zd
d
��Zd
d
��Zdd��Zdd��Zdd��Zdd��Zdd��Zdd��Zdd��Zd
d
��Zd
d ��Zd S�)!�SSHUserAuthServera���
A service implementing the server side of the 'ssh-userauth' service. It
is used to authenticate the user on the other side as being able to access
this server.
@ivar name: the name of this service: 'ssh-userauth'
@type name: L{bytes}
@ivar authenticatedWith: a list of authentication methods that have
already been used.
@type authenticatedWith: L{list}
@ivar loginTimeout: the number of seconds we wait before disconnecting
the user for taking too long to authenticate
@type loginTimeout: L{int}
@ivar attemptsBeforeDisconnect: the number of failed login attempts we
allow before disconnecting.
@type attemptsBeforeDisconnect: L{int}
@ivar loginAttempts: the number of login attempts that have been made
@type loginAttempts: L{int}
@ivar passwordDelay: the number of seconds to delay when the user gives
an incorrect password
@type passwordDelay: L{int}
@ivar interfaceToMethod: a L{dict} mapping credential interfaces to
authentication methods. The server checks to see which of the
cred interfaces have checkers and tells the client that those methods
are valid for authentication.
@type interfaceToMethod: L{dict}
@ivar supportedAuthentications: A list of the supported authentication
methods.
@type supportedAuthentications: L{list} of L{bytes}
@ivar user: the last username the client tried to authenticate with
@type user: L{bytes}
@ivar method: the current authentication method
@type method: L{bytes}
@ivar nextService: the service the user wants started after authentication
has been completed.
@type nextService: L{bytes}
@ivar portal: the L{twisted.cred.portal.Portal} we are using for
authentication
@type portal: L{twisted.cred.portal.Portal}
@ivar clock: an object with a callLater method. Stubbed out for testing.
�
���ssh-userauthi������������� ���publickey����passwordc�����������������C���s����g�|�_�d|�_d|�_d|�_|�jjj|�_g�|�_|�j���D�]}||�j v�r*|�j�
|�j |���q|�j�
d�s<d|�jv�r<|�j�
d��|�j
�|�j|�j�|�_dS�)z�
Called when the userauth service is started. Set up instance
variables, check if we should allow password authentication (only
allow if the outgoing connection is encrypted) and set up a login
timeout.
r���N�inr���)�authenticatedWith�
loginAttempts�user�
nextServicer����factory�portal�supportedAuthentications�listCredentialsInterfaces�interfaceToMethod�append�
isEncrypted�remove�clock� callLater�
loginTimeout�timeoutAuthentication�_cancelLoginTimeout)�self�i��r*����</usr/lib/python3/dist-packages/twisted/conch/ssh/userauth.py�serviceStartedR���s ���
�
�z SSHUserAuthServer.serviceStartedc�����������������C���s
���|�j�r
|�j�����d|�_�dS�dS�)zu
Called when the userauth service is stopped. Cancel the login timeout
if it's still going.
N)r'����cancel�r(���r*���r*���r+����serviceStoppedl���s���
�z SSHUserAuthServer.serviceStoppedc�����������������C���s���d|�_�|�j�tjd��dS�)z�
Called when the user has timed out on authentication. Disconnect
with a DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE message.
Ns���you took too long)r'���r����sendDisconnect�)DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLEr.���r*���r*���r+���r&���u���s����z'SSHUserAuthServer.timeoutAuthenticationc�����������������C���s����|�j�jd||d��||�jvrt�t�d��S�t|�dd��}t |�d|���d�}|r<||�}|s:t�t�|��d���S�|S�t�t�d |�����S�)
a��
Try to authenticate the user with the given method. Dispatches to a
auth_* method.
@param kind: the authentication method to try.
@type kind: L{bytes}
@param user: the username the client is authenticating with.
@type user: L{bytes}
@param data: authentication specific data sent by the client.
@type data: L{bytes}
@return: A Deferred called back if the method succeeded, or erred back
if it failed.
