eximius-net-ssh 6.3.1

data/Dockerfile

@@ -0,0 +1,27 @@
+ARG RUBY_VERSION=3.1
+FROM ruby:${RUBY_VERSION}
+
+RUN apt update && apt install -y openssh-server sudo netcat \
+  && useradd --create-home --shell '/bin/bash' --comment 'NetSSH' 'net_ssh_1' \
+  && useradd --create-home --shell '/bin/bash' --comment 'NetSSH' 'net_ssh_2' \
+  && echo net_ssh_1:foopwd | chpasswd \
+  && echo net_ssh_2:foo2pwd | chpasswd \
+  && mkdir -p /home/net_ssh_1/.ssh \
+  && mkdir -p /home/net_ssh_2/.ssh \
+  && echo "net_ssh_1 ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers \
+  && echo "net_ssh_2 ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers \
+  && ssh-keygen -f /etc/ssh/users_ca -N ''
+
+ENV INSTALL_PATH="/netssh"
+
+WORKDIR $INSTALL_PATH
+
+COPY Gemfile net-ssh.gemspec $INSTALL_PATH/
+
+COPY lib/net/ssh/version.rb $INSTALL_PATH/lib/net/ssh/version.rb
+
+RUN gem install bundler && bundle install
+
+COPY . $INSTALL_PATH/
+
+CMD service ssh start && rake test && NET_SSH_NO_ED25519=1 rake test

data/Dockerfile.openssl3

@@ -0,0 +1,17 @@
+FROM ubuntu:22.04
+
+ENV INSTALL_PATH="/netssh"
+
+RUN apt update && apt install -y openssl ruby ruby-dev git build-essential
+
+WORKDIR $INSTALL_PATH
+
+COPY Gemfile net-ssh.gemspec $INSTALL_PATH/
+
+COPY lib/net/ssh/version.rb $INSTALL_PATH/lib/net/ssh/version.rb
+
+RUN ls -l && gem install bundler && bundle install
+
+COPY . $INSTALL_PATH/
+
+CMD openssl version && ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION' && rake test

data/Gemfile

@@ -0,0 +1,13 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in mygem.gemspec
+gemspec
+
+gem 'byebug', group: %i[development test] if !Gem.win_platform? && RUBY_ENGINE == "ruby"
+
+if ENV["CI"]
+  gem 'codecov', require: false, group: :test
+  gem 'simplecov', require: false, group: :test
+end
+
+gem 'webrick', group: %i[development test] if RUBY_VERSION.split(".")[0].to_i >= 3

data/Gemfile.noed25519

@@ -0,0 +1,12 @@
+source 'https://rubygems.org'
+
+ENV['NET_SSH_NO_ED25519'] = 'true'
+# Specify your gem's dependencies in mygem.gemspec
+gemspec
+
+if ENV["CI"] && !Gem.win_platform?
+  gem 'simplecov', require: false, group: :test
+  gem 'codecov', require: false, group: :test
+end
+
+gem 'webrick', group: %i[development test] if RUBY_VERSION.split(".")[0].to_i >= 3

data/ISSUE_TEMPLATE.md

@@ -0,0 +1,30 @@
+### Expected behavior
+
+Tell us what should happen
+
+### Actual behavior
+
+Tell us what happens instead.
+
+### System configuration
+
+- net-ssh version
+- Ruby version
+
+### Example App
+
+Please provide an example script that reproduces the problem. This will save maintainers time so they can spend it fixing your issues instead of trying to build a reproduction case from sparse instructions.
+
+You can use this as stating point:
+
+```ruby
+gem 'net-ssh', '= 4.0.0.beta3'
+require 'net/ssh'
+puts Net::SSH::Version::CURRENT
+
+@host = 'localhost'
+@user = ENV['USER']
+Net::SSH.start(@host, @user) do |ssh|
+  puts ssh.exec!('echo "hello"')
+end
+```

data/LICENSE.txt

@@ -0,0 +1,19 @@
+Copyright © 2008 Jamis Buck
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the ‘Software’), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED ‘AS IS’, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/Manifest

