mirror of
https://github.com/MegaManSec/SSH-Snake.git
synced 2024-12-12 08:00:38 +01:00
Use -oPubkeyAcceptedKeyTypes=+ssh-rsa only if supported.
This commit is contained in:
parent
61acad40b4
commit
f2522a1abe
@ -386,10 +386,12 @@ check_sshkeygen() {
|
||||
check_ssh_options() {
|
||||
local ssh_extra_options
|
||||
local ssh_extra_option
|
||||
ssh_extra_options=(-oHostkeyAlgorithms=+ssh-rsa -oKexAlgorithms=+diffie-hellman-group1-sha1 -oPubkeyAcceptedKeyTypes=+ssh-rsa)
|
||||
ssh_extra_options=(-oHostkeyAlgorithms=+ssh-rsa -oKexAlgorithms=+diffie-hellman-group1-sha1)
|
||||
for ssh_extra_option in "${ssh_extra_options[@]}"; do
|
||||
[[ $(ssh "$ssh_extra_option" 2>&1) =~ Bad\ protocol\ 2\ host\ key\ algorithms|Bad\ SSH2\ KexAlgorithms|Bad\ key\ types ]] || ssh_options+=("$ssh_extra_option")
|
||||
done
|
||||
ssh_extra_options="-oPubkeyAcceptedKeyTypes=+ssh-rsa"
|
||||
[[ $(ssh "$ssh_extra_option" 2>&1) =~ Bad\ configuration\ option|pubkeyacceptedkeytypes ]] || ssh_options+=("$ssh_extra_option")
|
||||
}
|
||||
init_current_ips() {
|
||||
local current_ip
|
||||
|
4
Snake.sh
4
Snake.sh
@ -660,10 +660,12 @@ check_ssh_options() {
|
||||
local ssh_extra_options
|
||||
local ssh_extra_option
|
||||
|
||||
ssh_extra_options=(-oHostkeyAlgorithms=+ssh-rsa -oKexAlgorithms=+diffie-hellman-group1-sha1 -oPubkeyAcceptedKeyTypes=+ssh-rsa)
|
||||
ssh_extra_options=(-oHostkeyAlgorithms=+ssh-rsa -oKexAlgorithms=+diffie-hellman-group1-sha1)
|
||||
for ssh_extra_option in "${ssh_extra_options[@]}"; do
|
||||
[[ $(ssh "$ssh_extra_option" 2>&1) =~ Bad\ protocol\ 2\ host\ key\ algorithms|Bad\ SSH2\ KexAlgorithms|Bad\ key\ types ]] || ssh_options+=("$ssh_extra_option")
|
||||
done
|
||||
ssh_extra_options="-oPubkeyAcceptedKeyTypes=+ssh-rsa"
|
||||
[[ $(ssh "$ssh_extra_option" 2>&1) =~ Bad\ configuration\ option|pubkeyacceptedkeytypes ]] || ssh_options+=("$ssh_extra_option")
|
||||
}
|
||||
|
||||
# Determining the ip address of the current destination is difficult because it may have multiple ip addresses, and we are likely to connect to both of them eventually (including 127.0.0.1 for example).
|
||||
|
Loading…
Reference in New Issue
Block a user