@rtype: C{defer.Deferred}
z
{user!r} trying auth {kind!r})r����kindz#unsupported authentication, failing����-����_�auth_Nz" return None instead of a Deferredzbad auth type: )
�_log�debugr
���r
����failr����
ConchErrorr����replace�getattr)r(���r2���r����data�f�retr*���r*���r+����tryAuth���s���
�zSSHUserAuthServer.tryAuthc�����������������C���s����t�|d�\}}}}||�jks||�jkrg�|�_||�_||�_||�_|��|||�}|s5|��t�t �
d����dS�|�
|�j
��|�
|�j��|�
|�j��|S�)z�
The client has requested authentication. Payload::
string user
string next service
string method
<authentication specific data>
@type packet: L{bytes}
����zauth returned noneN)r���r���r���r����methodr?����
_ebBadAuthr����Failurer���r9����
addCallback�_cbFinishedAuth�
addErrback�_ebMaybeBadAuth)r(����packetr���r���rA����rest�dr*���r*���r+����ssh_USERAUTH_REQUEST����s
���
z&SSHUserAuthServer.ssh_USERAUTH_REQUESTc�����������������C���sz���|\}}}||�j�_||�j�_|�j�j�|�j�|�j�}|s"t�d|�j�����|�jj d|�j
|�j
d��|�j��
t
d��|�j��|����dS�)z�
The callback when user has successfully been authenticated. For a
description of the arguments, see L{twisted.cred.portal.Portal.login}.
We start the service requested by the user.
z
could not get next service: z&{user!r} authenticated with {method!r}�r���rA��������N)r����avatar�logoutFunctionr����
getServicer���r���r9���r6���r7���r���rA����
sendPacket�MSG_USERAUTH_SUCCESS�
setService)r(����result� interfacerN����logoutr���r*���r*���r+���rE�������s���
�z!SSHUserAuthServer._cbFinishedAuthc�����������������C���s.���|��tj��|�j�ttd�|�j��d���dS�)z�
An intermediate errback. If the reason is
error.NotEnoughAuthentication, we send a MSG_USERAUTH_FAILURE, but
with the partial success indicator set.
@type reason: L{twisted.python.failure.Failure}
����,�����N) �trapr����NotEnoughAuthenticationr���rQ����MSG_USERAUTH_FAILUREr����joinr
����r(����reasonr*���r*���r+���rG�������s���
�z!SSHUserAuthServer._ebMaybeBadAuthc�����������������C���s����|��tj�rdS�|�jdkrZ|�jjd|�j|�jd��|��t�r(|�jjd|���d��n|��tj �r9|�jjd|���d��n
|�jj
d ||�jd
��|��j
d
7��_
|�j
|�j
krZ|�j
�t
jd
��dS�|�j
�ttd
�|�j��d���dS�)a{��
The final errback in the authentication chain. If the reason is
error.IgnoreAuthentication, we simply return; the authentication
method has sent its own response. Otherwise, send a failure message
and (if the method is not 'none') increment the number of login
attempts.
@type reason: L{twisted.python.failure.Failure}
N����nonez {user!r} failed auth {method!r}rL���z
unauthorized login: {message})�messagezreason: {reason})r^���z#Error checking auth for user {user})r���r���r���s���too many bad authsrW��������)�checkr����IgnoreAuthenticationrA���r6���r7���r���r
����getErrorMessager9���r���r����attemptsBeforeDisconnectr���r0���r1���rQ���r[���r���r\���r
���r]���r*���r*���r+���rB�������s6���
�
�
�
��z
SSHUserAuthServer._ebBadAuthc�����������
������C���s>��t�|dd���}t|dd��d�\}}}ztj�|�}W�n �tjy;���d�|�d��}|�j� |��t
�
t
|���Y�S�w�|rDt|�d�pEd}|r�t
|�jj�ttf��t
|�j��t
|�j��t
d��t|f��t
|�����t
|��} t�|�j||| |�}
|�j�|
dtj�S�t�|�j||dd�}
|�j�|
dtj��|�j
|dd���S�)a��
Public key authentication. Payload::
byte has signature
string algorithm name
string key blob
[string signature] (if has signature is True)
Create a SSHPublicKey credential and verify it using our portal.
r���r���N����z"Unsupported key type {} or bad key�asciir���)
�ordr���r����Key�
fromString�
BadKeyError�format�decoder6���r���r
���r8���r
���r���r���� sessionID�bytes�MSG_USERAUTH_REQUESTr���r����sshTyper ����
SSHPrivateKeyr
����loginr����
IConchUserrF����
_ebCheckKey)
r(���rH����hasSig�algName�blobrI����pubKeyr���� signature�b�cr*���r*���r+����auth_publickey����sB���
�
�����
���
�z SSHUserAuthServer.auth_publickeyc�����������������C���s(���|��tj��|�j�t|��t�t����S�)z�
Called back if the user did not sent a signature. If reason is
error.ValidPublicKey then this key is valid for the user to
authenticate with. Send MSG_USERAUTH_PK_OK.