@@ -0,0 +1,132 @@
+CHANGELOG.rdoc
+Manifest
+README.rdoc
+Rakefile
+Rudyfile
+THANKS.rdoc
+lib/net/ssh.rb
+lib/net/ssh/authentication/agent.rb
+lib/net/ssh/authentication/constants.rb
+lib/net/ssh/authentication/key_manager.rb
+lib/net/ssh/authentication/methods/abstract.rb
+lib/net/ssh/authentication/methods/hostbased.rb
+lib/net/ssh/authentication/methods/keyboard_interactive.rb
+lib/net/ssh/authentication/methods/password.rb
+lib/net/ssh/authentication/methods/publickey.rb
+lib/net/ssh/authentication/pageant.rb
+lib/net/ssh/authentication/session.rb
+lib/net/ssh/buffer.rb
+lib/net/ssh/buffered_io.rb
+lib/net/ssh/config.rb
+lib/net/ssh/connection/channel.rb
+lib/net/ssh/connection/constants.rb
+lib/net/ssh/connection/session.rb
+lib/net/ssh/connection/term.rb
+lib/net/ssh/errors.rb
+lib/net/ssh/key_factory.rb
+lib/net/ssh/known_hosts.rb
+lib/net/ssh/loggable.rb
+lib/net/ssh/packet.rb
+lib/net/ssh/prompt.rb
+lib/net/ssh/proxy/command.rb
+lib/net/ssh/proxy/errors.rb
+lib/net/ssh/proxy/http.rb
+lib/net/ssh/proxy/socks4.rb
+lib/net/ssh/proxy/socks5.rb
+lib/net/ssh/service/forward.rb
+lib/net/ssh/test.rb
+lib/net/ssh/test/channel.rb
+lib/net/ssh/test/extensions.rb
+lib/net/ssh/test/kex.rb
+lib/net/ssh/test/local_packet.rb
+lib/net/ssh/test/packet.rb
+lib/net/ssh/test/remote_packet.rb
+lib/net/ssh/test/script.rb
+lib/net/ssh/test/socket.rb
+lib/net/ssh/transport/algorithms.rb
+lib/net/ssh/transport/cipher_factory.rb
+lib/net/ssh/transport/constants.rb
+lib/net/ssh/transport/ctr.rb
+lib/net/ssh/transport/hmac.rb
+lib/net/ssh/transport/hmac/abstract.rb
+lib/net/ssh/transport/hmac/md5.rb
+lib/net/ssh/transport/hmac/md5_96.rb
+lib/net/ssh/transport/hmac/none.rb
+lib/net/ssh/transport/hmac/ripemd160.rb
+lib/net/ssh/transport/hmac/sha1.rb
+lib/net/ssh/transport/hmac/sha1_96.rb
+lib/net/ssh/transport/hmac/sha2_256.rb
+lib/net/ssh/transport/hmac/sha2_256_96.rb
+lib/net/ssh/transport/hmac/sha2_512.rb
+lib/net/ssh/transport/hmac/sha2_512_96.rb
+lib/net/ssh/transport/identity_cipher.rb
+lib/net/ssh/transport/key_expander.rb
+lib/net/ssh/transport/kex.rb
+lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb
+lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb
+lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb
+lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb
+lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb
+lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb
+lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb
+lib/net/ssh/transport/openssl.rb
+lib/net/ssh/transport/packet_stream.rb
+lib/net/ssh/transport/server_version.rb
+lib/net/ssh/transport/session.rb
+lib/net/ssh/transport/state.rb
+lib/net/ssh/verifiers/accept_new.rb
+lib/net/ssh/verifiers/accept_new_or_local_tunnel.rb
+lib/net/ssh/verifiers/always.rb
+lib/net/ssh/verifiers/never.rb
+lib/net/ssh/version.rb
+net-ssh.gemspec
+setup.rb
+support/arcfour_check.rb
+support/ssh_tunnel_bug.rb
+test/authentication/methods/common.rb
+test/authentication/methods/test_abstract.rb
+test/authentication/methods/test_hostbased.rb
+test/authentication/methods/test_keyboard_interactive.rb
+test/authentication/methods/test_password.rb
+test/authentication/methods/test_publickey.rb
+test/authentication/test_agent.rb
+test/authentication/test_key_manager.rb
+test/authentication/test_session.rb
+test/common.rb
+test/configs/eqsign
+test/configs/exact_match
+test/configs/host_plus
+test/configs/multihost
+test/configs/wild_cards
+test/connection/test_channel.rb
+test/connection/test_session.rb
+test/test_all.rb
+test/test_buffer.rb
+test/test_buffered_io.rb
+test/test_config.rb
+test/test_key_factory.rb
+test/transport/hmac/test_md5.rb
+test/transport/hmac/test_md5_96.rb
+test/transport/hmac/test_none.rb
+test/transport/hmac/test_ripemd160.rb
+test/transport/hmac/test_sha1.rb
+test/transport/hmac/test_sha1_96.rb
+test/transport/hmac/test_sha2_256.rb
+test/transport/hmac/test_sha2_256_96.rb
+test/transport/hmac/test_sha2_512.rb
+test/transport/hmac/test_sha2_512_96.rb
+test/transport/kex/test_diffie_hellman_group1_sha1.rb
+test/transport/kex/test_diffie_hellman_group14_sha1.rb
+test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb
+test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb
+test/transport/kex/test_ecdh_sha2_nistp256.rb
+test/transport/kex/test_ecdh_sha2_nistp384.rb
+test/transport/kex/test_ecdh_sha2_nistp521.rb
+test/transport/test_algorithms.rb
+test/transport/test_cipher_factory.rb
+test/transport/test_hmac.rb
+test/transport/test_identity_cipher.rb
+test/transport/test_packet_stream.rb
+test/transport/test_server_version.rb
+test/transport/test_session.rb
+test/transport/test_state.rb

