openssh源码分析笔记

时间:2022-03-02 16:47:21

1、客户端保活:
options.client_alive_interval
options.client_alive_count_max
在wait_until_can_do_something()函数中实现

2、主进程监听客户端连接请求

 main()

 server_accept_loop()

3、接受客户端连接请求后协商:

  1)版本号协商:

  main

  sshd_exchange_identification

  2)算法密钥协商:

  main

  do_ssh2_kex

  3)用户名密码验证:  

  main 

  do_authentication2
  input_service_request
  input_service_request
  authmethod_lookup
  authmethod_lookup中遍历全局变量 authmethods
  authmethods->method_passwd
  method_passwd->userauth_passwd
  userauth_passwd
  auth_password
  sys_auth_passwd

4、验证通过后shell启动流程

main()

do_authenticated

do_authenticated2

server_loop2


debug1: server_init_dispatch
debug1: server_input_channel_open: ctype session rchan 0 win 131072 max 32768
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/pts/4
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
Starting session: shell on pts/4 for root from 10.1.5.200 port 54717 id 0


session_input_channel_req

session_shell_req

do_exec

do_exec_pty

do_child

execve()


5、启动shell过程会写入 /var/run/utmp文件(linux通过w或who命令查看登录用户就是读取的该文件)

do_exec_pty

do_login

record_login

login_login

login_write 

utm_write_entry

  utmp_perform_logout

  utmp_perform_login  

    utmp_write_library

      pututline