Compatibility with OpenSSH 7.1p1 (Ubuntu 18.04 LTS)

The feature to add algorithms to the front of the default set by
using a leading `^` has been added in OpenSSH 8.0 and cause an
error on earlier versions.

Specifying a different cipher is just a (minor) performance tweak,
not a requirement.

Signed-off-by: Jan Dubois <jan.dubois@suse.com>

Author: jandubois

go.mod

@@ -8,6 +8,7 @@ require (
 	github.com/cheggaaa/pb/v3 v3.0.8
 	github.com/containerd/containerd v1.5.7
 	github.com/containerd/continuity v0.2.0
+	github.com/coreos/go-semver v0.3.0
 	github.com/digitalocean/go-qemu v0.0.0-20210326154740-ac9e0b687001
 	github.com/diskfs/go-diskfs v1.2.0
 	github.com/docker/go-units v0.4.0

go.sum

@@ -247,6 +247,7 @@ github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmeka
 github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU=
 github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc=
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
+github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM=
 github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=

pkg/sshutil/sshutil.go

@@ -1,14 +1,18 @@
 package sshutil
 
 import (
+	"bytes"
 	"errors"
 	"fmt"
 	"io/fs"
 	"os"
 	"os/exec"
 	"path/filepath"
+	"regexp"
 	"strings"
+	"sync"
 
+	"github.com/coreos/go-semver/semver"
 	"github.com/lima-vm/lima/pkg/lockutil"
 	"github.com/lima-vm/lima/pkg/osutil"
 	"github.com/lima-vm/lima/pkg/store/dirnames"
@@ -102,6 +106,15 @@ func DefaultPubKeys(loadDotSSH bool) ([]PubKey, error) {
 	return res, nil
 }
 
+var sshInfo struct {
+	sync.Once
+	// aesAccelerated is set to true when AES acceleration is available.
+	// Available on almost all modern Intel/AMD processors.
+	aesAccelerated bool
+	// openSSHVersion is set to the version of OpenSSH, or semver.New("0.0.0") if the version cannot be determined.
+	openSSHVersion semver.Version
+}
+
 func CommonArgs(useDotSSH bool) ([]string, error) {
 	configDir, err := dirnames.LimaConfigDir()
 	if err != nil {
@@ -159,16 +172,24 @@ func CommonArgs(useDotSSH bool) ([]string, error) {
 		"-F", "/dev/null",
 	)
 
-	// By default, `ssh` choose chacha20-poly1305@openssh.com, even when AES accelerator is available.
-	// (OpenSSH_8.1p1, macOS 11.6, MacBookPro 2020, Core i7-1068NG7)
-	//
-	// We prioritize AES algorithms when AES accelerator is available.
-	if aesAccelerated {
-		logrus.Debugf("AES accelerator seems available, prioritizing aes128-gcm@openssh.com and aes256-gcm@openssh.com")
-		args = append(args, "-o", "Ciphers=^aes128-gcm@openssh.com,aes256-gcm@openssh.com")
-	} else {
-		logrus.Debugf("AES accelerator does not seem available, prioritizing chacha20-poly1305@openssh.com")
-		args = append(args, "-o", "Ciphers=^chacha20-poly1305@openssh.com")
+	sshInfo.Do(func() {
+		sshInfo.aesAccelerated = detectAESAcceleration()
+		sshInfo.openSSHVersion = detectOpenSSHVersion()
+	})
+
+	// Only OpenSSH version 8.0 and later support adding ciphers to the front of the default set
+	if !sshInfo.openSSHVersion.LessThan(*semver.New("8.0.0")) {
+		// By default, `ssh` choose chacha20-poly1305@openssh.com, even when AES accelerator is available.
+		// (OpenSSH_8.1p1, macOS 11.6, MacBookPro 2020, Core i7-1068NG7)
+		//
+		// We prioritize AES algorithms when AES accelerator is available.
+		if sshInfo.aesAccelerated {
+			logrus.Debugf("AES accelerator seems available, prioritizing aes128-gcm@openssh.com and aes256-gcm@openssh.com")
+			args = append(args, "-o", "Ciphers=^aes128-gcm@openssh.com,aes256-gcm@openssh.com")
+		} else {
+			logrus.Debugf("AES accelerator does not seem available, prioritizing chacha20-poly1305@openssh.com")
+			args = append(args, "-o", "Ciphers=^chacha20-poly1305@openssh.com")
+		}
 	}
 	return args, nil
 }
@@ -195,7 +216,25 @@ func SSHArgs(instDir string, useDotSSH bool) ([]string, error) {
 	return args, nil
 }
 
-// aesAccelerated is set to true when AES acceleration is available.
-//
-// Available on almost all modern Intel/AMD processors.
-var aesAccelerated = detectAESAcceleration()
+func detectOpenSSHVersion() semver.Version {
+	var (
+		v      semver.Version
+		stderr bytes.Buffer
+	)
+	cmd := exec.Command("ssh", "-V")
+	cmd.Stderr = &stderr
+	if err := cmd.Run(); err != nil {
+		logrus.Warn("failed to run %v: stderr=%q", cmd.Args, stderr.String())
+	} else {
+		regex := regexp.MustCompile(`^OpenSSH_(\d+\.\d+)(?:p(\d+))?\b`)
+		matches := regex.FindSubmatch(stderr.Bytes())
+		if len(matches) == 3 {
+			if len(matches[2]) == 0 {
+				matches[2] = []byte("0")
+			}
+			v = *semver.New(fmt.Sprintf("%s.%s", matches[1], matches[2]))
+		}
+	}
+	logrus.Debugf("OpenSSH version %s detected", v)
+	return v
+}