data/README.md

@@ -0,0 +1,293 @@
+[![Gem Version](https://badge.fury.io/rb/net-ssh.svg)](https://badge.fury.io/rb/net-ssh)
+[![Join the chat at https://gitter.im/net-ssh/net-ssh](https://badges.gitter.im/net-ssh/net-ssh.svg)](https://gitter.im/net-ssh/net-ssh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+[![Build status](https://github.com/net-ssh/net-ssh/actions/workflows/ci.yml/badge.svg)](https://github.com/net-ssh/net-ssh/actions/workflows/ci.yml)
+[![Coverage status](https://codecov.io/gh/net-ssh/net-ssh/branch/master/graph/badge.svg)](https://codecov.io/gh/net-ssh/net-ssh)
+[![Backers on Open Collective](https://opencollective.com/net-ssh/backers/badge.svg)](#backers])
+[![Sponsors on Open Collective](https://opencollective.com/net-ssh/sponsors/badge.svg)](#sponsors)
+
+# Net::SSH 6.x
+
+* Docs: http://net-ssh.github.io/net-ssh
+* Issues: https://github.com/net-ssh/net-ssh/issues
+* Codes: https://github.com/net-ssh/net-ssh
+* Email: net-ssh@solutious.com
+
+*As of v2.6.4, all gem releases are signed. See [INSTALL](#install).*
+
+## DESCRIPTION:
+
+Net::SSH is a pure-Ruby implementation of the SSH2 client protocol.
+It allows you to write programs that invoke and interact with processes on remote servers, via SSH2.
+
+## FEATURES:
+
+* Execute processes on remote servers and capture their output
+* Run multiple processes in parallel over a single SSH connection
+* Support for SSH subsystems
+* Forward local and remote ports via an SSH connection
+
+## Supported Algorithms
+
+Net::SSH 6.0 disables by default the usage of weak algorithms.
+We strongly recommend that you install a servers's version that supports the latest algorithms.
+
+It is possible to return to the previous behavior by adding the option : `append_all_supported_algorithms: true`
+
+Unsecure algoritms will definitely be removed in Net::SSH 7.*.
+
+### Host Keys
+
+| Name                 | Support               | Details  |
+|----------------------|-----------------------|----------|
+| ssh-rsa              | OK                    |          |
+| ssh-ed25519          | OK                    | Require the gem `ed25519` |
+| ecdsa-sha2-nistp521  | OK                    | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
+| ecdsa-sha2-nistp384  | OK                    | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
+| ecdsa-sha2-nistp256  | OK                    | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
+| ssh-dss              | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+
+### Key Exchange
+
+| Name                                 | Support               | Details  |
+|--------------------------------------|-----------------------|----------|
+| curve25519-sha256                    | OK                    | Require the gem `x25519` |
+| ecdh-sha2-nistp521                   | OK                    | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
+| ecdh-sha2-nistp384                   | OK                    | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
+| ecdh-sha2-nistp256                   | OK                    | [using weak elliptic curves](https://safecurves.cr.yp.to/) |
+| diffie-hellman-group1-sha1           | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| diffie-hellman-group14-sha1          | OK                    |          |
+| diffie-hellman-group-exchange-sha1   | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| diffie-hellman-group-exchange-sha256 | OK                    |          |
+
+### Encryption algorithms (ciphers)
+
+| Name                                 | Support               | Details  |
+|--------------------------------------|-----------------------|----------|
