minmb-net-ssh 2.5.1
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.rdoc +291 -0
- data/Manifest +132 -0
- data/README.rdoc +184 -0
- data/Rakefile +86 -0
- data/Rudyfile +96 -0
- data/THANKS.rdoc +19 -0
- data/lib/net/ssh.rb +223 -0
- data/lib/net/ssh/authentication/agent.rb +23 -0
- data/lib/net/ssh/authentication/agent/java_pageant.rb +85 -0
- data/lib/net/ssh/authentication/agent/socket.rb +170 -0
- data/lib/net/ssh/authentication/constants.rb +18 -0
- data/lib/net/ssh/authentication/key_manager.rb +253 -0
- data/lib/net/ssh/authentication/methods/abstract.rb +60 -0
- data/lib/net/ssh/authentication/methods/hostbased.rb +75 -0
- data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +70 -0
- data/lib/net/ssh/authentication/methods/password.rb +43 -0
- data/lib/net/ssh/authentication/methods/publickey.rb +96 -0
- data/lib/net/ssh/authentication/pageant.rb +301 -0
- data/lib/net/ssh/authentication/session.rb +154 -0
- data/lib/net/ssh/buffer.rb +350 -0
- data/lib/net/ssh/buffered_io.rb +207 -0
- data/lib/net/ssh/config.rb +207 -0
- data/lib/net/ssh/connection/channel.rb +630 -0
- data/lib/net/ssh/connection/constants.rb +33 -0
- data/lib/net/ssh/connection/session.rb +603 -0
- data/lib/net/ssh/connection/term.rb +178 -0
- data/lib/net/ssh/errors.rb +88 -0
- data/lib/net/ssh/key_factory.rb +107 -0
- data/lib/net/ssh/known_hosts.rb +141 -0
- data/lib/net/ssh/loggable.rb +61 -0
- data/lib/net/ssh/packet.rb +102 -0
- data/lib/net/ssh/prompt.rb +93 -0
- data/lib/net/ssh/proxy/command.rb +75 -0
- data/lib/net/ssh/proxy/errors.rb +14 -0
- data/lib/net/ssh/proxy/http.rb +94 -0
- data/lib/net/ssh/proxy/socks4.rb +70 -0
- data/lib/net/ssh/proxy/socks5.rb +142 -0
- data/lib/net/ssh/ruby_compat.rb +77 -0
- data/lib/net/ssh/service/forward.rb +327 -0
- data/lib/net/ssh/test.rb +89 -0
- data/lib/net/ssh/test/channel.rb +129 -0
- data/lib/net/ssh/test/extensions.rb +152 -0
- data/lib/net/ssh/test/kex.rb +44 -0
- data/lib/net/ssh/test/local_packet.rb +51 -0
- data/lib/net/ssh/test/packet.rb +81 -0
- data/lib/net/ssh/test/remote_packet.rb +38 -0
- data/lib/net/ssh/test/script.rb +157 -0
- data/lib/net/ssh/test/socket.rb +64 -0
- data/lib/net/ssh/transport/algorithms.rb +407 -0
- data/lib/net/ssh/transport/cipher_factory.rb +106 -0
- data/lib/net/ssh/transport/constants.rb +32 -0
- data/lib/net/ssh/transport/ctr.rb +95 -0
- data/lib/net/ssh/transport/hmac.rb +45 -0
- data/lib/net/ssh/transport/hmac/abstract.rb +79 -0
- data/lib/net/ssh/transport/hmac/md5.rb +12 -0
- data/lib/net/ssh/transport/hmac/md5_96.rb +11 -0
- data/lib/net/ssh/transport/hmac/none.rb +15 -0
- data/lib/net/ssh/transport/hmac/ripemd160.rb +13 -0
- data/lib/net/ssh/transport/hmac/sha1.rb +13 -0
- data/lib/net/ssh/transport/hmac/sha1_96.rb +11 -0
- data/lib/net/ssh/transport/hmac/sha2_256.rb +15 -0
- data/lib/net/ssh/transport/hmac/sha2_256_96.rb +13 -0
- data/lib/net/ssh/transport/hmac/sha2_512.rb +14 -0
- data/lib/net/ssh/transport/hmac/sha2_512_96.rb +13 -0
- data/lib/net/ssh/transport/identity_cipher.rb +55 -0
