net-ssh-backports 6.3.0.backports

data/lib/net/ssh/verifiers/never.rb

@@ -0,0 +1,19 @@
+module Net
+  module SSH
+    module Verifiers
+      # This host key verifier simply allows every key it sees, without
+      # any verification. This is simple, but very insecure because it
+      # exposes you to MiTM attacks.
+      class Never
+        # Returns true.
+        def verify(arguments)
+          true
+        end
+
+        def verify_signature(&block)
+          true
+        end
+      end
+    end
+  end
+end

data/lib/net/ssh/version.rb

@@ -0,0 +1,68 @@
+module Net
+  module SSH
+    # A class for describing the current version of a library. The version
+    # consists of three parts: the +major+ number, the +minor+ number, and the
+    # +tiny+ (or +patch+) number.
+    #
+    # Two Version instances may be compared, so that you can test that a version
+    # of a library is what you require:
+    #
+    #   require 'net/ssh/version'
+    #
+    #   if Net::SSH::Version::CURRENT < Net::SSH::Version[2,1,0]
+    #     abort "your software is too old!"
+    #   end
+    class Version
+      include Comparable
+
+      # A convenience method for instantiating a new Version instance with the
+      # given +major+, +minor+, and +tiny+ components.
+      def self.[](major, minor, tiny, pre = nil)
+        new(major, minor, tiny, pre)
+      end
+
+      attr_reader :major, :minor, :tiny
+
+      # Create a new Version object with the given components.
+      def initialize(major, minor, tiny, pre = nil)
+        @major, @minor, @tiny, @pre = major, minor, tiny, pre
+      end
+
+      # Compare this version to the given +version+ object.
+      def <=>(version)
+        to_i <=> version.to_i
+      end
+
+      # Converts this version object to a string, where each of the three
+      # version components are joined by the '.' character. E.g., 2.0.0.
+      def to_s
+        @to_s ||= [@major, @minor, @tiny, @pre].compact.join(".")
+      end
+
+      # Converts this version to a canonical integer that may be compared
+      # against other version objects.
+      def to_i
+        @to_i ||= @major * 1_000_000 + @minor * 1_000 + @tiny
+      end
+
+      # The major component of this version of the Net::SSH library
+      MAJOR = 6
+
+      # The minor component of this version of the Net::SSH library
+      MINOR = 3
+
+      # The tiny component of this version of the Net::SSH library
+      TINY  = 0
+
+      # The prerelease component of this version of the Net::SSH library
+      # nil allowed
+      PRE   = "backports"
+
+      # The current version of the Net::SSH library as a Version instance
+      CURRENT = new(*[MAJOR, MINOR, TINY, PRE].compact)
+
+      # The current version of the Net::SSH library as a String
+      STRING = CURRENT.to_s
+    end
+  end
+end