+| aes256-ctr / aes192-ctr / aes128-ctr | OK                    |          |
+| aes256-cbc / aes192-cbc / aes128-cbc | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| rijndael-cbc@lysator.liu.se          | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| blowfish-ctr blowfish-cbc            | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| cast128-ctr cast128-cbc              | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| 3des-ctr 3des-cbc                    | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| idea-cbc                             | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| none                                 | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+
+### Message Authentication Code algorithms
+
+| Name                 | Support               | Details  |
+|----------------------|-----------------------|----------|
+| hmac-sha2-512-etm    | OK                    |          |
+| hmac-sha2-256-etm    | OK                    |          |
+| hmac-sha2-512        | OK                    |          |
+| hmac-sha2-256        | OK                    |          |
+| hmac-sha2-512-96     | Deprecated in 6.0     | removed from the specification, will be removed in 7.0 |
+| hmac-sha2-256-96     | Deprecated in 6.0     | removed from the specification, will be removed in 7.0 |
+| hmac-sha1            | OK                    | for backward compatibility      |
+| hmac-sha1-96         | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| hmac-ripemd160       | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| hmac-md5             | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| hmac-md5-96          | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+| none                 | Deprecated in 6.0     | unsecure, will be removed in 7.0 |
+
+## SYNOPSIS:
+
+In a nutshell:
+
+```ruby
+require 'net/ssh'
+
+Net::SSH.start('host', 'user', password: "password") do |ssh|
+
+# capture all stderr and stdout output from a remote process
+output = ssh.exec!("hostname")
+puts output
+
+# capture only stdout matching a particular pattern
+stdout = ""
+ssh.exec!("ls -l /home/jamis") do |channel, stream, data|
+  stdout << data if stream == :stdout && /foo/.match(data)
+end
+puts stdout
+
+# run multiple processes in parallel to completion
+ssh.exec "sed ..."
+ssh.exec "awk ..."
+ssh.exec "rm -rf ..."
+ssh.loop
+
+# open a new channel and configure a minimal set of callbacks, then run
+# the event loop until the channel finishes (closes)
+channel = ssh.open_channel do |ch|
+  ch.exec "/usr/local/bin/ruby /path/to/file.rb" do |ch, success|
+    raise "could not execute command" unless success
+
+    # "on_data" is called when the process writes something to stdout
+    ch.on_data do |c, data|
+      $stdout.print data
+    end
+
+    # "on_extended_data" is called when the process writes something to stderr
+    ch.on_extended_data do |c, type, data|
+      $stderr.print data
+    end
+
+    ch.on_close { puts "done!" }
+  end
+end
+
+channel.wait
+
+# forward connections on local port 1234 to port 80 of www.capify.org
+ssh.forward.local(1234, "www.capify.org", 80)
+ssh.loop { true }
+end
+```
+
+See Net::SSH for more documentation, and links to further information.
+
+## REQUIREMENTS:
+
+The only requirement you might be missing is the OpenSSL bindings for Ruby with a version greather than `1.0.1`.
+These are built by default on most platforms, but you can verify that they're built and installed on your system by running the following command line:
+
+```sh
+ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'
