1
0
forked from extern/SSH-Snake

Use -oPubkeyAcceptedKeyTypes=+ssh-rsa only if supported.

This commit is contained in:
Joshua Rogers 2024-01-11 23:56:09 +07:00
parent 61acad40b4
commit f2522a1abe
2 changed files with 6 additions and 2 deletions

View File

@ -386,10 +386,12 @@ check_sshkeygen() {
check_ssh_options() { check_ssh_options() {
local ssh_extra_options local ssh_extra_options
local ssh_extra_option local ssh_extra_option
ssh_extra_options=(-oHostkeyAlgorithms=+ssh-rsa -oKexAlgorithms=+diffie-hellman-group1-sha1 -oPubkeyAcceptedKeyTypes=+ssh-rsa) ssh_extra_options=(-oHostkeyAlgorithms=+ssh-rsa -oKexAlgorithms=+diffie-hellman-group1-sha1)
for ssh_extra_option in "${ssh_extra_options[@]}"; do for ssh_extra_option in "${ssh_extra_options[@]}"; do
[[ $(ssh "$ssh_extra_option" 2>&1) =~ Bad\ protocol\ 2\ host\ key\ algorithms|Bad\ SSH2\ KexAlgorithms|Bad\ key\ types ]] || ssh_options+=("$ssh_extra_option") [[ $(ssh "$ssh_extra_option" 2>&1) =~ Bad\ protocol\ 2\ host\ key\ algorithms|Bad\ SSH2\ KexAlgorithms|Bad\ key\ types ]] || ssh_options+=("$ssh_extra_option")
done done
ssh_extra_options="-oPubkeyAcceptedKeyTypes=+ssh-rsa"
[[ $(ssh "$ssh_extra_option" 2>&1) =~ Bad\ configuration\ option|pubkeyacceptedkeytypes ]] || ssh_options+=("$ssh_extra_option")
} }
init_current_ips() { init_current_ips() {
local current_ip local current_ip

View File

@ -660,10 +660,12 @@ check_ssh_options() {
local ssh_extra_options local ssh_extra_options
local ssh_extra_option local ssh_extra_option
ssh_extra_options=(-oHostkeyAlgorithms=+ssh-rsa -oKexAlgorithms=+diffie-hellman-group1-sha1 -oPubkeyAcceptedKeyTypes=+ssh-rsa) ssh_extra_options=(-oHostkeyAlgorithms=+ssh-rsa -oKexAlgorithms=+diffie-hellman-group1-sha1)
for ssh_extra_option in "${ssh_extra_options[@]}"; do for ssh_extra_option in "${ssh_extra_options[@]}"; do
[[ $(ssh "$ssh_extra_option" 2>&1) =~ Bad\ protocol\ 2\ host\ key\ algorithms|Bad\ SSH2\ KexAlgorithms|Bad\ key\ types ]] || ssh_options+=("$ssh_extra_option") [[ $(ssh "$ssh_extra_option" 2>&1) =~ Bad\ protocol\ 2\ host\ key\ algorithms|Bad\ SSH2\ KexAlgorithms|Bad\ key\ types ]] || ssh_options+=("$ssh_extra_option")
done done
ssh_extra_options="-oPubkeyAcceptedKeyTypes=+ssh-rsa"
[[ $(ssh "$ssh_extra_option" 2>&1) =~ Bad\ configuration\ option|pubkeyacceptedkeytypes ]] || ssh_options+=("$ssh_extra_option")
} }
# Determining the ip address of the current destination is difficult because it may have multiple ip addresses, and we are likely to connect to both of them eventually (including 127.0.0.1 for example). # Determining the ip address of the current destination is difficult because it may have multiple ip addresses, and we are likely to connect to both of them eventually (including 127.0.0.1 for example).