- data/lib/net/ssh/transport/kex.rb +28 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +44 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +216 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +80 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb +15 -0
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +93 -0
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +13 -0
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +13 -0
- data/lib/net/ssh/transport/key_expander.rb +26 -0
- data/lib/net/ssh/transport/openssl.rb +237 -0
- data/lib/net/ssh/transport/packet_stream.rb +235 -0
- data/lib/net/ssh/transport/server_version.rb +71 -0
- data/lib/net/ssh/transport/session.rb +278 -0
- data/lib/net/ssh/transport/state.rb +206 -0
- data/lib/net/ssh/verifiers/lenient.rb +30 -0
- data/lib/net/ssh/verifiers/null.rb +12 -0
- data/lib/net/ssh/verifiers/strict.rb +53 -0
- data/lib/net/ssh/version.rb +62 -0
- data/net-ssh.gemspec +164 -0
- data/setup.rb +1585 -0
- data/support/arcfour_check.rb +20 -0
- data/support/ssh_tunnel_bug.rb +65 -0
- data/test/authentication/methods/common.rb +28 -0
- data/test/authentication/methods/test_abstract.rb +51 -0
- data/test/authentication/methods/test_hostbased.rb +114 -0
- data/test/authentication/methods/test_keyboard_interactive.rb +100 -0
- data/test/authentication/methods/test_password.rb +52 -0
- data/test/authentication/methods/test_publickey.rb +148 -0
- data/test/authentication/test_agent.rb +205 -0
- data/test/authentication/test_key_manager.rb +218 -0
- data/test/authentication/test_session.rb +106 -0
- data/test/common.rb +107 -0
- data/test/configs/eqsign +3 -0
- data/test/configs/exact_match +8 -0
- data/test/configs/host_plus +10 -0
- data/test/configs/multihost +4 -0
- data/test/configs/wild_cards +14 -0
- data/test/connection/test_channel.rb +467 -0
- data/test/connection/test_session.rb +488 -0
- data/test/known_hosts/github +1 -0
- data/test/test_all.rb +9 -0
- data/test/test_buffer.rb +426 -0
- data/test/test_buffered_io.rb +63 -0
- data/test/test_config.rb +120 -0
- data/test/test_key_factory.rb +121 -0
- data/test/test_known_hosts.rb +13 -0
- data/test/transport/hmac/test_md5.rb +39 -0
- data/test/transport/hmac/test_md5_96.rb +25 -0
- data/test/transport/hmac/test_none.rb +34 -0
- data/test/transport/hmac/test_ripemd160.rb +34 -0
- data/test/transport/hmac/test_sha1.rb +34 -0
- data/test/transport/hmac/test_sha1_96.rb +25 -0
- data/test/transport/hmac/test_sha2_256.rb +35 -0
- data/test/transport/hmac/test_sha2_256_96.rb +25 -0
- data/test/transport/hmac/test_sha2_512.rb +35 -0
- data/test/transport/hmac/test_sha2_512_96.rb +25 -0
- data/test/transport/kex/test_diffie_hellman_group14_sha1.rb +13 -0
- data/test/transport/kex/test_diffie_hellman_group1_sha1.rb +146 -0
- data/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb +92 -0
- data/test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb +33 -0
- data/test/transport/kex/test_ecdh_sha2_nistp256.rb +161 -0
- data/test/transport/kex/test_ecdh_sha2_nistp384.rb +37 -0
- data/test/transport/kex/test_ecdh_sha2_nistp521.rb +37 -0
- data/test/transport/test_algorithms.rb +330 -0
- data/test/transport/test_cipher_factory.rb +441 -0
- data/test/transport/test_hmac.rb +34 -0
- data/test/transport/test_identity_cipher.rb +40 -0