+```
+
+If that spits out something like `OpenSSL 1.0.1 14 Mar 2012`, then you're set.
+If you get an error, then you'll need to see about rebuilding ruby with OpenSSL support,
+or (if your platform supports it) installing the OpenSSL bindings separately.
+
+## INSTALL:
+
+```sh
+gem install net-ssh # might need sudo privileges
+```
+
+NOTE: If you are running on jruby on windows you need to install `jruby-pageant` manually
+(gemspec doesn't allow for platform specific dependencies at gem installation time).
+
+However, in order to be sure the code you're installing hasn't been tampered with,
+it's recommended that you verify the [signature](http://docs.rubygems.org/read/chapter/21).
+ To do this, you need to add my public key as a trusted certificate (you only need to do this once):
+
+```sh
+# Add the public key as a trusted certificate
+# (You only need to do this once)
+curl -O https://raw.githubusercontent.com/net-ssh/net-ssh/master/net-ssh-public_cert.pem
+gem cert --add net-ssh-public_cert.pem
+```
+
+Then, when install the gem, do so with high security:
+
+```sh
+gem install net-ssh -P HighSecurity
+```
+
+If you don't add the public key, you'll see an error like "Couldn't verify data signature".
+If you're still having trouble let me know and I'll give you a hand.
+
+For ed25519 public key auth support your bundle file should contain `ed25519`, `bcrypt_pbkdf` dependencies.
+
+```sh
+gem install ed25519
+gem install bcrypt_pbkdf
+```
+
+For curve25519-sha256 kex exchange support your bundle file should contain `x25519` dependency.
+
+## RUBY SUPPORT
+
+* See [net-ssh.gemspec](https://github.com/net-ssh/net-ssh/blob/master/net-ssh.gemspec) for current versions ruby requirements
+
+## RUNNING TESTS
+
+If you want to run the tests or use any of the Rake tasks, you'll need Mocha and
+other dependencies listed in Gemfile
+
+Run the test suite from the net-ssh directory with the following command:
+
+```sh
+bundle exec rake test
+```
+
+NOTE : you can run test on all ruby versions with docker :
+
+```
+docker-compose up --build
+```
+
+Run a single test file like this:
+
+```sh
+ruby -Ilib -Itest test/transport/test_server_version.rb
+```
+
+To run integration tests see [here](test/integration/README.md)
+
+### BUILDING GEM
+
+```sh
+rake build
+```
+
+### GEM SIGNING (for maintainers)
+
+If you have the net-ssh private signing key, you will be able to create signed release builds. Make sure the private key path matches the `signing_key` path set in `net-ssh.gemspec` and tell rake to sign the gem by setting the `NET_SSH_BUILDGEM_SIGNED` flag:
+
+```sh
+NET_SSH_BUILDGEM_SIGNED=true rake build
+```
+
+For time to time, the public certificate associated to the private key needs to be renewed. You can do this with the following command:
+
+```sh
+gem cert --build netssh@solutious.com --private-key path/2/net-ssh-private_key.pem
+mv gem-public_cert.pem net-ssh-public_cert.pem
+gem cert --add net-ssh-public_cert.pem
+```
+
+## CREDITS
+
+### Contributors
+
+This project exists thanks to all the people who contribute.
+
+[![contributors](https://opencollective.com/net-ssh/contributors.svg?width=890&button=false)](graphs/contributors)
+
+### Backers
+
+Thank you to all our backers! 🙏 [Become a backer](https://opencollective.com/net-ssh#backer)
+
+[![backers](https://opencollective.com/net-ssh/backers.svg?width=890)](https://opencollective.com/net-ssh#backers)
+
+### Sponsors
+
+Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor](https://opencollective.com/net-ssh#sponsor)
+
+[![Sponsor](https://opencollective.com/net-ssh/sponsor/0/avatar.svg)](https://opencollective.com/net-ssh/sponsor/0/website)