data/lib/net/ssh.rb

@@ -0,0 +1,330 @@
+# Make sure HOME is set, regardless of OS, so that File.expand_path works
+# as expected with tilde characters.
+ENV['HOME'] ||= ENV['HOMEPATH'] ? "#{ENV['HOMEDRIVE']}#{ENV['HOMEPATH']}" : Dir.pwd
+
+require 'logger'
+require 'etc'
+require 'shellwords'
+
+require 'net/ssh/config'
+require 'net/ssh/errors'
+require 'net/ssh/loggable'
+require 'net/ssh/transport/session'
+require 'net/ssh/authentication/session'
+require 'net/ssh/connection/session'
+require 'net/ssh/prompt'
+
+module Net
+  # Net::SSH is a library for interacting, programmatically, with remote
+  # processes via the SSH2 protocol. Sessions are always initiated via
+  # Net::SSH.start. From there, a program interacts with the new SSH session
+  # via the convenience methods on Net::SSH::Connection::Session, by opening
+  # and interacting with new channels (Net::SSH::Connection:Session#open_channel
+  # and Net::SSH::Connection::Channel), or by forwarding local and/or
+  # remote ports through the connection (Net::SSH::Service::Forward).
+  #
+  # The SSH protocol is very event-oriented. Requests are sent from the client
+  # to the server, and are answered asynchronously. This gives great flexibility
+  # (since clients can have multiple requests pending at a time), but it also
+  # adds complexity. Net::SSH tries to manage this complexity by providing
+  # some simpler methods of synchronous communication (see Net::SSH::Connection::Session#exec!).
+  #
+  # In general, though, and if you want to do anything more complicated than
+  # simply executing commands and capturing their output, you'll need to use
+  # channels (Net::SSH::Connection::Channel) to build state machines that are
+  # executed while the event loop runs (Net::SSH::Connection::Session#loop).
+  #
+  # Net::SSH::Connection::Session and Net::SSH::Connection::Channel have more
+  # information about this technique.
+  #
+  # = "Um, all I want to do is X, just show me how!"
+  #
+  # == X == "execute a command and capture the output"
+  #
+  #   Net::SSH.start("host", "user", password: "password") do |ssh|
+  #     result = ssh.exec!("ls -l")
+  #     puts result
+  #   end
+  #
+  # == X == "forward connections on a local port to a remote host"
+  #
+  #   Net::SSH.start("host", "user", password: "password") do |ssh|
+  #     ssh.forward.local(1234, "www.google.com", 80)
+  #     ssh.loop { true }
+  #   end
+  #
+  # == X == "forward connections on a remote port to the local host"
+  #
+  #   Net::SSH.start("host", "user", password: "password") do |ssh|
+  #     ssh.forward.remote(80, "www.google.com", 1234)
+  #     ssh.loop { true }
+  #   end
+  module SSH
+    # This is the set of options that Net::SSH.start recognizes. See
+    # Net::SSH.start for a description of each option.
+    VALID_OPTIONS = %i[
+      auth_methods bind_address compression compression_level config
+      encryption forward_agent hmac host_key remote_user
+      keepalive keepalive_interval keepalive_maxcount kex keys key_data
+      keycerts languages logger paranoid password port proxy
+      rekey_blocks_limit rekey_limit rekey_packet_limit timeout verbose
+      known_hosts global_known_hosts_file user_known_hosts_file host_key_alias
+      host_name user properties passphrase keys_only max_pkt_size
+      max_win_size send_env set_env use_agent number_of_password_prompts
+      append_all_supported_algorithms non_interactive password_prompt
+      agent_socket_factory minimum_dh_bits verify_host_key
+      fingerprint_hash check_host_ip
+    ]
+
+    # The standard means of starting a new SSH connection. When used with a
+    # block, the connection will be closed when the block terminates, otherwise
+    # the connection will just be returned. The yielded (or returned) value
+    # will be an instance of Net::SSH::Connection::Session (q.v.). (See also
+    # Net::SSH::Connection::Channel and Net::SSH::Service::Forward.)
+    #
+    #   Net::SSH.start("host", "user") do |ssh|
+    #     ssh.exec! "cp /some/file /another/location"
+    #     hostname = ssh.exec!("hostname")
+    #
+    #     ssh.open_channel do |ch|
+    #       ch.exec "sudo -p 'sudo password: ' ls" do |ch, success|
+    #         abort "could not execute sudo ls" unless success
+    #
+    #         ch.on_data do |ch, data|
+    #           print data
+    #           if data =~ /sudo password: /
+    #             ch.send_data("password\n")
+    #           end
+    #         end
+    #       end
+    #     end
+    #
+    #     ssh.loop
+    #   end
+    #
+    # This method accepts the following options (all are optional):
+    #
+    # * :auth_methods => an array of authentication methods to try
+    # * :bind_address => the IP address on the connecting machine to use in
+    #   establishing connection. (:bind_address is discarded if :proxy
+    #   is set.)
+    # * :check_host_ip => Also ckeck IP address when connecting to remote host.
+    #   Defaults to +true+.
+    # * :compression => the compression algorithm to use, or +true+ to use
+    #   whatever is supported.
+    # * :compression_level => the compression level to use when sending data
+    # * :config => set to +true+ to load the default OpenSSH config files
+    #   (~/.ssh/config, /etc/ssh_config), or to +false+ to not load them, or to
+    #   a file-name (or array of file-names) to load those specific configuration
+    #   files. Defaults to +true+.
+    # * :encryption => the encryption cipher (or ciphers) to use
+    # * :forward_agent => set to true if you want the SSH agent connection to
+    #   be forwarded
+    # * :known_hosts => a custom object holding known hosts records.
+    #   It must implement #search_for and `add` in a similiar manner as KnownHosts.
+    # * :global_known_hosts_file => the location of the global known hosts
+    #   file. Set to an array if you want to specify multiple global known
+    #   hosts files. Defaults to %w(/etc/ssh/ssh_known_hosts /etc/ssh/ssh_known_hosts2).
+    # * :hmac => the hmac algorithm (or algorithms) to use
+    # * :host_key => the host key algorithm (or algorithms) to use
+    # * :host_key_alias => the host name to use when looking up or adding a
+    #   host to a known_hosts dictionary file
+    # * :host_name => the real host name or IP to log into. This is used
+    #   instead of the +host+ parameter, and is primarily only useful when
+    #   specified in an SSH configuration file. It lets you specify an
+    #   "alias", similarly to adding an entry in /etc/hosts but without needing
+    #   to modify /etc/hosts.
+    # * :keepalive => set to +true+ to send a keepalive packet to the SSH server
+    #   when there's no traffic between the SSH server and Net::SSH client for
+    #   the keepalive_interval seconds. Defaults to +false+.
+    # * :keepalive_interval => the interval seconds for keepalive.
+    #   Defaults to +300+ seconds.
+    # * :keepalive_maxcount => the maximun number of keepalive packet miss allowed.
+    #   Defaults to 3
+    # * :kex => the key exchange algorithm (or algorithms) to use
+    # * :keys => an array of file names of private keys to use for publickey
+    #   and hostbased authentication
+    # * :keycerts => an array of file names of key certificates to use
+    #    with publickey authentication
+    # * :key_data => an array of strings, with each element of the array being
+    #   a raw private key in PEM format.
+    # * :keys_only => set to +true+ to use only private keys from +keys+ and
+    #   +key_data+ parameters, even if ssh-agent offers more identities. This
+    #   option is intended for situations where ssh-agent offers many different
+    #   identites.
+    # * :logger => the logger instance to use when logging
+    # * :max_pkt_size => maximum size we tell the other side that is supported per
+    #   packet. Default is 0x8000 (32768 bytes). Increase to 0x10000 (65536 bytes)
+    #   for better performance if your SSH server supports it (most do).
+    # * :max_win_size => maximum size we tell the other side that is supported for
+    #   the window.
+    # * :non_interactive => set to true if your app is non interactive and prefers