- data/test/transport/test_packet_stream.rb +1745 -0
- data/test/transport/test_server_version.rb +78 -0
- data/test/transport/test_session.rb +315 -0
- data/test/transport/test_state.rb +179 -0
- metadata +208 -0
data/Rakefile
ADDED
@@ -0,0 +1,86 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'rake/clean'
|
3
|
+
require 'rake/gempackagetask'
|
4
|
+
require 'fileutils'
|
5
|
+
include FileUtils
|
6
|
+
|
7
|
+
begin
|
8
|
+
require 'hanna/rdoctask'
|
9
|
+
rescue LoadError
|
10
|
+
require 'rdoc/task'
|
11
|
+
end
|
12
|
+
|
13
|
+
|
14
|
+
task :default => :package
|
15
|
+
|
16
|
+
# CONFIG =============================================================
|
17
|
+
|
18
|
+
# Change the following according to your needs
|
19
|
+
README = "README.rdoc"
|
20
|
+
CHANGES = "CHANGELOG.rdoc"
|
21
|
+
THANKS = 'THANKS.rdoc'
|
22
|
+
|
23
|
+
# Files and directories to be deleted when you run "rake clean"
|
24
|
+
CLEAN.include [ 'pkg', '*.gem', '.config', 'doc']
|
25
|
+
|
26
|
+
# Virginia assumes your project and gemspec have the same name
|
27
|
+
name = 'net-ssh'
|
28
|
+
load "#{name}.gemspec"
|
29
|
+
version = @spec.version
|
30
|
+
|
31
|
+
# That's it! The following defaults should allow you to get started
|
32
|
+
# on other things.
|
33
|
+
|
34
|
+
|
35
|
+
# TESTS/SPECS =========================================================
|
36
|
+
|
37
|
+
|
38
|
+
|
39
|
+
# INSTALL =============================================================
|
40
|
+
|
41
|
+
Rake::GemPackageTask.new(@spec) do |p|
|
42
|
+
p.need_tar = true if RUBY_PLATFORM !~ /mswin/
|
43
|
+
end
|
44
|
+
|
45
|
+
task :build => [ :package ]
|
46
|
+
task :release => [ :rdoc, :package ]
|
47
|
+
task :install => [ :rdoc, :package ] do
|
48
|
+
sh %{sudo gem install pkg/#{name}-#{version}.gem}
|
49
|
+
end
|
50
|
+
task :uninstall => [ :clean ] do
|
51
|
+
sh %{sudo gem uninstall #{name}}
|
52
|
+
end
|
53
|
+
|
54
|
+
|
55
|
+
# RUBYFORGE RELEASE / PUBLISH TASKS ==================================
|
56
|
+
|
57
|
+
if @spec.rubyforge_project
|
58
|
+
desc 'Publish website to rubyforge'
|
59
|
+
task 'publish:rdoc' => 'doc/index.html' do
|
60
|
+
sh "scp -r doc/* rubyforge.org:/var/www/gforge-projects/#{name}/ssh/v2/api/"
|
61
|
+
end
|
62
|
+
|
63
|
+
desc 'Public release to rubyforge'
|
64
|
+
task 'publish:gem' => [:package] do |t|
|
65
|
+
sh <<-end
|
66
|
+
rubyforge add_release -o Any -a #{CHANGES} -f -n #{README} #{name} #{name} #{@spec.version} pkg/#{name}-#{@spec.version}.gem &&
|
67
|
+
rubyforge add_file -o Any -a #{CHANGES} -f -n #{README} #{name} #{name} #{@spec.version} pkg/#{name}-#{@spec.version}.tgz
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
|
73
|
+
|
74
|
+
# RUBY DOCS TASK ==================================
|
75
|
+
|
76
|
+
Rake::RDocTask.new do |t|
|
77
|
+
t.rdoc_dir = 'doc'
|
78
|
+
t.title = @spec.summary
|
79
|
+
t.options << '--line-numbers' << '-A cattr_accessor=object'
|
80
|
+
t.options << '--charset' << 'utf-8'
|
81
|
+
t.rdoc_files.include(README)
|
82
|
+
t.rdoc_files.include(CHANGES)
|
83
|
+
t.rdoc_files.include(THANKS)
|
84
|
+
t.rdoc_files.include('lib/**/*.rb')
