Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Delphi DLL) SSH Tunnel Set Allowed AlgorithmsSee more SSH Tunnel ExamplesDemonstrates how to explicitly set the algorithms allowed in the SSH connection protocol for SSH tunneling. Note: This example requires Chilkat v9.5.0.99 or greater.
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, SshTunnel, JsonObject; ... procedure TForm1.Button1Click(Sender: TObject); var success: Boolean; ssh_tunnel: HCkSshTunnel; json: HCkJsonObject; allowed_kex: PWideChar; allowed_hostKey: PWideChar; allowed_cipher: PWideChar; allowed_mac: PWideChar; port: Integer; begin // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. ssh_tunnel := CkSshTunnel_Create(); json := CkJsonObject_Create(); // Here are the algorithms supported by Chilkat at the time this example was written (14-June-2024) // --------------------------- // SSH Key-Exchange Algorithms // --------------------------- // curve25519-sha256 // curve25519-sha256@libssh.org // ecdh-sha2-nistp256 // ecdh-sha2-nistp384 // ecdh-sha2-nistp521 // diffie-hellman-group14-sha256 // diffie-hellman-group16-sha512 // diffie-hellman-group18-sha512 // diffie-hellman-group-exchange-sha256 // diffie-hellman-group1-sha1 // diffie-hellman-group14-sha1 // diffie-hellman-group-exchange-sha1 // --------------------------- // SSH Host Key Algorithms // --------------------------- // ssh-ed25519 // ecdsa-sha2-nistp256 // ecdsa-sha2-nistp384 // ecdsa-sha2-nistp521 // rsa-sha2-256 // rsa-sha2-512 // ssh-rsa // ssh-dss // --------------------------- // SSH Cipher Algorithms // --------------------------- // chacha20-poly1305@openssh.com // aes128-ctr // aes256-ctr // aes192-ctr // aes128-cbc // aes256-cbc // aes192-cbc // aes128-gcm@openssh.com // aes256-gcm@openssh.com // twofish256-cbc // twofish128-cbc // blowfish-cbc // --------------------------- // SSH MAC Algorithms // --------------------------- // hmac-sha2-256 // hmac-sha2-512 // hmac-sha2-256-etm@openssh.com // hmac-sha2-512-etm@openssh.com // hmac-sha1-etm@openssh.com // hmac-sha1 // hmac-ripemd160 // hmac-sha1-96 // hmac-md5 // Specify the allowed key-exchange, host-key, cipher (i.e. encryption), and mac (i.e. hash) algorithms allowed, in the order of preference. // ------------------------------------------------------------------------------------------------------------------------------------------- // Note: You typically should NOT explicitly set allowed algorithms. // By default, Chilkat orders algorithms according to best practices, and pays attention to vulnerabilities such as the "Terrapin Attack". // Hard-coding algorthims can make your application brittle and prone to breaking over a long period of time, // if a server (at some point in the future) changes its allowed algorithms, or if you connect to a different server, // such that the client (Chilkat) and server cannot find a set of mutually agreed-upon algorithms. // ------------------------------------------------------------------------------------------------------------------------------------------- allowed_kex := 'curve25519-sha256@libssh.org,ecdh-sha2-nistp256'; allowed_hostKey := 'ssh-ed25519,ecdsa-sha2-nistp256'; allowed_cipher := 'chacha20-poly1305@openssh.com,aes256-ctr'; allowed_mac := 'hmac-sha2-256,hmac-sha2-512'; CkJsonObject_UpdateString(json,'kex',allowed_kex); CkJsonObject_UpdateString(json,'hostKey',allowed_hostKey); CkJsonObject_UpdateString(json,'cipher',allowed_cipher); CkJsonObject_UpdateString(json,'mac',allowed_mac); CkSshTunnel_SetAllowedAlgorithms(ssh_tunnel,json); port := 22; success := CkSshTunnel_Connect(ssh_tunnel,'example.com',port); if (success <> True) then begin Memo1.Lines.Add(CkSshTunnel__lastErrorText(ssh_tunnel)); Exit; end; Memo1.Lines.Add('Connected.'); // .... // .... CkSshTunnel_Dispose(ssh_tunnel); CkJsonObject_Dispose(json); end; |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.