+    #   authentication failure vs password prompt. Non-interactive applications
+    #   should set it to true to prefer failing a password/etc auth methods vs.
+    #   asking for password.
+    # * :paranoid => deprecated alias for :verify_host_key
+    # * :passphrase => the passphrase to use when loading a private key (default
+    #   is +nil+, for no passphrase)
+    # * :password => the password to use to login
+    # * :port => the port to use when connecting to the remote host
+    # * :properties => a hash of key/value pairs to add to the new connection's
+    #   properties (see Net::SSH::Connection::Session#properties)
+    # * :proxy => a proxy instance (see Proxy) to use when connecting
+    # * :rekey_blocks_limit => the max number of blocks to process before rekeying
+    # * :rekey_limit => the max number of bytes to process before rekeying
+    # * :rekey_packet_limit => the max number of packets to process before rekeying
+    # * :send_env => an array of local environment variable names to export to the
+    #   remote environment. Names may be given as String or Regexp.
+    # * :set_env => a hash of environment variable names and values to set to the
+    #   remote environment. Override the ones if specified in +send_env+.
+    # * :timeout => how long to wait for the initial connection to be made
+    # * :user => the user name to log in as; this overrides the +user+
+    #   parameter, and is primarily only useful when provided via an SSH
+    #   configuration file.
+    # * :remote_user => used for substitution into the '%r' part of a ProxyCommand
+    # * :user_known_hosts_file => the location of the user known hosts file.
+    #   Set to an array to specify multiple user known hosts files.
+    #   Defaults to %w(~/.ssh/known_hosts ~/.ssh/known_hosts2).
+    # * :use_agent => Set false to disable the use of ssh-agent. Defaults to
+    #   true
+    # * :verbose => how verbose to be (Logger verbosity constants, Logger::DEBUG
+    #   is very verbose, Logger::FATAL is all but silent). Logger::FATAL is the
+    #   default. The symbols :debug, :info, :warn, :error, and :fatal are also
+    #   supported and are translated to the corresponding Logger constant.
+    # * :append_all_supported_algorithms => set to +true+ to append all supported
+    #   algorithms by net-ssh. Was the default behaviour until 2.10
+    # * :number_of_password_prompts => Number of prompts for the password
+    #   authentication method defaults to 3 set to 0 to disable prompt for
+    #   password auth method
+    # * :password_prompt => a custom prompt object with ask method. See Net::SSH::Prompt
+    #
+    # * :agent_socket_factory => enables the user to pass a lambda/block that will serve as the socket factory
+    #    Net::SSH.start(host,user,agent_socket_factory: ->{ UNIXSocket.open('/foo/bar') })
+    #    example: ->{ UNIXSocket.open('/foo/bar')}
+    # * :verify_host_key => specify how strict host-key verification should be.
+    #   In order of increasing strictness:
+    #   * :never (very insecure) ::Net::SSH::Verifiers::Never
+    #   * :accept_new_or_local_tunnel (insecure) ::Net::SSH::Verifiers::AcceptNewOrLocalTunnel
+    #   * :accept_new (insecure) ::Net::SSH::Verifiers::AcceptNew
+    #   * :always (secure) ::Net::SSH::Verifiers::Always
+    #   You can also provide an own Object which responds to +verify+. The argument
+    #   given to +verify+ is a hash consisting of the +:key+, the +:key_blob+,
+    #   the +:fingerprint+ and the +:session+. Returning true accepts the host key,
+    #   returning false declines it and closes the connection.
+    # * :fingerprint_hash => 'MD5' or 'SHA256', defaults to 'SHA256'
+    # If +user+ parameter is nil it defaults to USER from ssh_config, or
+    # local username
+    def self.start(host, user=nil, options={}, &block)
+      invalid_options = options.keys - VALID_OPTIONS
+      if invalid_options.any?
+        raise ArgumentError, "invalid option(s): #{invalid_options.join(', ')}"
+      end
+
+      assign_defaults(options)
+      _sanitize_options(options)
+
+      options[:user] = user if user
+      options = configuration_for(host, options.fetch(:config, true)).merge(options)
+      host = options.fetch(:host_name, host)
+
+      options[:check_host_ip] = true unless options.key?(:check_host_ip)
+
+      if options[:non_interactive]
+        options[:number_of_password_prompts] = 0
+      end
+
+      _support_deprecated_option_paranoid(options)
+
+      if options[:verbose]
+        options[:logger].level = case options[:verbose]
+                                 when Integer then options[:verbose]
+                                 when :debug then Logger::DEBUG
+                                 when :info  then Logger::INFO
+                                 when :warn  then Logger::WARN
+                                 when :error then Logger::ERROR
+                                 when :fatal then Logger::FATAL
+                                 else raise ArgumentError, "can't convert #{options[:verbose].inspect} to any of the Logger level constants"
+                                 end
+      end
+
+      transport = Transport::Session.new(host, options)
+      auth = Authentication::Session.new(transport, options)
+
+      user = options.fetch(:user, user) || Etc.getpwuid.name
+      if auth.authenticate("ssh-connection", user, options[:password])
+        connection = Connection::Session.new(transport, options)
+        if block_given?
+          begin
+            yield connection
+          ensure
+            connection.close unless connection.closed?
+          end
+        else
+          return connection
+        end
+      else
+        transport.close
+        raise AuthenticationFailed, "Authentication failed for user #{user}@#{host}"
+      end
+    end
+
+    # Returns a hash of the configuration options for the given host, as read
+    # from the SSH configuration file(s). If +use_ssh_config+ is true (the
+    # default), this will load configuration from both ~/.ssh/config and
+    # /etc/ssh_config. If +use_ssh_config+ is nil or false, nothing will be
+    # loaded (and an empty hash returned). Otherwise, +use_ssh_config+ may
+    # be a file name (or array of file names) of SSH configuration file(s)
+    # to read.
+    #
+    # See Net::SSH::Config for the full description of all supported options.
+    def self.configuration_for(host, use_ssh_config)
+      files = case use_ssh_config
+              when true then Net::SSH::Config.expandable_default_files
+              when false, nil then return {}
+              else Array(use_ssh_config)
+              end
+
+      Net::SSH::Config.for(host, files)
+    end
+
+    def self.assign_defaults(options)
+      if !options[:logger]
+        options[:logger] = Logger.new(STDERR)
+        options[:logger].level = Logger::FATAL
+      end
+
+      options[:password_prompt] ||= Prompt.default(options)
+
+      %i[password passphrase].each do |key|
+        options.delete(key) if options.key?(key) && options[key].nil?
+      end
+    end
+
+    def self._sanitize_options(options)
+      invalid_option_values = [nil,[nil]]
+      unless (options.values & invalid_option_values).empty?
+        nil_options = options.select { |_k,v| invalid_option_values.include?(v) }.map(&:first)
+        Kernel.warn "#{caller_locations(2, 1)[0]}: Passing nil, or [nil] to Net::SSH.start is deprecated for keys: #{nil_options.join(', ')}"
+      end
+    end
+    private_class_method :_sanitize_options
+
+    def self._support_deprecated_option_paranoid(options)
+      if options.key?(:paranoid)
+        Kernel.warn(
+          ":paranoid is deprecated, please use :verify_host_key. Supported " \
+          "values are exactly the same, only the name of the option has changed."
+        )
+        if options.key?(:verify_host_key)
+          Kernel.warn(
+            "Both :paranoid and :verify_host_key were specified. " \
+            ":verify_host_key takes precedence, :paranoid will be ignored."
+          )
+        else
+          options[:verify_host_key] = options.delete(:paranoid)
+        end
+      end
+    end
+    private_class_method :_support_deprecated_option_paranoid
+  end
+end