) rY���r����ValidPublicKeyr���rQ����MSG_USERAUTH_PK_OKr���rC���rc���)r(���r^���rH���r*���r*���r+���ru���$��s���
z
SSHUserAuthServer._ebCheckKeyc�����������������C���s<���t�|dd���d�}t�|�j|�}|�j�|dtj��|�j �S�)z�
Password authentication. Payload::
string password
Make a UsernamePassword credential and verify it with our portal.
r���Nr���)
r���r ����UsernamePasswordr���r
���rs���r���rt���rF����
_ebPassword)r(���rH����passwordr|���r*���r*���r+����
auth_password/��s
����z SSHUserAuthServer.auth_passwordc�����������������C���s ���t����}|�j�|�j|j|��|S�)z�
If the password is invalid, wait before sending the failure in order
to delay brute-force password guessing.
)r
����Deferredr#���r$����
passwordDelay�callback)r(���r=���rJ���r*���r*���r+���r����<��s���z
SSHUserAuthServer._ebPasswordN)
�__name__�
__module__�
__qualname__�__doc__�namer%���re���r����r
���r#���r ����ISSHPrivateKey�IUsernamePasswordr ���r
���r6���r,���r/���r&���r?���rK���rE���rG���rB���r}���ru���r����r����r*���r*���r*���r+���r������s.����*�
'(
r���c�������������������@���s����e�Zd�ZdZdZg�d�Zdd��Zdd��Zdd ��Zd
d
��Z d
d
��Z
dd��Z
dd��Z
dd��Z
dd��Zdd��Zdd��Zdd��Zd
d
��Zd
d ��Zd d!��Zd"d#��Zd$d%��Zd&d'��Zd(d)��Zd*d+��Zd,d-��Zd.d/��Zd0d1��Z
d2d3��Z
d4d5��Z
d;d7d8�Z d9d:��Z d6S�)<�SSHUserAuthClienta+��
A service implementing the client side of 'ssh-userauth'.
This service will try all authentication methods provided by the server,
making callbacks for more information when necessary.
@ivar name: the name of this service: 'ssh-userauth'
@type name: L{str}
@ivar preferredOrder: a list of authentication methods that should be used
first, in order of preference, if supported by the server
@type preferredOrder: L{list}
@ivar user: the name of the user to authenticate as
@type user: L{bytes}
@ivar instance: the service to start after authentication has finished
@type instance: L{service.SSHService}
@ivar authenticatedWith: a list of strings of authentication methods we've tried
@type authenticatedWith: L{list} of L{bytes}
@ivar triedPublicKeys: a list of public key objects that we've tried to
authenticate with
@type triedPublicKeys: L{list} of L{Key}
@ivar lastPublicKey: the last public key object we've tried to authenticate
with
@type lastPublicKey: L{Key}
r���)r���r�������keyboard-interactivec�����������������C���s���||�_�||�_d�S��N)r����instance)r(���r���r����r*���r*���r+����__init__c��s���
zSSHUserAuthClient.__init__c�����������������C���s"���g�|�_�g�|�_d�|�_|��dd��d�S�)Nr_���rM���)r����triedPublicKeys�
lastPublicKey�
askForAuthr.���r*���r*���r+���r,���g��s���z SSHUserAuthClient.serviceStartedc�����������������C���s6���||�_�|�j�tt|�j�t|�jj��t|��|���dS�)z�
Send a MSG_USERAUTH_REQUEST.
@param kind: the authentication method to try.
@type kind: L{bytes}
@param extraData: method-specific data to go in the packet
@type extraData: L{bytes}
N)�lastAuthr���rQ���rp���r���r���r����r����)r(���r2���� extraDatar*���r*���r+���r����m��s
��� �z
SSHUserAuthClient.askForAuthc�����������������C���s>���t�|�dd��}|�jjd|d��t|�d|�d�}|r
|��S�dS�)z�
Dispatch to an authentication method.
