net-ssh 2.9.2 → 4.0.0

data/lib/net/ssh/transport/server_version.rb

@@ -25,11 +25,11 @@ module Net; module SSH; module Transport
 
     # Instantiates a new ServerVersion and immediately (and synchronously)
     # negotiates the SSH protocol in effect, using the given socket.
-    def initialize(socket, logger)
+    def initialize(socket, logger, timeout = nil)
       @header = ""
       @version = nil
       @logger = logger
-      negotiate!(socket)
+      negotiate!(socket, timeout)
     end
 
     private
@@ -37,9 +37,16 @@ module Net; module SSH; module Transport
       # Negotiates the SSH protocol to use, via the given socket. If the server
       # reports an incompatible SSH version (e.g., SSH1), this will raise an
       # exception.
-      def negotiate!(socket)
+      def negotiate!(socket, timeout)
         info { "negotiating protocol version" }
 
+        debug { "local is `#{PROTO_VERSION}'" }
+        socket.write "#{PROTO_VERSION}\r\n"
+        socket.flush
+
+        if timeout && !IO.select([socket], nil, nil, timeout)
+          raise Net::SSH::ConnectionTimeout, "timeout during server version negotiating"
+        end
         loop do
           @version = ""
           loop do
@@ -63,9 +70,9 @@ module Net; module SSH; module Transport
           raise Net::SSH::Exception, "incompatible SSH version `#{@version}'"
         end
 
-        debug { "local is `#{PROTO_VERSION}'" }
-        socket.write "#{PROTO_VERSION}\r\n"
-        socket.flush
+        if timeout && !IO.select(nil, [socket], nil, timeout)
+          raise Net::SSH::ConnectionTimeout, "timeout during client version negotiating"
+        end
       end
   end
 end; end; end

data/lib/net/ssh/transport/session.rb

@@ -1,5 +1,4 @@
 require 'socket'
-require 'timeout'
 
 require 'net/ssh/errors'
 require 'net/ssh/loggable'
@@ -63,14 +62,15 @@ module Net; module SSH; module Transport
       @options = options
 
       debug { "establishing connection to #{@host}:#{@port}" }
-      factory = options[:proxy] || TCPSocket
-      @socket = timeout(options[:timeout] || 0) {
-        case
-        when options[:proxy] then factory.open(@host, @port, options)
-        when @bind_address.nil? then factory.open(@host, @port)
-        else factory.open(@host, @port, @bind_address)
+
+      @socket =
+        if (factory = options[:proxy])
+          factory.open(@host, @port, options)
+        else
+          Socket.tcp(@host, @port, @bind_address, nil,
+                     connect_timeout: options[:timeout])
         end
-      }
+
       @socket.extend(PacketStream)
       @socket.logger = @logger
 
@@ -81,10 +81,20 @@ module Net; module SSH; module Transport
       @host_key_verifier = select_host_key_verifier(options[:paranoid])
 
 
-      @server_version = timeout(options[:timeout] || 0) { ServerVersion.new(socket, logger) }
+      @server_version = ServerVersion.new(socket, logger, options[:timeout])
 
       @algorithms = Algorithms.new(self, options)
+      @algorithms.start
       wait { algorithms.initialized? }
+    rescue Errno::ETIMEDOUT
+      raise Net::SSH::ConnectionTimeout
+    end
+
+    def host_keys
+      @host_keys ||= begin
+        known_hosts = options.fetch(:known_hosts, KnownHosts)
+        known_hosts.search_for(options[:host_key_alias] || host_as_string, options)
+      end
     end
 
     # Returns the host (and possibly IP address) in a format compatible with
@@ -154,7 +164,7 @@ module Net; module SSH; module Transport
     # Returns a hash of information about the peer (remote) side of the socket,
     # including :ip, :port, :host, and :canonized (see #host_as_string).
     def peer
-      @peer ||= { :ip => socket.peer_ip, :port => @port.to_i, :host => @host, :canonized => host_as_string }
+      @peer ||= { ip: socket.peer_ip, port: @port.to_i, host: @host, canonized: host_as_string }
     end
 