data/net-ssh-public_cert.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDDBpuZXRz
+c2gvREM9c29sdXRpb3VzL0RDPWNvbTAeFw0yMTA4MTAwODMyMzBaFw0yMjA4MTAw
+ODMyMzBaMCUxIzAhBgNVBAMMGm5ldHNzaC9EQz1zb2x1dGlvdXMvREM9Y29tMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxieE22fR/qmdPKUHyYTyUx2g
+wskLwrCkxay+Tvc97ZZUOwf85LDDDPqhQaTWLvRwnIOMgQE2nBPzwalVclK6a+pW
+x/18KDeZY15vm3Qn5p42b0wi9hUxOqPm3J2hdCLCcgtENgdX21nVzejn39WVqFJO
+lntgSDNW5+kCS8QaRsmIbzj17GKKkrsw39kiQw7FhWfJFeTjddzoZiWwc59KA/Bx
+fBbmDnsMLAtAtauMOxORrbx3EOY7sHku/kSrMg3FXFay7jc6BkbbUij+MjJ/k82l
+4o8o0YO4BAnya90xgEmgOG0LCCxRhuXQFnMDuDjK2XnUe0h4/6NCn94C+z9GsQID
+AQABo3sweTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQUBfKiwO2e
+M4NEiRrVG793qEPLYyMwHwYDVR0RBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20w
+HwYDVR0SBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20wDQYJKoZIhvcNAQELBQAD
+ggEBABRChgo0Jo+iXSnTpODNongzZoU0sWqwx3/FQVo8nyAyr1qFuiqpSPb4bDbU
+DsVnUn3t0X/gGA8qJhutlmfTpEQCjUeyj2x9rWpD3lvttlGWV6btQ0qN4Dfc2gsw
+rCp9Jpful0HGWhiwfjWfsarqAdtLzIG0UC47IN7LGeCMRJIijOsXQhiZ915eNBEw
+g9+WSSGHkMFt/7vi2pFkvXSC0+RF8ovvRWf4Zw2aYXtJ1GElgi4ZS/s6ZU0gmv20
+i4SfC5m5UXIVZvOBYiMuZ/1B2m6R9xU41027zfOVwRFNtlVDiNfQRq6sDmz44At/
+dv8pkxXDgySe41vzlRXFsgIgz5A=
+-----END CERTIFICATE-----

