|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) SSH Set Allowed AlgorithmsSee more SSH ExamplesDemonstrates how to explicitly set the algorithms allowed in the SSH connection protocol. Note: This example requires Chilkat v9.5.0.99 or greater.
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. set ssh [new_CkSsh] set json [new_CkJsonObject] # Here are the algorithms supported by Chilkat at the time this example was written (14-June-2024) # --------------------------- # SSH Key-Exchange Algorithms # --------------------------- # curve25519-sha256 # curve25519-sha256@libssh.org # ecdh-sha2-nistp256 # ecdh-sha2-nistp384 # ecdh-sha2-nistp521 # diffie-hellman-group14-sha256 # diffie-hellman-group16-sha512 # diffie-hellman-group18-sha512 # diffie-hellman-group-exchange-sha256 # diffie-hellman-group1-sha1 # diffie-hellman-group14-sha1 # diffie-hellman-group-exchange-sha1 # --------------------------- # SSH Host Key Algorithms # --------------------------- # ssh-ed25519 # ecdsa-sha2-nistp256 # ecdsa-sha2-nistp384 # ecdsa-sha2-nistp521 # rsa-sha2-256 # rsa-sha2-512 # ssh-rsa # ssh-dss # --------------------------- # SSH Cipher Algorithms # --------------------------- # chacha20-poly1305@openssh.com # aes128-ctr # aes256-ctr # aes192-ctr # aes128-cbc # aes256-cbc # aes192-cbc # aes128-gcm@openssh.com # aes256-gcm@openssh.com # twofish256-cbc # twofish128-cbc # blowfish-cbc # --------------------------- # SSH MAC Algorithms # --------------------------- # hmac-sha2-256 # hmac-sha2-512 # hmac-sha2-256-etm@openssh.com # hmac-sha2-512-etm@openssh.com # hmac-sha1-etm@openssh.com # hmac-sha1 # hmac-ripemd160 # hmac-sha1-96 # hmac-md5 # Specify the allowed key-exchange, host-key, cipher (i.e. encryption), and mac (i.e. hash) algorithms allowed, in the order of preference. # ------------------------------------------------------------------------------------------------------------------------------------------- # Note: You typically should NOT explicitly set allowed algorithms. # By default, Chilkat orders algorithms according to best practices, and pays attention to vulnerabilities such as the "Terrapin Attack". # Hard-coding algorthims can make your application brittle and prone to breaking over a long period of time, # if a server (at some point in the future) changes its allowed algorithms, or if you connect to a different server, # such that the client (Chilkat) and server cannot find a set of mutually agreed-upon algorithms. # ------------------------------------------------------------------------------------------------------------------------------------------- set allowed_kex "curve25519-sha256@libssh.org,ecdh-sha2-nistp256" set allowed_hostKey "ssh-ed25519,ecdsa-sha2-nistp256" set allowed_cipher "chacha20-poly1305@openssh.com,aes256-ctr" set allowed_mac "hmac-sha2-256,hmac-sha2-512" CkJsonObject_UpdateString $json "kex" $allowed_kex CkJsonObject_UpdateString $json "hostKey" $allowed_hostKey CkJsonObject_UpdateString $json "cipher" $allowed_cipher CkJsonObject_UpdateString $json "mac" $allowed_mac CkSsh_SetAllowedAlgorithms $ssh $json set port 22 set success [CkSsh_Connect $ssh "example.com" $port] if {$success != 1} then { puts [CkSsh_lastErrorText $ssh] delete_CkSsh $ssh delete_CkJsonObject $json exit } puts "Connected." # .... # .... delete_CkSsh $ssh delete_CkJsonObject $json |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.