     # Blocks until a new packet is available to be read, and returns that

data/lib/net/ssh/transport/state.rb

@@ -192,7 +192,7 @@ module Net; module SSH; module Transport
 
       def update_next_iv(data, reset=false)
         @next_iv << data
-        @next_iv = @next_iv[-cipher.iv_len..-1]
+        @next_iv = @next_iv[@next_iv.size-cipher.iv_len..-1]
 
         if reset
           cipher.reset

data/lib/net/ssh/verifiers/secure.rb

@@ -13,18 +13,16 @@ module Net; module SSH; module Verifiers
   # Otherwise, this returns true.
   class Secure
     def verify(arguments)
-      options = arguments[:session].options
-      host = options[:host_key_alias] || arguments[:session].host_as_string
-      matches = Net::SSH::KnownHosts.search_for(host, arguments[:session].options)
+      host_keys = arguments[:session].host_keys
 
       # We've never seen this host before, so raise an exception.
-      if matches.empty?
-        process_cache_miss(host, arguments, HostKeyUnknown, "is unknown")
+      if host_keys.empty?
+        process_cache_miss(host_keys, arguments, HostKeyUnknown, "is unknown")
       end
 
       # If we found any matches, check to see that the key type and
       # blob also match.
-      found = matches.any? do |key|
+      found = host_keys.any? do |key|
         key.ssh_type == arguments[:key].ssh_type &&
         key.to_blob  == arguments[:key].to_blob
       end
@@ -32,7 +30,7 @@ module Net; module SSH; module Verifiers
       # If a match was found, return true. Otherwise, raise an exception
       # indicating that the key was not recognized.
       unless found
-        process_cache_miss(host, arguments, HostKeyMismatch, "does not match")
+        process_cache_miss(host_keys, arguments, HostKeyMismatch, "does not match")
       end
 
       found
@@ -40,12 +38,12 @@ module Net; module SSH; module Verifiers
 
     private
 
-    def process_cache_miss(host, args, exc_class, message)
+    def process_cache_miss(host_keys, args, exc_class, message)
       exception = exc_class.new("fingerprint #{args[:fingerprint]} " +
-                                "#{message} for #{host.inspect}")
+                                "#{message} for #{host_keys.host.inspect}")
       exception.data = args
       exception.callback = Proc.new do
-        Net::SSH::KnownHosts.add(host, args[:key], args[:session].options)
+        host_keys.add_host_key(args[:key])
       end
       raise exception
     end

data/lib/net/ssh/version.rb

@@ -45,15 +45,15 @@ module Net; module SSH
     end
 
     # The major component of this version of the Net::SSH library
-    MAJOR = 2
+    MAJOR = 4
 
     # The minor component of this version of the Net::SSH library
-    MINOR = 9
+    MINOR = 0
 
     # The tiny component of this version of the Net::SSH library
-    TINY  = 2
+    TINY  = 0
 
-    # The prerelease component of this version of the Net::SSH library 
+    # The prerelease component of this version of the Net::SSH library
     # nil allowed
     PRE   = nil
 

data/lib/net/ssh.rb

@@ -3,6 +3,7 @@
 ENV['HOME'] ||= ENV['HOMEPATH'] ? "#{ENV['HOMEDRIVE']}#{ENV['HOMEPATH']}" : Dir.pwd
 
 require 'logger'
+require 'etc'
 
 require 'net/ssh/config'
 require 'net/ssh/errors'
@@ -10,6 +11,7 @@ require 'net/ssh/loggable'
 require 'net/ssh/transport/session'
 require 'net/ssh/authentication/session'
 require 'net/ssh/connection/session'
+require 'net/ssh/prompt'
 