|
85
|
+
end
|
86
|
+
|
data/Rudyfile
ADDED
@@ -0,0 +1,96 @@
|
|
1
|
+
# Rudyfile
|
2
|
+
#
|
3
|
+
# This configuration is used to test installing
|
4
|
+
# and running net-ssh on a clean machine.
|
5
|
+
#
|
6
|
+
# Usage:
|
7
|
+
#
|
8
|
+
# $ rudy -vv startup
|
9
|
+
# $ rudy -vv testsuite
|
10
|
+
# $ rudy -vv shutdown
|
11
|
+
#
|
12
|
+
# Requires: Rudy 0.9 (http://code.google.com/p/rudy/)
|
13
|
+
#
|
14
|
+
|
15
|
+
defaults do
|
16
|
+
color true
|
17
|
+
environment :test
|
18
|
+
role :netssh
|
19
|
+
end
|
20
|
+
|
21
|
+
machines do
|
22
|
+
region :'us-east-1' do
|
23
|
+
ami 'ami-e348af8a' # Alestic Debian 5.0, 32-bit (US)
|
24
|
+
end
|
25
|
+
env :test do
|
26
|
+
role :netssh do
|
27
|
+
user :root
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
commands do
|
33
|
+
allow :apt_get, "apt-get", :y, :q
|
34
|
+
allow :gem_install, "/usr/bin/gem", "install", :n, '/usr/bin', :y, :V, "--no-rdoc", "--no-ri"
|
35
|
+
allow :gem_sources, "/usr/bin/gem", "sources"
|
36
|
+
allow :gem_uninstall, "/usr/bin/gem", "uninstall", :V
|
37
|
+
allow :update_rubygems
|
38
|
+
allow :rm
|
39
|
+
end
|
40
|
+
|
41
|
+
routines do
|
42
|
+
|
43
|
+
testsuite do
|
44
|
+
before :sysupdate, :installdeps, :install_gem
|
45
|
+
|
46
|
+
remote :root do
|
47
|
+
directory_upload 'test', '/tmp/'
|
48
|
+
cd '/tmp'
|
49
|
+
ruby :I, 'lib/', :I, 'test/', :r, 'rubygems', 'test/test_all.rb'
|
50
|
+
end
|
51
|
+
|
52
|
+
after :install_rubyforge, :install_github
|
53
|
+
end
|
54
|
+
|
55
|
+
install_gem do
|
56
|
+
before :package_gem
|
57
|
+
remote :root do
|
58
|
+
disable_safe_mode
|
59
|
+
file_upload "pkg/net-ssh-*.gem", "/tmp/"
|
60
|
+
gem_install "/tmp/net-ssh-*.gem"
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
package_gem do
|
65
|
+
local do
|
66
|
+
rm :r, :f, 'pkg'
|
67
|
+
rake 'package'
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
remove do
|
72
|
+
remote :root do
|
73
|
+
gem_uninstall 'net-ssh'
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
installdeps do
|
78
|
+
remote :root do
|
79
|
+
gem_install "rye", "test-unit", "mocha"
|
80
|
+
rye 'authorize-local'
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
sysupdate do
|
85
|
+
remote :root do
|
86
|
+
apt_get "update"
|
87
|
+
apt_get "install", "build-essential", "git-core"
|
88
|
+
apt_get "install", "ruby1.8-dev", "rdoc", "libzlib-ruby", "rubygems"
|
89
|
+
mkdir :p, "/var/lib/gems/1.8/bin" # Doesn't get created, but causes Rubygems to fail
|
90
|
+
gem_install "builder", "session"
|
91
|
+
gem_install 'rubygems-update', "-v=1.3.4" # circular issue with 1.3.5 and hoe
|
92
|
+
update_rubygems
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
data/THANKS.rdoc
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
Net::SSH was originally written by Jamis Buck <jamis@37signals.com>. In
|
2
|
+
addition, the following individuals are gratefully acknowledged for their
|
3
|
+
contributions:
|
4
|
+
|
5
|
+
GOTOU Yuuzou <gotoyuzo@notwork.org>
|
6
|
+
* help and code related to OpenSSL
|
7
|
+
|
8
|
+
Guillaume Marçais <guillaume.marcais@free.fr>
|
9
|
+
* support for communicating with the the PuTTY "pageant" process
|
10
|
+
|
11
|
+
Daniel Berger <djberg96@yahoo.com>
|
12
|
+
* help getting unit tests in earlier Net::SSH versions to pass in Windows
|
13
|
+
* initial version of Net::SSH::Config provided inspiration and encouragement
|
14
|
+
|
15
|
+
Chris Andrews <chris@nodnol.org> and Lee Jensen <lee@outerim.com>
|
16
|
+
* support for ssh agent forwarding
|
17
|
+
|
18
|
+
Hiroshi Nakamura
|
19
|
+
* fixed errors with JRuby tests
|
data/lib/net/ssh.rb
ADDED
@@ -0,0 +1,223 @@
|
|
1
|
+
# Make sure HOME is set, regardless of OS, so that File.expand_path works
|
2
|
+
# as expected with tilde characters.
|
3
|
+
ENV['HOME'] ||= ENV['HOMEPATH'] ? "#{ENV['HOMEDRIVE']}#{ENV['HOMEPATH']}" : "."
|
4
|
+
|
5
|
+
require 'logger'
|
6
|
+
|
7
|
+
require 'net/ssh/config'
|
8
|
+
require 'net/ssh/errors'
|
9
|
+
require 'net/ssh/loggable'
|
10
|
+
require 'net/ssh/transport/session'
|
11
|
+
require 'net/ssh/authentication/session'
|
12
|
+
require 'net/ssh/connection/session'
