:py:mod:`dissect.target.helpers.ssh` ==================================== .. py:module:: dissect.target.helpers.ssh Module Contents --------------- Classes ~~~~~~~ .. autoapisummary:: dissect.target.helpers.ssh.SSHPrivateKey Functions ~~~~~~~~~ .. autoapisummary:: :nosignatures: dissect.target.helpers.ssh.is_rfc4716 dissect.target.helpers.ssh.decode_rfc4716 dissect.target.helpers.ssh.is_pkcs8 dissect.target.helpers.ssh.is_pem Attributes ~~~~~~~~~~ .. autoapisummary:: dissect.target.helpers.ssh.c_rfc4716_def dissect.target.helpers.ssh.c_rfc4716 dissect.target.helpers.ssh.RFC4716_MARKER_START dissect.target.helpers.ssh.RFC4716_MARKER_END dissect.target.helpers.ssh.RFC4716_MAGIC dissect.target.helpers.ssh.RFC4716_PADDING dissect.target.helpers.ssh.RFC4716_NONE dissect.target.helpers.ssh.PKCS8_MARKER_START dissect.target.helpers.ssh.PKCS8_MARKER_END dissect.target.helpers.ssh.PKCS8_MARKER_START_ENCRYPTED dissect.target.helpers.ssh.PKCS8_MARKER_END_ENCRYPTED dissect.target.helpers.ssh.PEM_MARKER_START_RSA dissect.target.helpers.ssh.PEM_MARKER_END_RSA dissect.target.helpers.ssh.PEM_MARKER_START_DSA dissect.target.helpers.ssh.PEM_MARKER_END_DSA dissect.target.helpers.ssh.PEM_MARKER_START_EC dissect.target.helpers.ssh.PEM_MARKER_END_EC dissect.target.helpers.ssh.PEM_ENCRYPTED .. py:data:: c_rfc4716_def :value: Multiline-String .. raw:: html
Show Value .. code-block:: python """ struct ssh_string { uint32 length; char value[length]; } struct ssh_private_key { char magic[15]; ssh_string cipher; ssh_string kdf_name; ssh_string kdf_options; uint32 number_of_keys; ssh_string public; ssh_string private; } """ .. raw:: html
.. py:data:: c_rfc4716 .. py:data:: RFC4716_MARKER_START :value: b'-----BEGIN OPENSSH PRIVATE KEY-----' .. py:data:: RFC4716_MARKER_END :value: b'-----END OPENSSH PRIVATE KEY-----' .. py:data:: RFC4716_MAGIC :value: b'openssh-key-v1\x00' .. py:data:: RFC4716_PADDING :value: b'\x01\x02\x03\x04\x05\x06\x07' .. py:data:: RFC4716_NONE :value: b'none' .. py:data:: PKCS8_MARKER_START :value: b'-----BEGIN PRIVATE KEY-----' .. py:data:: PKCS8_MARKER_END :value: b'-----END PRIVATE KEY-----' .. py:data:: PKCS8_MARKER_START_ENCRYPTED :value: b'-----BEGIN ENCRYPTED PRIVATE KEY-----' .. py:data:: PKCS8_MARKER_END_ENCRYPTED :value: b'-----END ENCRYPTED PRIVATE KEY-----' .. py:data:: PEM_MARKER_START_RSA :value: b'-----BEGIN RSA PRIVATE KEY-----' .. py:data:: PEM_MARKER_END_RSA :value: b'-----END RSA PRIVATE KEY-----' .. py:data:: PEM_MARKER_START_DSA :value: b'-----BEGIN DSA PRIVATE KEY-----' .. py:data:: PEM_MARKER_END_DSA :value: b'-----END DSA PRIVATE KEY-----' .. py:data:: PEM_MARKER_START_EC :value: b'-----BEGIN EC PRIVATE KEY-----' .. py:data:: PEM_MARKER_END_EC :value: b'-----END EC PRIVATE KEY-----' .. py:data:: PEM_ENCRYPTED :value: b'ENCRYPTED' .. py:class:: SSHPrivateKey(data: bytes) A class to parse (OpenSSH-supported) SSH private keys. OpenSSH supports three types of keys: * RFC4716 (default) * PKCS8 * PEM .. py:function:: is_rfc4716(data: bytes) -> bool Validate data is a valid looking SSH private key in the OpenSSH format. .. py:function:: decode_rfc4716(data: bytes) -> bytes Base64 decode the private key data. .. py:function:: is_pkcs8(data: bytes) -> bool Validate data is a valid looking PKCS8 SSH private key. .. py:function:: is_pem(data: bytes) -> bool Validate data is a valid looking PEM SSH private key.