 module Net
 
@@ -39,21 +41,21 @@ module Net
   #
   # == X == "execute a command and capture the output"
   #
-  #   Net::SSH.start("host", "user", :password => "password") do |ssh|
+  #   Net::SSH.start("host", "user", password: "password") do |ssh|
   #     result = ssh.exec!("ls -l")
   #     puts result
   #   end
   #
   # == X == "forward connections on a local port to a remote host"
   #
-  #   Net::SSH.start("host", "user", :password => "password") do |ssh|
+  #   Net::SSH.start("host", "user", password: "password") do |ssh|
   #     ssh.forward.local(1234, "www.google.com", 80)
   #     ssh.loop { true }
   #   end
   #
   # == X == "forward connections on a remote port to the local host"
   #
-  #   Net::SSH.start("host", "user", :password => "password") do |ssh|
+  #   Net::SSH.start("host", "user", password: "password") do |ssh|
   #     ssh.forward.remote(80, "www.google.com", 1234)
   #     ssh.loop { true }
   #   end
@@ -62,13 +64,15 @@ module Net
     # Net::SSH.start for a description of each option.
     VALID_OPTIONS = [
       :auth_methods, :bind_address, :compression, :compression_level, :config,
-      :encryption, :forward_agent, :hmac, :host_key,
+      :encryption, :forward_agent, :hmac, :host_key, :remote_user,
       :keepalive, :keepalive_interval, :keepalive_maxcount, :kex, :keys, :key_data,
       :languages, :logger, :paranoid, :password, :port, :proxy,
       :rekey_blocks_limit,:rekey_limit, :rekey_packet_limit, :timeout, :verbose,
-      :global_known_hosts_file, :user_known_hosts_file, :host_key_alias,
+      :known_hosts, :global_known_hosts_file, :user_known_hosts_file, :host_key_alias,
       :host_name, :user, :properties, :passphrase, :keys_only, :max_pkt_size,
-      :max_win_size, :send_env, :use_agent, :number_of_password_prompts
+      :max_win_size, :send_env, :use_agent, :number_of_password_prompts,
+      :append_supported_algorithms, :non_interactive, :password_prompt, :agent_socket_factory,
+      :minimum_dh_bits
     ]
 
     # The standard means of starting a new SSH connection. When used with a
@@ -113,6 +117,8 @@ module Net
     # * :encryption => the encryption cipher (or ciphers) to use
     # * :forward_agent => set to true if you want the SSH agent connection to
     #   be forwarded
+    # * :known_hosts => a custom object holding known hosts records.
+    #   It must implement #search_for and add in a similiar manner as KnownHosts.
     # * :global_known_hosts_file => the location of the global known hosts
     #   file. Set to an array if you want to specify multiple global known
     #   hosts files. Defaults to %w(/etc/ssh/ssh_known_hosts /etc/ssh/ssh_known_hosts2).
@@ -131,6 +137,7 @@ module Net
     # * :keepalive_interval => the interval seconds for keepalive.
     #   Defaults to +300+ seconds.
     # * :keepalive_maxcount => the maximun number of keepalive packet miss allowed.
+    #   Defaults to 3
     # * :kex => the key exchange algorithm (or algorithms) to use
     # * :keys => an array of file names of private keys to use for publickey
     #   and hostbased authentication
@@ -146,6 +153,10 @@ module Net
     #   for better performance if your SSH server supports it (most do).
     # * :max_win_size => maximum size we tell the other side that is supported for
     #   the window.
+    # * :non_interactive => set to true if your app is non interactive and prefers
+    #   authentication failure vs password prompt. Non-interactive applications
+    #   should set it to true to prefer failing a password/etc auth methods vs.
+    #   asking for password.
     # * :paranoid => either false, true, :very, or :secure specifying how
     #   strict host-key verification should be (in increasing order here).
     #   You can also provide an own Object which responds to +verify+. The argument
@@ -168,33 +179,48 @@ module Net
     # * :user => the user name to log in as; this overrides the +user+
     #   parameter, and is primarily only useful when provided via an SSH
     #   configuration file.
+    # * :remote_user => used for substitution into the '%r' part of a ProxyCommand
     # * :user_known_hosts_file => the location of the user known hosts file.
     #   Set to an array to specify multiple user known hosts files.
     #   Defaults to %w(~/.ssh/known_hosts ~/.ssh/known_hosts2).
-    # * :use_agent => Set false to disable the use of ssh-agent. Defaults to 
+    # * :use_agent => Set false to disable the use of ssh-agent. Defaults to
     #   true
     # * :verbose => how verbose to be (Logger verbosity constants, Logger::DEBUG
     #   is very verbose, Logger::FATAL is all but silent). Logger::FATAL is the
     #   default. The symbols :debug, :info, :warn, :error, and :fatal are also
     #   supported and are translated to the corresponding Logger constant.
-    def self.start(host, user, options={}, &block)
+    # * :append_all_supported_algorithms => set to +true+ to append all supported
+    #   algorithms by net-ssh. Was the default behaviour until 2.10
+    # * :number_of_password_prompts => Number of prompts for the password
+    #   authentication method defaults to 3 set to 0 to disable prompt for
+    #   password auth method
+    # * :password_prompt => a custom prompt object with ask method. See Net::SSH::Prompt
+    #
+    # * :agent_socket_factory => enables the user to pass a lambda/block that will serve as the socket factory
+    #    Net::SSH::start(user,host,agent_socket_factory: ->{ UNIXSocket.open('/foo/bar') })
+    #    example: ->{ UNIXSocket.open('/foo/bar')}
+    # If +user+ parameter is nil it defaults to USER from ssh_config, or
+    # local username
+    def self.start(host, user=nil, options={}, &block)
       invalid_options = options.keys - VALID_OPTIONS
       if invalid_options.any?
         raise ArgumentError, "invalid option(s): #{invalid_options.join(', ')}"
       end
 
