| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This does not implement certificate based authentication (described here
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?rev=HEAD)
but instead makes it so that if the certificate is not needed for
authentication net-ssh doesn't cause the entire application to die.
The net-ssh test suite continues to pass. On my own machine I did tests
with certificates loaded and verified that although authentication could
not proceed to a host requiring a certificate it at least did not die.
I also verified that I can continue to use normal rsa and dsa keys to
ssh to hosts that do not require certificates even when the certificates
are loaded into my ssh-agent instance.
This is a potential solution to issue #124 and an alternative to the one
presented in pull request #134.
|
| |
|
|
|
|
| |
root namespace". Added a require for the 'none' authentication method in session.rb.
|
| |
|
| |
|
|
|
|
| |
passphrases'
|
|
|
|
| |
Also accept `:send_env` option on `Net::SSH.start`
|
|\
| |
| | |
implement a experimental keepalive feature #115
|
| | |
|
|/
|
|
|
|
| |
In the situation where the socket has only one line to respond with, any
following gets to the socket need to take care to not assume there is a
non-nil response.
|
| |
|
|\
| |
| | |
Add a wait to the loop in close
|
| |
| |
| | |
this is possibly blocking in cases where the connection is now unresponsive, and also causing timeouts which wrap this to block.
|
|\ \
| |/
|/| |
|
| |
| |
| | |
Add support of "%h" value in ssh_config translation
|
| | |
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per section 6.1 of RFC 4253 an SSH implementation MUST support a packet
size of 32768 bytes, however, any size above this is not mandatory.
Currently, the max packet size is 64Kb and can cause a channel open
failure for hosts which only support the required 32Kb packet size.
As a result, we now default to the required size of 32768 (0x8000) in
order to avoid any errors with such hosts.
Additionally, the user can now manually define the maximum packet and
window size, should they choose to in the event that they wish to
obtain performance gains from a larger packet/window size.
|
| |
|
|
|
|
|
| |
It's prefered to fallback to the newer api instead of checking for
versions before 1.9 and 1.9 and leaving others open to breakage.
|
| |
|
|\ |
|
| |\
| | |
| | | |
Remove a warning "shadowing outer local variable - type"
|
| | | |
|
|/ / |
|
| | |
|
| | |
|
|/ |
|
| |
|
|\
| |
| | |
PacketStream: Properly detect disconnects in nonblocking reads.
|
| |
| |
| |
| |
| |
| |
| | |
We see a bug where it's possible to get net-ssh into an infite loop
spinning CPU after a connection has been closed. I am unable to
reliably reproduce it, so I can't be positive this is the fix, but I
have not seen a recurrence in our environment since adding this patch.
|
| | |
|
|\ \
| | |
| | | |
Fix Invalid key size in JRuby
|
| |/ |
|
|/
|
|
| |
Add #gets_extended_data to the test flow
|
|\ |
|
| | |
|
|/ |
|
| |
|
|\
| |
| | |
Use OpenSSL::PKey.read to read arbitrary private key.
|
| |
| |
| |
| |
| | |
OpenSSL::PKey.read was introduced from 1.9.3. This helps to load private keys
generated by `openssl req -newkey` command.
|
|\ \
| | |
| | | |
check an availability of UNIXSocket and UNIXServer
|
| | | |
|
|\ \ \
| | | |
| | | | |
Implementation of the "none"-authentication method
|
| | | | |
|
| | | | |
|
| | | | |
|
|\ \ \ \
| |_|_|/
|/| | | |
Add class for stricter host key verification
|
| | | |
| | | |
| | | |
| | | | |
The behavior should be identical, but this avoids some code duplication.
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
The Secure verifier will not silently add entries to your known_hosts
files. Instead it will raise HostKeyUnknown, a subclass of HostKeyError.
As with HostKeyMismatch (now also a subclass of HostKeyError), you can
call remember_host! on the exception to add the key to known_hosts.
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, UTF-8 encoded strings would result in the error:
`final': data not multiple of block length (OpenSSL::Cipher::CipherError)
This is because cipher padding length was based on character length
instead of bytesize. When a UTF-8 character with a bytesize of e.g. 3
was encountered, Net::SSH would incorrectly add 2 more padding than was
needed, breaking the block size multiple.
Buffer also incorrectly identified the length of the string in
write_string using character length instead of bytesize.
|