|
13
|
+
|
14
|
+
module Net
|
15
|
+
|
16
|
+
# Net::SSH is a library for interacting, programmatically, with remote
|
17
|
+
# processes via the SSH2 protocol. Sessions are always initiated via
|
18
|
+
# Net::SSH.start. From there, a program interacts with the new SSH session
|
19
|
+
# via the convenience methods on Net::SSH::Connection::Session, by opening
|
20
|
+
# and interacting with new channels (Net::SSH::Connection:Session#open_channel
|
21
|
+
# and Net::SSH::Connection::Channel), or by forwarding local and/or
|
22
|
+
# remote ports through the connection (Net::SSH::Service::Forward).
|
23
|
+
#
|
24
|
+
# The SSH protocol is very event-oriented. Requests are sent from the client
|
25
|
+
# to the server, and are answered asynchronously. This gives great flexibility
|
26
|
+
# (since clients can have multiple requests pending at a time), but it also
|
27
|
+
# adds complexity. Net::SSH tries to manage this complexity by providing
|
28
|
+
# some simpler methods of synchronous communication (see Net::SSH::Connection::Session#exec!).
|
29
|
+
#
|
30
|
+
# In general, though, and if you want to do anything more complicated than
|
31
|
+
# simply executing commands and capturing their output, you'll need to use
|
32
|
+
# channels (Net::SSH::Connection::Channel) to build state machines that are
|
33
|
+
# executed while the event loop runs (Net::SSH::Connection::Session#loop).
|
34
|
+
#
|
35
|
+
# Net::SSH::Connection::Session and Net::SSH::Connection::Channel have more
|
36
|
+
# information about this technique.
|
37
|
+
#
|
38
|
+
# = "Um, all I want to do is X, just show me how!"
|
39
|
+
#
|
40
|
+
# == X == "execute a command and capture the output"
|
41
|
+
#
|
42
|
+
# Net::SSH.start("host", "user", :password => "password") do |ssh|
|
43
|
+
# result = ssh.exec!("ls -l")
|
44
|
+
# puts result
|
45
|
+
# end
|
46
|
+
#
|
47
|
+
# == X == "forward connections on a local port to a remote host"
|
48
|
+
#
|
49
|
+
# Net::SSH.start("host", "user", :password => "password") do |ssh|
|
50
|
+
# ssh.forward.local(1234, "www.google.com", 80)
|
51
|
+
# ssh.loop { true }
|
52
|
+
# end
|
53
|
+
#
|
54
|
+
# == X == "forward connections on a remote port to the local host"
|
55
|
+
#
|
56
|
+
# Net::SSH.start("host", "user", :password => "password") do |ssh|
|
57
|
+
# ssh.forward.remote(80, "www.google.com", 1234)
|
58
|
+
# ssh.loop { true }
|
59
|
+
# end
|
60
|
+
module SSH
|
61
|
+
# This is the set of options that Net::SSH.start recognizes. See
|
62
|
+
# Net::SSH.start for a description of each option.
|
63
|
+
VALID_OPTIONS = [
|
64
|
+
:auth_methods, :bind_address, :compression, :compression_level, :config,
|
65
|
+
:encryption, :forward_agent, :hmac, :host_key, :kex, :keys, :key_data,
|
66
|
+
:languages, :logger, :paranoid, :password, :port, :proxy,
|
67
|
+
:rekey_blocks_limit,:rekey_limit, :rekey_packet_limit, :timeout, :verbose,
|
68
|
+
:global_known_hosts_file, :user_known_hosts_file, :host_key_alias,
|
69
|
+
:host_name, :user, :properties, :passphrase, :keys_only
|
70
|
+
]