+      assign_defaults(options)
+      _sanitize_options(options)
+
       options[:user] = user if user
       options = configuration_for(host, options.fetch(:config, true)).merge(options)
       host = options.fetch(:host_name, host)
 
-      if !options.key?(:logger)
-        options[:logger] = Logger.new(STDERR)
-        options[:logger].level = Logger::FATAL
+      if options[:non_interactive]
+        options[:number_of_password_prompts] = 0
       end
 
       if options[:verbose]
         options[:logger].level = case options[:verbose]
-          when Fixnum then options[:verbose]
+          when Integer then options[:verbose]
           when :debug then Logger::DEBUG
           when :info  then Logger::INFO
           when :warn  then Logger::WARN
@@ -207,7 +233,7 @@ module Net
       transport = Transport::Session.new(host, options)
       auth = Authentication::Session.new(transport, options)
 
-      user = options.fetch(:user, user)
+      user = options.fetch(:user, user) || Etc.getlogin
       if auth.authenticate("ssh-connection", user, options[:password])
         connection = Connection::Session.new(transport, options)
         if block_given?
@@ -234,7 +260,7 @@ module Net
     # to read.
     #
     # See Net::SSH::Config for the full description of all supported options.
-    def self.configuration_for(host, use_ssh_config=true)
+    def self.configuration_for(host, use_ssh_config)
       files = case use_ssh_config
         when true then Net::SSH::Config.default_files
         when false, nil then return {}
@@ -243,5 +269,27 @@ module Net
 
       Net::SSH::Config.for(host, files)
     end
+
+    def self.assign_defaults(options)
+      if !options[:logger]
+        options[:logger] = Logger.new(STDERR)
+        options[:logger].level = Logger::FATAL
+      end
+
+      options[:password_prompt] ||= Prompt.default(options)
+
+      [:password, :passphrase].each do |key|
+        options.delete(key) if options.key?(key) && options[key].nil?
+      end
+    end
+
+    def self._sanitize_options(options)
+      invalid_option_values = [nil,[nil]]
+      unless (options.values & invalid_option_values).empty?
+        nil_options = options.select { |_k,v| invalid_option_values.include?(v) }.map(&:first)
+        Kernel.warn "#{caller_locations(2, 1)[0]}: Passing nil, or [nil] to Net::SSH.start is deprecated for keys: #{nil_options.join(', ')}"
+      end
+    end
+    private_class_method :_sanitize_options
   end
 end