data/net-ssh.gemspec

@@ -0,0 +1,44 @@
+require_relative 'lib/net/ssh/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "net-ssh-backports"
+  spec.version       = Net::SSH::Version::STRING
+  spec.authors       = ["Jamis Buck", "Delano Mandelbaum", "Mikl\u{f3}s Fazekas"]
+  spec.email         = ["net-ssh@solutious.com"]
+
+  if ENV['NET_SSH_BUILDGEM_SIGNED']
+    spec.cert_chain = ["net-ssh-public_cert.pem"]
+    spec.signing_key = "/mnt/gem/net-ssh-private_key.pem"
+  end
+
+  spec.summary       = %q{Net::SSH: a pure-Ruby implementation of the SSH2 client protocol.}
+  spec.description   = %q{Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2.}
+  spec.homepage      = "https://github.com/net-ssh/net-ssh"
+  spec.license       = "MIT"
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.4.5")
+  spec.metadata = {
+    "changelog_uri" => "https://github.com/net-ssh/net-ssh/blob/master/CHANGES.txt"
+  }
+
+  spec.extra_rdoc_files = [
+    "LICENSE.txt",
+    "README.md"
+  ]
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  unless ENV['NET_SSH_NO_ED25519']
+    spec.add_development_dependency("bcrypt_pbkdf", "~> 1.0") unless RUBY_PLATFORM == "java"
+    spec.add_development_dependency("ed25519", "~> 1.2")
+    spec.add_development_dependency('x25519') unless RUBY_PLATFORM == 'java'
+  end
+
+  spec.add_development_dependency "bundler", ">= 1.17"
+  spec.add_development_dependency "minitest", "~> 5.10"
+  spec.add_development_dependency "mocha", "~> 1.11.2"
+  spec.add_development_dependency "rake", "~> 12.0"
+  spec.add_development_dependency "rubocop", "~> 1.12.1"
+end

