Skip to content

Added "MACs" option to ssh options table #107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
xSetech wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Added "MACs" option to ssh options table #107

xSetech wants to merge 1 commit into from

Conversation

@xSetech
Copy link

@xSetech xSetech commented Jul 7, 2019

Permits preventing an indefinite hang when handing control to libssh.

Added this for an issue unrelated to wsh: Older sshd instances might only
support obselete MAC algorithms (e.g. hmac-sha1 or hmac-md5). If either the
client or server doesn't support a particular HMAC, the behavior appears to be
to block indefinitely... If the list is explicit about the supported algos, the
connection (correctly) fails immediately.

e.g. option usage: --ssh-opt "macs=hmac-sha2-256"

@worr
Copy link
Owner

worr commented Jul 8, 2019

Awesome, thanks for the patch! However, this is unsupported on older versions of libssh. The build hosts use 0.6.3, and I'd like to keep that version supported ideally. So please add a check in CMake for that constant, and then guard that hash entry in the assignment.

@xSetech
Added "MACs" option to ssh options table
70a2114 
Permits preventing an indefinite hang when handing control to libssh.

Added this for an issue unrelated to wsh: Older sshd instances might only
support obselete MAC algorithms (e.g.  hmac-sha1 or hmac-md5). If either the
client or server doesn't support a particular HMAC, the behavior appears to be
to block indefinitely... If the list is explicit about the supported algos, the
connection (correctly) fails immediately.

e.g. option usage:  --ssh-opt "macs=hmac-sha2-256"
@xSetech
Copy link
Author

xSetech commented Jul 8, 2019

Hey, look at that! Their header provides LIBSSH_VERSION_INT and SSH_VERSION_INT for us :)

@worr
Copy link
Owner

worr commented Jul 12, 2019
edited
Loading

Your test is failing because of SSH_VERSION_INT not being defined, and this feature comes from libssh 0.7.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@xSetech @worr