data/net-ssh-public_cert.pem

@@ -1,20 +1,21 @@
 -----BEGIN CERTIFICATE-----
-MIIDODCCAiCgAwIBAgIBADANBgkqhkiG9w0BAQUFADBCMRAwDgYDVQQDDAduZXQt
-c3NoMRkwFwYKCZImiZPyLGQBGRYJc29sdXRpb3VzMRMwEQYKCZImiZPyLGQBGRYD
-Y29tMB4XDTE0MTIwMjE3MzkyMFoXDTE1MTIwMjE3MzkyMFowQjEQMA4GA1UEAwwH
-bmV0LXNzaDEZMBcGCgmSJomT8ixkARkWCXNvbHV0aW91czETMBEGCgmSJomT8ixk
-ARkWA2NvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ0qnw4JV5JN
-MWelqu7pnW2z6GZJ7+zLFYJQNETJyF0U5zo7aCRK08OeUxnpu/TCCXK8iQVkNLfz
-9pVIhF+X8pMEIruAkYGwBt1aWfuSNeyodyMk0vpZdxBHbOTJ4qBRUc6qOtNOeOzv
-8ObYUX52P/EMMaeXTRU+e7MGkB9pb6FvPPNx5akxwIaoRvtcMsc/hJnQuP5r96w6
-t06MgKbXhWAX6gev0RVlrQqzxXst6iuvsrgZGjFqzob5wbTiX9M0+bFAB0EI7tJC
-sv5keEbtNRaU7p3ZbMm4wTHHJLOtD+BpUCSzwv4ToNj9mZtJBMYw2Eeo7z1DklEG
-mr95zbe+zNMCAwEAAaM5MDcwCQYDVR0TBAIwADAdBgNVHQ4EFgQU1bTfpzmitXwv
-LmTXi0IO5vd8NGYwCwYDVR0PBAQDAgSwMA0GCSqGSIb3DQEBBQUAA4IBAQA0Aps8
-UPINGa8XUUtrZtzrgX0/iyXNkKY1ld85g1N3WKEAVLfQI7TlGr0Qv2Ekx6RqlxbR
-Vyq08pytSnghW2otR3bIGMGQzqxAeRLb25cjEwH7YIJ32n7ZC1fpMnBZOBDmueWA
-B9EonmoO3ne7AJSgIvBbZzBPhzM4HrQGRW8LsPFsuj+dcJI43HOQwkmv2TRz0+t6
-mGZldmqLcK0abv4JepLfB9XTue3kuyA29NGBibqyvRwlKckLpvKfHZX6Jxad8xxm
-MbvRpzgROzyfw1qYi4dnIyMwTtXFFcZ0a2jpxHPkcTYFK6TzvFgDLAP0Y/u9jqUQ
-eZ7/3CdSi/isZHEw
+MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBBMQ8wDQYDVQQDDAZuZXRz
+c2gxGTAXBgoJkiaJk/IsZAEZFglzb2x1dGlvdXMxEzARBgoJkiaJk/IsZAEZFgNj
+b20wHhcNMTYxMjE1MTgwNTIyWhcNMTcxMjE1MTgwNTIyWjBBMQ8wDQYDVQQDDAZu
+ZXRzc2gxGTAXBgoJkiaJk/IsZAEZFglzb2x1dGlvdXMxEzARBgoJkiaJk/IsZAEZ
+FgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGJ4TbZ9H+qZ08
+pQfJhPJTHaDCyQvCsKTFrL5O9z3tllQ7B/zksMMM+qFBpNYu9HCcg4yBATacE/PB
+qVVyUrpr6lbH/XwoN5ljXm+bdCfmnjZvTCL2FTE6o+bcnaF0IsJyC0Q2B1fbWdXN
+6Off1ZWoUk6We2BIM1bn6QJLxBpGyYhvOPXsYoqSuzDf2SJDDsWFZ8kV5ON13Ohm
+JbBzn0oD8HF8FuYOewwsC0C1q4w7E5GtvHcQ5juweS7+RKsyDcVcVrLuNzoGRttS
+KP4yMn+TzaXijyjRg7gECfJr3TGASaA4bQsILFGG5dAWcwO4OMrZedR7SHj/o0Kf
+3gL7P0axAgMBAAGjezB5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
+BBQF8qLA7Z4zg0SJGtUbv3eoQ8tjIzAfBgNVHREEGDAWgRRuZXRzc2hAc29sdXRp
+b3VzLmNvbTAfBgNVHRIEGDAWgRRuZXRzc2hAc29sdXRpb3VzLmNvbTANBgkqhkiG
+9w0BAQUFAAOCAQEATd8If+Ytmhf5lELy24j76ahGv64m518WTCdV2nIViGXB2BnV
+uLQylGRb1rcgUS3Eh9TE28hqrfhotKS6a96qF9kN0mY2H6UwPWswJ+tj3gA1vLW8
+wlZNlYGJ91Ig9zULPSbATyOOprUZyggy5p1260BaaI3LQYDeGJOSqpHCVu+TuMcy
+k00ofiLT1crDSUl2WE/OIFK8AXpmd798AMsef8okHeoo+Dj7zCXn0VSimN+MO1mE
+L4d54WIy4HkZCqQXoTSiK5HZMIdXkPk3F1bZdJ8Dy1sMRru0rUkkM5mW7TQ75mfW
+Zp0QrZyNZhtitrXFbZneGRrIA/8G2Krft5Ly/A==
 -----END CERTIFICATE-----