@param kind: the authentication method
@type kind: L{bytes}
r3���r4���ztrying to auth with {kind})r2���r5���N)r���r:���r6���r7���r;���)r(���r2���r=���r*���r*���r+���r?���|��s
����zSSHUserAuthClient.tryAuthc�����������������G���s���|���dd��dS�)z�
Generic callback for a failed authentication attempt. Respond by
asking for the list of accepted methods (the 'none' method)
r_���rM���N)r����)r(����ignored�argsr*���r*���r+����_ebAuth���s���zSSHUserAuthClient._ebAuthc�����������������C���s���|�j��|�j��dS�)z�
We received a MSG_USERAUTH_SUCCESS. The server has accepted our
authentication, so start the next service.
N)r���rS���r����)r(���rH���r*���r*���r+����ssh_USERAUTH_SUCCESS���s���z&SSHUserAuthClient.ssh_USERAUTH_SUCCESSc��������������������sr���t�|�\}}t|�}|r��j���j����fdd�}t��fdd�|�d�D��|d�}��jjd|d����� d t
|��S�)
av��
We received a MSG_USERAUTH_FAILURE. Payload::
string methods
byte partial success
If partial success is C{True}, then the previous method succeeded but is
not sufficient for authentication. C{methods} is a comma-separated list
of accepted authentication methods.
We sort the list of methods by their position in C{self.preferredOrder},
removing methods that have already succeeded. We then call
C{self.tryAuth} with the most preferred method.
@param packet: the C{MSG_USERAUTH_FAILURE} payload.
@type packet: L{bytes}
@return: a L{defer.Deferred} that will be callbacked with L{None} as
soon as all authentication methods have been tried, or L{None} if no
more authentication methods are available.
@rtype: C{defer.Deferred} or L{None}
c��������������������s ���|���j�v�r
��j��|��S�t��j��S�)a8��
Invoked once per authentication method in order to extract a
comparison key which is then used for sorting.
@param meth: the authentication method.
@type meth: L{bytes}
@return: the comparison key for C{meth}.
@rtype: L{int}
)�preferredOrder�index�len)�methr.���r*���r+����orderByPreference���s���
zASSHUserAuthClient.ssh_USERAUTH_FAILURE.<locals>.orderByPreferencec�����������������3���s
�����|�]
}|��j�vr|V��qd�S�r����)r���)�.0r����r.���r*���r+���� <genexpr>���s�����
��z9SSHUserAuthClient.ssh_USERAUTH_FAILURE.<locals>.<genexpr>rW���)�keyz
can continue with: {methods})�methodsN)
r���rh���r���r ���r�����sorted�splitr6���r7����_cbUserauthFailure�iter)r(���rH����
canContinue�partialr����r*���r.���r+����ssh_USERAUTH_FAILURE���s���
�� z&SSHUserAuthClient.ssh_USERAUTH_FAILUREc�����������������C���sZ���|rd�S�zt�|�}W�n�ty
���|�j�tjd��Y�d�S�w�t�|�j|�}|�|�j |��|S�)Ns(���no more authentication methods available)
�next�
StopIterationr���r0���r1���r
����
maybeDeferredr?���rD���r����)r(���rT����iteratorrA���rJ���r*���r*���r+���r�������s���
��z$SSHUserAuthClient._cbUserauthFailurec�����������������C���s>���t�|�dt|�j�dd���d�}|dur||�S�|��dd��dS�)z�
This message (number 60) can mean several different messages depending
on the current authentication type. We dispatch to individual methods
in order to handle this request.
zssh_USERAUTH_PK_OK_%sr3���r4���Nr_���rM���)r;���r���r����r:���r����)r(���rH����funcr*���r*���r+����ssh_USERAUTH_PK_OK���s����z$SSHUserAuthClient.ssh_USERAUTH_PK_OKc�����������������C���s����|�j�}t|�jj�ttf��t|�j��t|�jj��td��d�t|� ����t|�
����}|��
||�}|s;|��
dd��dS�|�
|�j��|�|�j��dS�)z�
This is MSG_USERAUTH_PK. Our public key is valid, so we create a
signature and try to authenticate with it.
r�������r_���rM���N)r����r���r���rn���ro���rp���r���r����r����rq���rx����signDatar����rD����
_cbSignedDatarF���r����)r(���rH���� publicKeyr{���rJ���r*���r*���r+����
ssh_USERAUTH_PK_OK_publickey���s.���
��
���
�
��
z.SSHUserAuthClient.ssh_USERAUTH_PK_OK_publickeyc��������������������s^���t�|d�\��}}d��_�_��d�}|��j�j�}|����fdd���|��j�j��dS�)z�
This is MSG_USERAUTH_PASSWD_CHANGEREQ. The password given has expired.