|
71
|
+
|
72
|
+
# The standard means of starting a new SSH connection. When used with a
|
73
|
+
# block, the connection will be closed when the block terminates, otherwise
|
74
|
+
# the connection will just be returned. The yielded (or returned) value
|
75
|
+
# will be an instance of Net::SSH::Connection::Session (q.v.). (See also
|
76
|
+
# Net::SSH::Connection::Channel and Net::SSH::Service::Forward.)
|
77
|
+
#
|
78
|
+
# Net::SSH.start("host", "user") do |ssh|
|
79
|
+
# ssh.exec! "cp /some/file /another/location"
|
80
|
+
# hostname = ssh.exec!("hostname")
|
81
|
+
#
|
82
|
+
# ssh.open_channel do |ch|
|
83
|
+
# ch.exec "sudo -p 'sudo password: ' ls" do |ch, success|
|
84
|
+
# abort "could not execute sudo ls" unless success
|
85
|
+
#
|
86
|
+
# ch.on_data do |ch, data|
|
87
|
+
# print data
|
88
|
+
# if data =~ /sudo password: /
|
89
|
+
# ch.send_data("password\n")
|
90
|
+
# end
|
91
|
+
# end
|
92
|
+
# end
|
93
|
+
# end
|
94
|
+
#
|
95
|
+
# ssh.loop
|
96
|
+
# end
|
97
|
+
#
|
98
|
+
# This method accepts the following options (all are optional):
|
99
|
+
#
|
100
|
+
# * :auth_methods => an array of authentication methods to try
|
101
|
+
# * :bind_address => the IP address on the connecting machine to use in
|
102
|
+
# establishing connection. (:bind_address is discarded if :proxy
|
103
|
+
# is set.)
|
104
|
+
# * :compression => the compression algorithm to use, or +true+ to use
|
105
|
+
# whatever is supported.
|
106
|
+
# * :compression_level => the compression level to use when sending data
|
107
|
+
# * :config => set to +true+ to load the default OpenSSH config files
|
108
|
+
# (~/.ssh/config, /etc/ssh_config), or to +false+ to not load them, or to
|
109
|
+
# a file-name (or array of file-names) to load those specific configuration
|
110
|
+
# files. Defaults to +true+.
|
111
|
+
# * :encryption => the encryption cipher (or ciphers) to use
|
112
|
+
# * :forward_agent => set to true if you want the SSH agent connection to
|
113
|
+
# be forwarded
|
114
|
+
# * :global_known_hosts_file => the location of the global known hosts
|
115
|
+
# file. Set to an array if you want to specify multiple global known
|
116
|
+
# hosts files. Defaults to %w(/etc/ssh/known_hosts /etc/ssh/known_hosts2).
|
117
|
+
# * :hmac => the hmac algorithm (or algorithms) to use
|
118
|
+
# * :host_key => the host key algorithm (or algorithms) to use
|
119
|
+
# * :host_key_alias => the host name to use when looking up or adding a
|
120
|
+
# host to a known_hosts dictionary file
|
121
|
+
# * :host_name => the real host name or IP to log into. This is used
|
122
|
+
# instead of the +host+ parameter, and is primarily only useful when
|
123