data/net-ssh.gemspec

@@ -1,203 +1,43 @@
-# Generated by jeweler
-# DO NOT EDIT THIS FILE DIRECTLY
-# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
-# -*- encoding: utf-8 -*-
-# stub: net-ssh 2.9.2 ruby lib
+# coding: utf-8
+require_relative 'lib/net/ssh/version'
 
-Gem::Specification.new do |s|
-  s.name = "net-ssh"
-  s.version = "2.9.2"
+Gem::Specification.new do |spec|
+  spec.name          = "net-ssh"
+  spec.version       = Net::SSH::Version::STRING
+  spec.authors       = ["Jamis Buck", "Delano Mandelbaum", "Mikl\u{f3}s Fazekas"]
+  spec.email         = ["net-ssh@solutious.com"]
 
-  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
-  s.require_paths = ["lib"]
-  s.authors = ["Jamis Buck", "Delano Mandelbaum", "Mikl\u{f3}s Fazekas"]
-  s.cert_chain = ["net-ssh-public_cert.pem"]
-  s.date = "2015-01-09"
-  s.description = "Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2."
-  s.email = "net-ssh@solutious.com"
-  s.extra_rdoc_files = [
+  if ENV['NET_SSH_BUILDGEM_SIGNED']
+    spec.cert_chain = ["net-ssh-public_cert.pem"]
+    spec.signing_key = "/mnt/gem/net-ssh-private_key.pem"
+  end
+
+  spec.summary       = %q{Net::SSH: a pure-Ruby implementation of the SSH2 client protocol.}
+  spec.description   = %q{Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2.}
+  spec.homepage      = "https://github.com/net-ssh/net-ssh"
+  spec.license       = "MIT"
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.0")
+
+  spec.extra_rdoc_files = [
     "LICENSE.txt",
     "README.rdoc"
   ]
-  s.files = [
-    ".travis.yml",
-    "CHANGES.txt",
-    "LICENSE.txt",
-    "Manifest",
-    "README.rdoc",
-    "Rakefile",
-    "Rudyfile",
-    "THANKS.txt",
-    "lib/net/ssh.rb",
-    "lib/net/ssh/authentication/agent.rb",
-    "lib/net/ssh/authentication/agent/java_pageant.rb",
-    "lib/net/ssh/authentication/agent/socket.rb",
-    "lib/net/ssh/authentication/constants.rb",
-    "lib/net/ssh/authentication/key_manager.rb",
-    "lib/net/ssh/authentication/methods/abstract.rb",
-    "lib/net/ssh/authentication/methods/hostbased.rb",
-    "lib/net/ssh/authentication/methods/keyboard_interactive.rb",
-    "lib/net/ssh/authentication/methods/none.rb",
-    "lib/net/ssh/authentication/methods/password.rb",
-    "lib/net/ssh/authentication/methods/publickey.rb",
-    "lib/net/ssh/authentication/pageant.rb",
-    "lib/net/ssh/authentication/session.rb",
-    "lib/net/ssh/buffer.rb",
-    "lib/net/ssh/buffered_io.rb",
-    "lib/net/ssh/config.rb",
-    "lib/net/ssh/connection/channel.rb",
-    "lib/net/ssh/connection/constants.rb",
-    "lib/net/ssh/connection/keepalive.rb",
-    "lib/net/ssh/connection/session.rb",
-    "lib/net/ssh/connection/term.rb",
-    "lib/net/ssh/errors.rb",
-    "lib/net/ssh/key_factory.rb",
-    "lib/net/ssh/known_hosts.rb",
-    "lib/net/ssh/loggable.rb",
-    "lib/net/ssh/packet.rb",
-    "lib/net/ssh/prompt.rb",
-    "lib/net/ssh/proxy/command.rb",
-    "lib/net/ssh/proxy/errors.rb",
-    "lib/net/ssh/proxy/http.rb",
-    "lib/net/ssh/proxy/socks4.rb",
-    "lib/net/ssh/proxy/socks5.rb",
-    "lib/net/ssh/ruby_compat.rb",
-    "lib/net/ssh/service/forward.rb",
-    "lib/net/ssh/test.rb",
-    "lib/net/ssh/test/channel.rb",
-    "lib/net/ssh/test/extensions.rb",
-    "lib/net/ssh/test/kex.rb",
-    "lib/net/ssh/test/local_packet.rb",
-    "lib/net/ssh/test/packet.rb",
-    "lib/net/ssh/test/remote_packet.rb",
-    "lib/net/ssh/test/script.rb",
-    "lib/net/ssh/test/socket.rb",
-    "lib/net/ssh/transport/algorithms.rb",
-    "lib/net/ssh/transport/cipher_factory.rb",
-    "lib/net/ssh/transport/constants.rb",
-    "lib/net/ssh/transport/ctr.rb",
-    "lib/net/ssh/transport/hmac.rb",
-    "lib/net/ssh/transport/hmac/abstract.rb",
-    "lib/net/ssh/transport/hmac/md5.rb",
-    "lib/net/ssh/transport/hmac/md5_96.rb",
-    "lib/net/ssh/transport/hmac/none.rb",
-    "lib/net/ssh/transport/hmac/ripemd160.rb",
-    "lib/net/ssh/transport/hmac/sha1.rb",
-    "lib/net/ssh/transport/hmac/sha1_96.rb",
-    "lib/net/ssh/transport/hmac/sha2_256.rb",
-    "lib/net/ssh/transport/hmac/sha2_256_96.rb",