We ask for an old password and a new password, then send both back to
the server.
rf���Ns���Old Password: c��������������������s
���������S�r����)�
getPassword)r������promptr(���r*���r+����<lambda>��s���
�z?SSHUserAuthClient.ssh_USERAUTH_PK_OK_password.<locals>.<lambda>) r����_oldPass�_newPassr�����
addCallbacks�
_setOldPassr����rD����
_setNewPass)r(���rH����languagerI���rJ���r*���r����r+����ssh_USERAUTH_PK_OK_password��s
���
z-SSHUserAuthClient.ssh_USERAUTH_PK_OK_passwordc�����������
������C���s����t�|d�\}}}}t�d|dd���d�}|dd��}g�}t|�D�] }t�|�\} }tt|dd����}
|dd��}|�| |
f��q!|��|||�}
|
�|�j ��|
�
|�j
��dS�)z�
This is MSG_USERAUTH_INFO_RESPONSE. The server has sent us the
questions it wants us to answer, so we ask the user and sent the
responses.
r@����!LN����r���r���)
r����struct�unpack�range�boolrh���r ����getGenericAnswersrD����_cbGenericAnswersrF���r����)
r(���rH���r�����
instruction�langr<����
numPrompts�promptsr)���r�����echorJ���r*���r*���r+����'ssh_USERAUTH_PK_OK_keyboard_interactive��s���
z9SSHUserAuthClient.ssh_USERAUTH_PK_OK_keyboard_interactivec�����������������C���s6���|�j�}|��ddt|�����t|�����t|����dS�)z�
Called back out of self.signData with the signed data. Send the
authentication request with the signature.
@param signedData: the data signed by the user's private key.
@type signedData: L{bytes}
r���r����N)r����r����r���rq���rx���)r(����
signedDatar����r*���r*���r+���r����&��s
���"�z SSHUserAuthClient._cbSignedDatac�����������������C���s
���||�_�dS�)z�
Called back when we are choosing a new password. Simply store the old
password for now.
@param op: the old password as entered by the user
@type op: L{bytes}
N)r����)r(����opr*���r*���r+���r����4��s���
z
SSHUserAuthClient._setOldPassc�����������������C���s,���|�j�}d|�_�|��ddt|��t|����dS�)z�
Called back when we are choosing a new password. Get the old password
and send the authentication message with both.
@param np: the new password as entered by the user
@type np: L{bytes}
Nr���rX���)r����r����r���)r(����npr����r*���r*���r+���r����>��s��� z
SSHUserAuthClient._setNewPassc�����������������C���s>���t��dt|��}|D�]
}|t|�d��7�}q
|�j�t|��dS�)a��
Called back when we are finished answering keyboard-interactive
questions. Send the info back to the server in a
MSG_USERAUTH_INFO_RESPONSE.
@param responses: a list of L{bytes} responses
@type responses: L{list}
r�����UTF8N)r�����packr����r����encoder���rQ����MSG_USERAUTH_INFO_RESPONSE)r(���� responsesr<����rr*���r*���r+���r����J��s��� z#SSHUserAuthClient._cbGenericAnswersc�����������������C���s
���t��|�j�}|�|�j��|S�)z�
Try to authenticate with a public key. Ask the user for a public key;
if the user has one, send the request to the server and return True.
Otherwise, return False.
@rtype: L{bool}
)r
���r�����
getPublicKey�addBoth�_cbGetPublicKey�r(���rJ���r*���r*���r+���r}���X��s���
z SSHUserAuthClient.auth_publickeyc�����������������C���sj���t�|tj�sd�}|d�ur3||�_|�j�|��|�jjd|���d��|�� ddt
|�
����t
|�
������dS�dS�)Nzusing key of type {keyType})�keyTyper���ra���TF)
�
isinstancer���ri���r����r����r ���r6���r7����typer����r���rq���rx���)r(���r����r*���r*���r+���r����d��s���
�z!SSHUserAuthClient._cbGetPublicKeyc�����������������C���s$���|�����}|r|�|�j|�j��dS�dS�)z�
Try to authenticate with a password. Ask the user for a password.
If the user will return a password, return True. Otherwise, return
False.