|
+
# specified in an SSH configuration file. It lets you specify an
|
124
|
+
# "alias", similarly to adding an entry in /etc/hosts but without needing
|
125
|
+
# to modify /etc/hosts.
|
126
|
+
# * :kex => the key exchange algorithm (or algorithms) to use
|
127
|
+
# * :keys => an array of file names of private keys to use for publickey
|
128
|
+
# and hostbased authentication
|
129
|
+
# * :key_data => an array of strings, with each element of the array being
|
130
|
+
# a raw private key in PEM format.
|
131
|
+
# * :keys_only => set to +true+ to use only private keys from +keys+ and
|
132
|
+
# +key_data+ parameters, even if ssh-agent offers more identities. This
|
133
|
+
# option is intended for situations where ssh-agent offers many different
|
134
|
+
# identites.
|
135
|
+
# * :logger => the logger instance to use when logging
|
136
|
+
# * :paranoid => either true, false, or :very, specifying how strict
|
137
|
+
# host-key verification should be
|
138
|
+
# * :passphrase => the passphrase to use when loading a private key (default
|
139
|
+
# is +nil+, for no passphrase)
|
140
|
+
# * :password => the password to use to login
|
141
|
+
# * :port => the port to use when connecting to the remote host
|
142
|
+
# * :properties => a hash of key/value pairs to add to the new connection's
|
143
|
+
# properties (see Net::SSH::Connection::Session#properties)
|
144
|
+
# * :proxy => a proxy instance (see Proxy) to use when connecting
|
145
|
+
# * :rekey_blocks_limit => the max number of blocks to process before rekeying
|
146
|
+
# * :rekey_limit => the max number of bytes to process before rekeying
|
147
|
+
# * :rekey_packet_limit => the max number of packets to process before rekeying
|
148
|
+
# * :timeout => how long to wait for the initial connection to be made
|
149
|
+
# * :user => the user name to log in as; this overrides the +user+
|
150
|
+
# parameter, and is primarily only useful when provided via an SSH
|
151
|
+
# configuration file.
|
152
|
+
# * :user_known_hosts_file => the location of the user known hosts file.
|
153
|
+
# Set to an array to specify multiple user known hosts files.
|
154
|
+
# Defaults to %w(~/.ssh/known_hosts ~/.ssh/known_hosts2).
|
155
|
+
# * :verbose => how verbose to be (Logger verbosity constants, Logger::DEBUG
|
156
|
+
# is very verbose, Logger::FATAL is all but silent). Logger::FATAL is the
|
157
|
+
# default. The symbols :debug, :info, :warn, :error, and :fatal are also
|
158
|
+
# supported and are translated to the corresponding Logger constant.
|
159
|
+
def self.start(host, user, options={}, &block)
|
160
|
+
invalid_options = options.keys - VALID_OPTIONS
|
161
|
+
if invalid_options.any?
