Interface module for the
Type definitions that are used more than once in this module, or abstractions to indicate the intended use of the data type, or both:
=
=
Opaque to the user,
returned by
Opaque to the user,
returned by
=
=
=
=
Closes an SSH connection.
Connects to an SSH server. No channel is started. This is done
by calling
Options:
IP version to use.
Sets the user directory, that is, the directory containing
If the user DSA key is protected by a passphrase, it can be supplied with this option.
If the user RSA key is protected by a passphrase, it can be supplied with this option.
When
If
Sets the preferred public key algorithm to use for user
authentication. If the preferred algorithm fails,
the other algorithm is tried. The default is
to try
List of public key algorithms to try to use.
Sets a time-out on the transport layer
connection. For
Provides a username. If this option is not given,
Provides a password for password authentication. If this option is not given, the user is asked for a password, if the password authentication method is attempted.
Module implementing the behaviour
If
Allows an existing file descriptor to be used (by passing it on to the transport protocol).
Provides, in bytes, when rekeying is to be initiated. Defaults to once per each GB and once per hour.
Sets a time-out on a connection when no channels are active.
Defaults to
Retrieves information about a connection.
Starts a server listening for SSH connections on the given port.
Options:
IP version to use when the host address is specified as
Provides specifications for handling of subsystems. The
"sftp" subsystem specification is retrieved by calling
Defines the read-eval-print loop used when a shell is
requested by the client. The default is to use the Erlang shell:
Provides your own CLI implementation, that is, a channel callback
module that implements a shell and command execution. The shell
read-eval-print loop can be customized, using the
option
Sets the user directory. That is, the directory containing
Sets the system directory, containing the host key files
that identify the host keys for
Comma-separated string that determines which
authentication methods that the server is to support and
in what order they are tried. Defaults to
Provides passwords for password authentication. The passwords are used when someone tries to connect to the server and public key user-authentication fails. The option provides a list of valid usernames and the corresponding passwords.
Provides a global password that authenticates any user. From a security perspective this option makes the server very vulnerable.
Provides a function for password validation. This function is called
with user and password as strings, and returns
Maximum time in milliseconds for the authentication negotiation. Defaults to 120000 (2 minutes). If the client fails to log in within this time, the connection is closed.
The maximum number of simultaneous sessions that are accepted at any time
for this daemon. This includes sessions that are being authorized.
Thus, if set to
The counter is per listening port. Thus, if two daemons are started, one with
Notice that if
By default, this option is not set. This means that the number is not limited.
If set to false (the default value), only one login is handled at a time. If set to true, an unlimited number of login attempts are allowed simultaneously.
If the
Do not enable
The least maximum packet size that the daemon will accept in channel open requests from the client. The default value is 0.
Module implementing the behaviour
Allows an existing file-descriptor to be used (passed on to the transport protocol).
Provides a fun to implement your own logging when a user fails to authenticate.
Provides a fun to implement your own logging when a user authenticates to the server.
Provides a fun to implement your own logging when a user disconnects from the server.
Starts an interactive shell over an SSH server on the
given
Utility function that starts the applications
Stops the
Stops the listener and all connections started by the listener.
Stops the listener, but leaves existing connections started by the listener operational.