@rtype: L{bool}
TF)r����r�����
_cbPasswordr����r����r*���r*���r+���r����r��s
���z SSHUserAuthClient.auth_passwordc�����������������C���s(���|�j��d��|��dtd�td����dS�)z�
Try to authenticate with keyboard-interactive authentication. Send
the request to the server and return True.
@rtype: L{bool}
z!authing with keyboard-interactiver����rM���T)r6���r7���r����r���r.���r*���r*���r+����auth_keyboard_interactive���s���
z+SSHUserAuthClient.auth_keyboard_interactivec�����������������C���s���|���ddt|����dS�)z�
Called back when the user gives a password. Send the request to the
server.
@param password: the password the user entered
@type password: L{bytes}
r���ra���N)r����r���)r(���r����r*���r*���r+���r�������s���z
SSHUserAuthClient._cbPasswordc�����������������C���s
���|�����}|sdS�|�|�j|�S�)am��
Sign the given data with the given public key.
By default, this will call getPrivateKey to get the private key,
then sign the data using Key.sign().
This method is factored out so that it can be overridden to use
alternate methods, such as a key agent.
@param publicKey: The public key object returned from L{getPublicKey}
@type publicKey: L{keys.Key}
@param signData: the data to be signed by the private key.
@type signData: L{bytes}
@return: a Deferred that's called back with the signature
@rtype: L{defer.Deferred}
N)�
getPrivateKeyrD����
_cbSignData)r(���r����r����r����r*���r*���r+���r�������s���zSSHUserAuthClient.signDatac�����������������C���s
���|��|�S�)ae��
Called back when the private key is returned. Sign the data and
return the signature.
@param privateKey: the private key object
@type privateKey: L{keys.Key}
@param signData: the data to be signed by the private key.
@type signData: L{bytes}
@return: the signature
@rtype: L{bytes}
)�sign)r(����
privateKeyr����r*���r*���r+���r�������s���
z
SSHUserAuthClient._cbSignDatac�����������������C���s���dS�)a
��
Return a public key for the user. If no more public keys are
available, return L{None}.
This implementation always returns L{None}. Override it in a
subclass to actually find and return a public key object.
@rtype: L{Key} or L{None}
Nr*���r.���r*���r*���r+���r�������s���
z
SSHUserAuthClient.getPublicKeyc�����������������C����
���t��t���S�)a��
Return a L{Deferred} that will be called back with the private key
object corresponding to the last public key from getPublicKey().
If the private key is not available, errback on the Deferred.
@rtype: L{Deferred} called back with L{Key}
�r
���r8����NotImplementedErrorr.���r*���r*���r+���r�������s���
z SSHUserAuthClient.getPrivateKeyNc�����������������C���r����)a��
Return a L{Deferred} that will be called back with a password.
prompt is a string to display for the password, or None for a generic
'user@hostname's password: '.
@type prompt: L{bytes}/L{None}
@rtype: L{defer.Deferred}
r����)r(���r����r*���r*���r+���r�������s���
z
SSHUserAuthClient.getPasswordc�����������������C���r����)a���
Returns a L{Deferred} with the responses to the promopts.
@param name: The name of the authentication currently in progress.
@param instruction: Describes what the authentication wants.
@param prompts: A list of (prompt, echo) pairs, where prompt is a
string to display and echo is a boolean indicating whether the
user's response should be echoed as they type it.
r����)r(���r����r����r����r*���r*���r+���r�������s���
z#SSHUserAuthClient.getGenericAnswersr����)!r����r����r����r����r����r����r����r,���r����r?���r����r����r����r����r����r����r����r����r����r����r����r����r}���r����r����r����r����r����r����r����r����r����r����r*���r*���r*���r+���r����F��s>����
8
r�����2����3����4����5����=����<���r�����MSG_)+r����r�����
twisted.conchr���r����twisted.conch.sshr���r���r����twisted.conch.ssh.commonr���r����
twisted.credr ����twisted.cred.errorr
����twisted.internetr
���r
����twisted.loggerr
����twisted.pythonr����twisted.python.compatr����
SSHServicer���r����rp���r[���rR����MSG_USERAUTH_BANNERr����r����messages�list�locals�items�k�v�protocolMessages�
MSG_USERAUTH_PASSWD_CHANGEREQ�MSG_USERAUTH_INFO_REQUESTr*���r*���r*���r+����<module>���sF���
��.���&