ios - ios中的ssh协商过程

目的:使用SSH协议(protocol)将本地计算机(iPod)连接到Unix服务器。

首先，我已经建立了一个用于通信的套接字连接，它已经完成。

现在与SSH协商的过程。

client to server -> http://@aix.polarhome.com/ssh with port : 775 (using GCDAsyncSocket)

成功连接后

server to client -> SSH-1.99-OpenSSH-6.6

client to server -> SSH-2.0-OpenSSH_6.6

server to client -> list of algo

cleint to server ->

此代码格式

 if (parsedByteArray[2] == ACK && parsedByteArray[5] == SSH_MSG_KEXINIT) {

        //1 SSH_MSG_KEXINIT
        sendByte[writeIndex++] = SSH2_MSG_KEXINIT;

        [self put32BitInteger:16 toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;
        //2 cookie (16 random bytes)
        for (int i = 0; i < 16; i++) {
            sendByte[writeIndex++] = [self random_byte];
        }

        //3 kex_algorithms
        NSString *kex_algorithms = [self kexAlgorithms];
        [self put32BitInteger:kex_algorithms.length toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;
        writeIndex = [self convertFromString:kex_algorithms toBytesAndFillArray:sendByte withCurrentIndex:writeIndex];

        //4 server_host_key_algorithms
        NSString *server_host_key_algorithms = [self serverHostKeyAlgorithms];
        [self put32BitInteger:server_host_key_algorithms.length toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;
        writeIndex = [self convertFromString:server_host_key_algorithms toBytesAndFillArray:sendByte withCurrentIndex:writeIndex];

        //5 encryption_algorithms_client_to_server
        NSString *encryption_algorithms = [self encryptionAlgorithms];
        [self put32BitInteger:encryption_algorithms.length toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;
        writeIndex = [self convertFromString:encryption_algorithms toBytesAndFillArray:sendByte withCurrentIndex:writeIndex];

        //6 encryption_algorithms_server_to_client
        [self put32BitInteger:encryption_algorithms.length toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;
        writeIndex = [self convertFromString:encryption_algorithms toBytesAndFillArray:sendByte withCurrentIndex:writeIndex];

        //7 mac_algorithms_client_to_server
        NSString *mac_algorithms = [self macAlgorithms];
        [self put32BitInteger:mac_algorithms.length toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;
        writeIndex = [self convertFromString:mac_algorithms toBytesAndFillArray:sendByte withCurrentIndex:writeIndex];

        //8 mac_algorithms_server_to_client
        [self put32BitInteger:mac_algorithms.length toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;
        writeIndex = [self convertFromString:mac_algorithms toBytesAndFillArray:sendByte withCurrentIndex:writeIndex];

        //9 compression_algorithms_client_to_server
        NSString *compression_algorithms = [self compressionAlgorithms];
        [self put32BitInteger:compression_algorithms.length toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;
        writeIndex = [self convertFromString:compression_algorithms toBytesAndFillArray:sendByte withCurrentIndex:writeIndex];

        //10 compression_algorithms_server_to_client
        [self put32BitInteger:compression_algorithms.length toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;
        writeIndex = [self convertFromString:compression_algorithms toBytesAndFillArray:sendByte withCurrentIndex:writeIndex];

        //11 languages_client_to_server
        [self put32BitInteger:0 toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;

        //12 languages_server_to_client
        [self put32BitInteger:0 toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;

        //13 first_kex_packet_follows
        [self put32BitInteger:1 toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;

        sendByte[writeIndex++] = 0; //FALSE

        //14 0 (reserved for future extension) int32
        [self put32BitInteger:0 toPacket:sendByte fromIndex:writeIndex];
        writeIndex += 4;

        [self sendSSHBinaryPacketPayload:sendByte toLength:writeIndex];
        writeIndex = 0;
    }

-(void)put32BitInteger:(NSInteger)val toPacket:(Byte *)packet fromIndex:(int)index{
    //parse int value from 32 bit to 4 bytes and assign to packet.

    Byte bArray[4];
    bArray[3] = val;
    bArray[2] = val >> 8;
    bArray[1] = val >> 16;
    bArray[0] = val >> 24;

    for (int i = 0; i < 4; i++) {
        packet[index + i] = bArray[i];
    }
}

//SSH Encryption Algorithms
-(NSString *)kexAlgorithms{
    return @"diffie-hellman-group-exchange-sha1";
}

-(NSString *)serverHostKeyAlgorithms{
    return @"ssh-rsa";
}

-(NSString *)encryptionAlgorithms{
    return @"aes256-ctr";
}

-(NSString *)macAlgorithms{
    return @"hmac-sha2-256";
}

-(NSString *)compressionAlgorithms{
    return @"none";
}

-(NSString *)languageAlgorithms{
    return @"none";
}

server to client -> Packet corrupted.

请建议我，这是正确的方法。我需要实现哪些更正。

我不清楚的事情是
1.首先从服务器或客户端协商版本字符串。服务器在这里发送它，
2.我是否需要以普通格式或使用BPP(二进制数据包协议(protocol))发送 key 交换数据。

请帮我。

最佳答案

1)不久前，我正在为辅助项目做类似的事情。我发现这本书在尝试实现/理解握手过程时非常有帮助:

那本书提供了很好的示例代码和建议。

2)我在您发布的示例代码中注意到，您似乎有很多用Objective-C编写的帮助程序函数，如果您在纯C中实现帮助程序函数，则可能会更轻松地增加代码的可读性。您还应该使用结构来保存数据包的数据结构，这将使您的生活更轻松。

3)根据您发布的示例代码，很难为您提供出什么地方的帮助，可以发布要点或包含更完整代码段的内容。

关于ios - ios中的ssh协商过程，我们在Stack Overflow上找到一个类似的问题：https://stackoverflow.com/questions/29123229/