diff options
author | Jeff Forcier <jeff@bitprophet.org> | 2022-04-22 19:11:03 -0400 |
---|---|---|
committer | Jeff Forcier <jeff@bitprophet.org> | 2022-04-22 19:12:32 -0400 |
commit | 7a2c84afaada7a513ee482ba36e8848528b6f5f3 (patch) | |
tree | 2494ec3ce75a1360800531deb33e3593198e6377 /paramiko/transport.py | |
parent | 239d2bd7a620be5cdaaa26f981ea72f5f55c9050 (diff) | |
download | paramiko-7a2c84afaada7a513ee482ba36e8848528b6f5f3.tar.gz |
Add -cert-v01@openssh.com variants to accepted host key algorithms
Solves #2035
Diffstat (limited to 'paramiko/transport.py')
-rw-r--r-- | paramiko/transport.py | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/paramiko/transport.py b/paramiko/transport.py index b99b3278..83cedbf6 100644 --- a/paramiko/transport.py +++ b/paramiko/transport.py @@ -549,7 +549,15 @@ class Transport(threading.Thread, ClosingContextManager): @property def preferred_keys(self): - return self._filter_algorithm("keys") + # Interleave cert variants here; resistant to various background + # overwriting of _preferred_keys, and necessary as hostkeys can't use + # the logic pubkey auth does re: injecting/checking for certs at + # runtime + filtered = self._filter_algorithm("keys") + return tuple( + filtered + + tuple("{}-cert-v01@openssh.com".format(x) for x in filtered) + ) @property def preferred_pubkeys(self): |