diff options
| author | Tim Smith <tsmith@chef.io> | 2020-07-08 14:31:50 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-07-08 14:31:50 -0700 |
| commit | 557427751efb87c7a8de31f851f338ffcc8b35f9 (patch) | |
| tree | 58697a476622390df8f127c3aa5269c9085e5974 | |
| parent | 008571e9709f59a2f9a0ea833e578d5b77558330 (diff) | |
| parent | 80c943bcade6c9a92e14369470a7cb35d6190fb9 (diff) | |
| download | chef-557427751efb87c7a8de31f851f338ffcc8b35f9.tar.gz | |
Merge pull request #10133 from chef/ssh
Support legacy DSS host keys with knife-ssh
| -rw-r--r-- | lib/chef/knife/ssh.rb | 4 | ||||
| -rw-r--r-- | spec/functional/knife/ssh_spec.rb | 8 |
2 files changed, 8 insertions, 4 deletions
diff --git a/lib/chef/knife/ssh.rb b/lib/chef/knife/ssh.rb index 6611421d85..e89fb93f07 100644 --- a/lib/chef/knife/ssh.rb +++ b/lib/chef/knife/ssh.rb @@ -296,6 +296,10 @@ class Chef opts[:keepalive] = true opts[:keepalive_interval] = ssh_config[:keepalive_interval] end + # maintain support for legacy key types / ciphers / key exchange algorithms. + # most importantly this adds back support for DSS host keys + # See https://github.com/net-ssh/net-ssh/pull/709 + opts[:append_all_supported_algorithms] = true end end diff --git a/spec/functional/knife/ssh_spec.rb b/spec/functional/knife/ssh_spec.rb index 4f4290f66d..93b77b0741 100644 --- a/spec/functional/knife/ssh_spec.rb +++ b/spec/functional/knife/ssh_spec.rb @@ -278,7 +278,7 @@ describe Chef::Knife::Ssh do end it "uses the ssh_gateway" do - expect(@knife.session).to receive(:via).with("ec2.public_hostname", "user", {}) + expect(@knife.session).to receive(:via).with("ec2.public_hostname", "user", { append_all_supported_algorithms: true }) @knife.run expect(@knife.config[:ssh_gateway]).to eq("user@ec2.public_hostname") end @@ -291,7 +291,7 @@ describe Chef::Knife::Ssh do end it "uses the ssh_gateway" do - expect(@knife.session).to receive(:via).with("ec2.public_hostname", "user", {}) + expect(@knife.session).to receive(:via).with("ec2.public_hostname", "user", { append_all_supported_algorithms: true }) @knife.run expect(@knife.config[:ssh_gateway]).to eq("user@ec2.public_hostname") end @@ -305,7 +305,7 @@ describe Chef::Knife::Ssh do end it "uses the ssh_gateway_identity file" do - expect(@knife.session).to receive(:via).with("ec2.public_hostname", "user", { keys: File.expand_path("#{ENV["HOME"]}/.ssh/aws-gateway.rsa").squeeze("/"), keys_only: true }) + expect(@knife.session).to receive(:via).with("ec2.public_hostname", "user", { append_all_supported_algorithms: true, keys: File.expand_path("#{ENV["HOME"]}/.ssh/aws-gateway.rsa").squeeze("/"), keys_only: true }) @knife.run expect(@knife.config[:ssh_gateway_identity]).to eq("~/.ssh/aws-gateway.rsa") end @@ -319,7 +319,7 @@ describe Chef::Knife::Ssh do end it "uses the ssh_gateway_identity file" do - expect(@knife.session).to receive(:via).with("ec2.public_hostname", "user", { keys: File.expand_path("#{ENV["HOME"]}/.ssh/aws-gateway.rsa").squeeze("/"), keys_only: true }) + expect(@knife.session).to receive(:via).with("ec2.public_hostname", "user", { append_all_supported_algorithms: true, keys: File.expand_path("#{ENV["HOME"]}/.ssh/aws-gateway.rsa").squeeze("/"), keys_only: true }) @knife.run expect(@knife.config[:ssh_gateway_identity]).to eq("~/.ssh/aws-gateway.rsa") end |