Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Tcl) SSH Tunnel Set Allowed AlgorithmsSee more SSH Tunnel ExamplesDemonstrates how to explicitly set the algorithms allowed in the SSH connection protocol for SSH tunneling. Note: This example requires Chilkat v9.5.0.99 or greater.
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. set ssh_tunnel [new_CkSshTunnel] set json [new_CkJsonObject] # Here are the algorithms supported by Chilkat at the time this example was written (14-June-2024) # --------------------------- # SSH Key-Exchange Algorithms # --------------------------- # curve25519-sha256 # curve25519-sha256@libssh.org # ecdh-sha2-nistp256 # ecdh-sha2-nistp384 # ecdh-sha2-nistp521 # diffie-hellman-group14-sha256 # diffie-hellman-group16-sha512 # diffie-hellman-group18-sha512 # diffie-hellman-group-exchange-sha256 # diffie-hellman-group1-sha1 # diffie-hellman-group14-sha1 # diffie-hellman-group-exchange-sha1 # --------------------------- # SSH Host Key Algorithms # --------------------------- # ssh-ed25519 # ecdsa-sha2-nistp256 # ecdsa-sha2-nistp384 # ecdsa-sha2-nistp521 # rsa-sha2-256 # rsa-sha2-512 # ssh-rsa # ssh-dss # --------------------------- # SSH Cipher Algorithms # --------------------------- # chacha20-poly1305@openssh.com # aes128-ctr # aes256-ctr # aes192-ctr # aes128-cbc # aes256-cbc # aes192-cbc # aes128-gcm@openssh.com # aes256-gcm@openssh.com # twofish256-cbc # twofish128-cbc # blowfish-cbc # --------------------------- # SSH MAC Algorithms # --------------------------- # hmac-sha2-256 # hmac-sha2-512 # hmac-sha2-256-etm@openssh.com # hmac-sha2-512-etm@openssh.com # hmac-sha1-etm@openssh.com # hmac-sha1 # hmac-ripemd160 # hmac-sha1-96 # hmac-md5 # Specify the allowed key-exchange, host-key, cipher (i.e. encryption), and mac (i.e. hash) algorithms allowed, in the order of preference. # ------------------------------------------------------------------------------------------------------------------------------------------- # Note: You typically should NOT explicitly set allowed algorithms. # By default, Chilkat orders algorithms according to best practices, and pays attention to vulnerabilities such as the "Terrapin Attack". # Hard-coding algorthims can make your application brittle and prone to breaking over a long period of time, # if a server (at some point in the future) changes its allowed algorithms, or if you connect to a different server, # such that the client (Chilkat) and server cannot find a set of mutually agreed-upon algorithms. # ------------------------------------------------------------------------------------------------------------------------------------------- set allowed_kex "curve25519-sha256@libssh.org,ecdh-sha2-nistp256" set allowed_hostKey "ssh-ed25519,ecdsa-sha2-nistp256" set allowed_cipher "chacha20-poly1305@openssh.com,aes256-ctr" set allowed_mac "hmac-sha2-256,hmac-sha2-512" CkJsonObject_UpdateString $json "kex" $allowed_kex CkJsonObject_UpdateString $json "hostKey" $allowed_hostKey CkJsonObject_UpdateString $json "cipher" $allowed_cipher CkJsonObject_UpdateString $json "mac" $allowed_mac CkSshTunnel_SetAllowedAlgorithms $ssh_tunnel $json set port 22 set success [CkSshTunnel_Connect $ssh_tunnel "example.com" $port] if {$success != 1} then { puts [CkSshTunnel_lastErrorText $ssh_tunnel] delete_CkSshTunnel $ssh_tunnel delete_CkJsonObject $json exit } puts "Connected." # .... # .... delete_CkSshTunnel $ssh_tunnel delete_CkJsonObject $json |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.