|
162
|
+
raise ArgumentError, "invalid option(s): #{invalid_options.join(', ')}"
|
163
|
+
end
|
164
|
+
|
165
|
+
options[:user] = user if user
|
166
|
+
options = configuration_for(host, options.fetch(:config, true)).merge(options)
|
167
|
+
host = options.fetch(:host_name, host)
|
168
|
+
|
169
|
+
if !options.key?(:logger)
|
170
|
+
options[:logger] = Logger.new(STDERR)
|
171
|
+
options[:logger].level = Logger::FATAL
|
172
|
+
end
|
173
|
+
|
174
|
+
if options[:verbose]
|
175
|
+
options[:logger].level = case options[:verbose]
|
176
|
+
when Fixnum then options[:verbose]
|
177
|
+
when :debug then Logger::DEBUG
|
178
|
+
when :info then Logger::INFO
|
179
|
+
when :warn then Logger::WARN
|
180
|
+
when :error then Logger::ERROR
|
181
|
+
when :fatal then Logger::FATAL
|
182
|
+
else raise ArgumentError, "can't convert #{options[:verbose].inspect} to any of the Logger level constants"
|
183
|
+
end
|
184
|
+
end
|
185
|
+
|
186
|
+
transport = Transport::Session.new(host, options)
|
187
|
+
auth = Authentication::Session.new(transport, options)
|
188
|
+
|
189
|
+
user = options.fetch(:user, user)
|
190
|
+
if auth.authenticate("ssh-connection", user, options[:password])
|
191
|
+
connection = Connection::Session.new(transport, options)
|
192
|
+
if block_given?
|
193
|
+
yield connection
|
194
|
+
connection.close
|
195
|
+
else
|
196
|
+
return connection
|
197
|
+
end
|
198
|
+
else
|
199
|
+
transport.close
|
200
|
+
raise AuthenticationFailed, user
|
201
|
+
end
|
202
|
+
end
|
203
|
+
|
204
|
+
# Returns a hash of the configuration options for the given host, as read
|
205
|
+
# from the SSH configuration file(s). If +use_ssh_config+ is true (the
|
206
|
+
# default), this will load configuration from both ~/.ssh/config and
|
207
|
+
# /etc/ssh_config. If +use_ssh_config+ is nil or false, nothing will be
|
208
|
+
# loaded (and an empty hash returned). Otherwise, +use_ssh_config+ may
|
209
|
+
# be a file name (or array of file names) of SSH configuration file(s)
|
210
|
+
# to read.
|
211
|
+
#
|
212
|
+
# See Net::SSH::Config for the full description of all supported options.
|
213
|
+
def self.configuration_for(host, use_ssh_config=true)
|
214
|
+
files = case use_ssh_config
|
215
|
+
when true then Net::SSH::Config.default_files
|
216
|
+
when false, nil then return {}
|
217
|
+
else Array(use_ssh_config)
|
218
|
+
end
|
219
|
+
|
220
|
+
Net::SSH::Config.for(host, files)
|
221
|
+
end
|
222
|
+
end
|
223
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'net/ssh/buffer'
|
2
|
+
require 'net/ssh/errors'
|
3
|
+
require 'net/ssh/loggable'
|
4
|
+
|
5
|
+
module Net; module SSH; module Authentication
|
6
|
+
PLATFORM = File::ALT_SEPARATOR \
|
7
|
+
? RUBY_PLATFORM =~ /java/ ? :java_win32 : :win32 \
|
8
|
+
: RUBY_PLATFORM =~ /java/ ? :java : :unix
|
9
|
+
|
10
|
+
# A trivial exception class for representing agent-specific errors.
|
11
|
+
class AgentError < Net::SSH::Exception; end
|
12
|
+
|
13
|
+
# An exception for indicating that the SSH agent is not available.
|
14
|
+
class AgentNotAvailable < AgentError; end
|
15
|
+
end; end; end
|
16
|
+
|
17
|
+
case Net::SSH::Authentication::PLATFORM
|
18
|
+
when :java_win32
|
19
|
+
# Java pageant requires whole different agent.
|
20
|
+
require 'net/ssh/authentication/agent/java_pageant'
|
21
|
+
else
|
22
|
+
require 'net/ssh/authentication/agent/socket'
|
23
|
+
end
|