data/support/ssh_tunnel_bug.rb

@@ -0,0 +1,65 @@
+#!/usr/bin/ruby
+
+# SSH TUNNEL CONNECTION BUG
+# from: http://net-ssh.lighthouseapp.com/projects/36253/tickets/7-an-existing-connection-was-forcibly-closed-by-the-remote-host#ticket-7-3
+#
+# Steps to reproduce:
+#
+# * Start HTTP Proxy
+#   * If running debian in EC2:
+#     * apt-get install squid
+#     * Add the following to /etc/squid/squid.conf:
+#       acl localnet src 1.2.3.0/255.255.255.0
+#       http_access allow  localnet
+#       icp_access  allow  localnet
+#       visible_hostname netsshtest
+#     * Start squid squid -N -d 1 -D
+# * Run this script
+# * Configure browser proxy to use localhost with LOCAL_PORT.
+# * Load any page, wait for it to load fully. If the page loads
+#   correctly, move on. If not, something needs to be corrected.
+# * Refresh the page several times. This should cause this
+#   script to failed with the error: "closed stream". You may
+#   need to try a few times.
+#
+
+require 'highline/import'
+require 'net/ssh'
+
+LOCAL_PORT = 8080
+PROXY_PORT = 3128
+
+host, user = *ARGV
+abort "Usage: #{$0} host user" unless ARGV.size == 2
+
+puts "Connecting to #{user}@#{host}..."
+pass = ask("Password: ") { |q| q.echo = "*" }
+puts "Configure your browser proxy to localhost:#{LOCAL_PORT}"
+
+begin
+  session = Net::SSH.start(host, user, password: pass)
+  session.forward.local(LOCAL_PORT, host, PROXY_PORT)
+  session.loop {true}
+rescue StandardError => e
+  puts e.message
+  puts e.backtrace
+end
+
+
+__END__
+
+$ ruby support/ssh_tunnel.rb host user
+Connecting to user@host...
+Password: ******
+Configure your browser proxy to localhost:8080
+closed stream
+/usr/local/lib/ruby/gems/1.9.1/gems/net-ssh-2.0.15/lib/net/ssh/buffered_io.rb:99:in `send'
+/usr/local/lib/ruby/gems/1.9.1/gems/net-ssh-2.0.15/lib/net/ssh/buffered_io.rb:99:in `send_pending'
+/usr/local/lib/ruby/gems/1.9.1/gems/net-ssh-2.0.15/lib/net/ssh/connection/session.rb:236:in `block in postprocess'
+/usr/local/lib/ruby/gems/1.9.1/gems/net-ssh-2.0.15/lib/net/ssh/connection/session.rb:235:in `each'
+/usr/local/lib/ruby/gems/1.9.1/gems/net-ssh-2.0.15/lib/net/ssh/connection/session.rb:235:in `postprocess'
+/usr/local/lib/ruby/gems/1.9.1/gems/net-ssh-2.0.15/lib/net/ssh/connection/session.rb:203:in `process'
+/usr/local/lib/ruby/gems/1.9.1/gems/net-ssh-2.0.15/lib/net/ssh/connection/session.rb:161:in `block in loop'
+/usr/local/lib/ruby/gems/1.9.1/gems/net-ssh-2.0.15/lib/net/ssh/connection/session.rb:161:in `loop'
+/usr/local/lib/ruby/gems/1.9.1/gems/net-ssh-2.0.15/lib/net/ssh/connection/session.rb:161:in `loop'
+