[bugifx] support old ssh key algorithms

4e744fcd · Eric · 00fd5d8a · 4e744fcd
Commit 4e744fcd authored Dec 05, 2019 by Eric
Hide whitespace changes
Inline Side-by-side

Showing with 20 additions and 5 deletions

connmanager.go pkg/srvconn/connmanager.go +20 -5

No files found.
--- a/pkg/srvconn/connmanager.go
+++ b/pkg/srvconn/connmanager.go
@@ -29,6 +29,20 @@ var (
 		"arcfour256", "arcfour128", "arcfour",
 		"aes128-cbc",
 		"3des-cbc"}
+	supportedKexAlgos = []string{
+		"diffie-hellman-group1-sha1",
+		"diffie-hellman-group14-sha1", "ecdh-sha2-nistp256", "ecdh-sha2-nistp521",
+		"ecdh-sha2-nistp384", "curve25519-sha256@libssh.org"}
+	supportedHostKeyAlgos = []string{
+		"ssh-rsa-cert-v01@openssh.com", "ssh-dss-cert-v01@openssh.com", "ecdsa-sha2-nistp256-cert-v01@openssh.com",
+		"ecdsa-sha2-nistp384-cert-v01@openssh.com", "ecdsa-sha2-nistp521-cert-v01@openssh.com",
+		"ssh-ed25519-cert-v01@openssh.com",
+		"ecdsa-sha2-nistp256", "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521",
+		"ssh-rsa", "ssh-dss",
+		"ssh-ed25519",
+	}
 )
 type SSHClient struct {
@@ -159,11 +173,12 @@ func (sc *SSHClientConfig) Config() (config *gossh.ClientConfig, err error) {
 		}
 	}
 	config = &gossh.ClientConfig{
-		User:            sc.User,
+		User:              sc.User,
-		Auth:            authMethods,
+		Auth:              authMethods,
-		HostKeyCallback: gossh.InsecureIgnoreHostKey(),
+		HostKeyCallback:   gossh.InsecureIgnoreHostKey(),
-		Config:          gossh.Config{Ciphers: supportedCiphers},
+		Config:            gossh.Config{Ciphers: supportedCiphers, KeyExchanges: supportedKexAlgos},
-		Timeout:         sc.Timeout,
+		Timeout:           sc.Timeout,
+		HostKeyAlgorithms: supportedHostKeyAlgos,
 	}
 	return config, nil
 }