-    "lib/net/ssh/transport/hmac/sha2_512.rb",
-    "lib/net/ssh/transport/hmac/sha2_512_96.rb",
-    "lib/net/ssh/transport/identity_cipher.rb",
-    "lib/net/ssh/transport/kex.rb",
-    "lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb",
-    "lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb",
-    "lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb",
-    "lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb",
-    "lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb",
-    "lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb",
-    "lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb",
-    "lib/net/ssh/transport/key_expander.rb",
-    "lib/net/ssh/transport/openssl.rb",
-    "lib/net/ssh/transport/packet_stream.rb",
-    "lib/net/ssh/transport/server_version.rb",
-    "lib/net/ssh/transport/session.rb",
-    "lib/net/ssh/transport/state.rb",
-    "lib/net/ssh/verifiers/lenient.rb",
-    "lib/net/ssh/verifiers/null.rb",
-    "lib/net/ssh/verifiers/secure.rb",
-    "lib/net/ssh/verifiers/strict.rb",
-    "lib/net/ssh/version.rb",
-    "net-ssh-public_cert.pem",
-    "net-ssh.gemspec",
-    "setup.rb",
-    "support/arcfour_check.rb",
-    "support/ssh_tunnel_bug.rb",
-    "test/README.txt",
-    "test/authentication/methods/common.rb",
-    "test/authentication/methods/test_abstract.rb",
-    "test/authentication/methods/test_hostbased.rb",
-    "test/authentication/methods/test_keyboard_interactive.rb",
-    "test/authentication/methods/test_none.rb",
-    "test/authentication/methods/test_password.rb",
-    "test/authentication/methods/test_publickey.rb",
-    "test/authentication/test_agent.rb",
-    "test/authentication/test_key_manager.rb",
-    "test/authentication/test_session.rb",
-    "test/common.rb",
-    "test/configs/auth_off",
-    "test/configs/auth_on",
-    "test/configs/empty",
-    "test/configs/eqsign",
-    "test/configs/exact_match",
-    "test/configs/host_plus",
-    "test/configs/multihost",
-    "test/configs/negative_match",
-    "test/configs/nohost",
-    "test/configs/numeric_host",
-    "test/configs/send_env",
-    "test/configs/substitutes",
-    "test/configs/wild_cards",
-    "test/connection/test_channel.rb",
-    "test/connection/test_session.rb",
-    "test/known_hosts/github",
-    "test/manual/test_forward.rb",
-    "test/manual/test_pageant.rb",
-    "test/start/test_connection.rb",
-    "test/start/test_options.rb",
-    "test/start/test_transport.rb",
-    "test/test_all.rb",
-    "test/test_buffer.rb",
-    "test/test_buffered_io.rb",
-    "test/test_config.rb",
-    "test/test_key_factory.rb",
-    "test/test_known_hosts.rb",
-    "test/transport/hmac/test_md5.rb",
-    "test/transport/hmac/test_md5_96.rb",
-    "test/transport/hmac/test_none.rb",
-    "test/transport/hmac/test_ripemd160.rb",
-    "test/transport/hmac/test_sha1.rb",
-    "test/transport/hmac/test_sha1_96.rb",
-    "test/transport/hmac/test_sha2_256.rb",
-    "test/transport/hmac/test_sha2_256_96.rb",
-    "test/transport/hmac/test_sha2_512.rb",
-    "test/transport/hmac/test_sha2_512_96.rb",
-    "test/transport/kex/test_diffie_hellman_group14_sha1.rb",
-    "test/transport/kex/test_diffie_hellman_group1_sha1.rb",
-    "test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb",
-    "test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb",
-    "test/transport/kex/test_ecdh_sha2_nistp256.rb",
-    "test/transport/kex/test_ecdh_sha2_nistp384.rb",
-    "test/transport/kex/test_ecdh_sha2_nistp521.rb",
-    "test/transport/test_algorithms.rb",
-    "test/transport/test_cipher_factory.rb",
-    "test/transport/test_hmac.rb",
-    "test/transport/test_identity_cipher.rb",
-    "test/transport/test_packet_stream.rb",
-    "test/transport/test_server_version.rb",
-    "test/transport/test_session.rb",
-    "test/transport/test_state.rb"
-  ]
-  s.homepage = "https://github.com/net-ssh/net-ssh"
-  s.licenses = ["MIT"]
-  s.rubyforge_project = "net-ssh"
-  s.rubygems_version = "2.2.2"
-  s.signing_key = "/mnt/gem/net-ssh-private_key.pem"
-  s.summary = "Net::SSH: a pure-Ruby implementation of the SSH2 client protocol."
 