+
+## LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2008 Jamis Buck
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,105 @@
+#
+# Also in your terminal environment run:
+#   $ export LANG=en_US.UTF-8
+#   $ export LANGUAGE=en_US.UTF-8
+#   $ export LC_ALL=en_US.UTF-8
+
+require "rubygems"
+require "rake"
+require "rake/clean"
+require "bundler/gem_tasks"
+
+require "rdoc/task"
+
+desc "When releasing make sure NET_SSH_BUILDGEM_SIGNED is set"
+task :check_NET_SSH_BUILDGEM_SIGNED do
+  raise "NET_SSH_BUILDGEM_SIGNED should be set to release" unless ENV['NET_SSH_BUILDGEM_SIGNED']
+end
+
+Rake::Task[:release].enhance [:check_NET_SSH_BUILDGEM_SIGNED]
+Rake::Task[:release].prerequisites.unshift(:check_NET_SSH_BUILDGEM_SIGNED)
+
+task default: ["build"]
+CLEAN.include ['pkg', 'rdoc']
+name = "net-ssh"
+
+require_relative "lib/net/ssh/version"
+version = Net::SSH::Version::CURRENT
+
+extra_files = %w[LICENSE.txt THANKS.txt CHANGES.txt]
+RDoc::Task.new do |rdoc|
+  rdoc.rdoc_dir = "rdoc"
+  rdoc.title = "#{name} #{version}"
+  rdoc.generator = 'hanna' # gem install hanna-nouveau
+  rdoc.main = 'README.md'
+  rdoc.rdoc_files.include("README*")
+  rdoc.rdoc_files.include("bin/*.rb")
+  rdoc.rdoc_files.include("lib/**/*.rb")
+  extra_files.each { |file|
+    rdoc.rdoc_files.include(file) if File.exist?(file)
+  }
+end
+
+namespace :cert do
+  desc "Update public cert from private - only run if public is expired"
+  task :update_public_when_expired do
+    require 'openssl'
+    require 'time'
+    raw = File.read "net-ssh-public_cert.pem"
+    certificate = OpenSSL::X509::Certificate.new raw
+    raise Exception, "Not yet expired: #{certificate.not_after}" unless certificate.not_after < Time.now
+
+    sh "gem cert --build netssh@solutious.com --days 365*5 --private-key /mnt/gem/net-ssh-private_key.pem"
+    sh "mv gem-public_cert.pem net-ssh-public_cert.pem"
+    sh "gem cert --add net-ssh-public_cert.pem"
+  end
+end
+
+namespace :rdoc do
+  desc "Update gh-pages branch"
+  task :publish do
+    # copy/checkout
+    rm_rf "/tmp/net-ssh-rdoc"
+    rm_rf "/tmp/net-ssh-gh-pages"
+    cp_r "./rdoc", "/tmp/net-ssh-rdoc"
+    mkdir "/tmp/net-ssh-gh-pages"
+    Dir.chdir "/tmp/net-ssh-gh-pages" do
+      sh "git clone --branch gh-pages --single-branch https://github.com/net-ssh/net-ssh"
+      rm_rf "/tmp/net-ssh-gh-pages/net-ssh/*"
+    end
+    # update
+    sh "cp -rf ./rdoc/* /tmp/net-ssh-gh-pages/net-ssh/"
+    Dir.chdir "/tmp/net-ssh-gh-pages/net-ssh" do
+      sh "git add -A ."
+      sh "git commit -m \"Update docs\""
+    end
+    # publish
+    Dir.chdir "/tmp/net-ssh-gh-pages/net-ssh" do
+      sh "git push origin gh-pages"
+    end
+  end
+end
+
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+  t.libs = ["lib", "test"]
+  t.libs << "test/integration" if ENV['NET_SSH_RUN_INTEGRATION_TESTS']
+  t.libs << "test/win_integration" if ENV['NET_SSH_RUN_WIN_INTEGRATION_TESTS']
+  test_files = FileList['test/**/test_*.rb']
+  test_files -= FileList['test/integration/**/test_*.rb'] unless ENV['NET_SSH_RUN_INTEGRATION_TESTS']
+  test_files -= FileList['test/win_integration/**/test_*.rb'] unless ENV['NET_SSH_RUN_WIN_INTEGRATION_TESTS']
+  test_files -= FileList['test/manual/test_*.rb']
+  test_files -= FileList['test/test_pageant.rb']
+  test_files -= FileList['test/test/**/test_*.rb']
+  t.test_files = test_files
+end
+
+desc "Run tests of Net::SSH:Test"
+Rake::TestTask.new do |t|
+  t.name = "test_test"
+  # we need to run test/test separatedly as it hacks io + other modules
+  t.libs = ["lib", "test"]
+  test_files = FileList['test/test/**/test_*.rb']
+  t.test_files = test_files
+end