-  if s.respond_to? :specification_version then
-    s.specification_version = 4
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
 
-    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-      s.add_development_dependency(%q<test-unit>, [">= 0"])
-      s.add_development_dependency(%q<mocha>, [">= 0"])
-    else
-      s.add_dependency(%q<test-unit>, [">= 0"])
-      s.add_dependency(%q<mocha>, [">= 0"])
-    end
-  else
-    s.add_dependency(%q<test-unit>, [">= 0"])
-    s.add_dependency(%q<mocha>, [">= 0"])
+  unless ENV['NET_SSH_NO_RBNACL']
+    spec.add_development_dependency("rbnacl-libsodium", "~> 1.0.10")
+    spec.add_development_dependency("rbnacl", "~> 3.4.0")
+    spec.add_development_dependency("bcrypt_pbkdf", "~> 1.0.0") unless RUBY_PLATFORM == "java"
   end
-end
 
+  spec.add_development_dependency "bundler", "~> 1.11"
+
+  spec.add_development_dependency "rake", "~> 12.0"
+  spec.add_development_dependency "minitest", "~> 5.10"
+  spec.add_development_dependency "rubocop", "~> 0.46.0"
+  spec.add_development_dependency "mocha", ">= 1.2.1"
+end

data/support/arcfour_check.rb

@@ -14,7 +14,7 @@ require 'net/ssh'
 [['arcfour128', 16], ['arcfour256', 32], ['arcfour512', 64]].each do |cipher|
   print "#{cipher[0]}: "
   a = Net::SSH::Transport::CipherFactory.get_lengths(cipher[0])
-  b = Net::SSH::Transport::CipherFactory.get(cipher[0], :key => ([].fill('x', 0, cipher[1]).join))
+  b = Net::SSH::Transport::CipherFactory.get(cipher[0], key: ([].fill('x', 0, cipher[1]).join))
   puts "#{a} #{b.class}"
 end