net-ssh 4.2.0 → 7.0.1

data/lib/net/ssh.rb

@@ -4,6 +4,7 @@ ENV['HOME'] ||= ENV['HOMEPATH'] ? "#{ENV['HOMEDRIVE']}#{ENV['HOMEPATH']}" : Dir.
 
 require 'logger'
 require 'etc'
+require 'shellwords'
 
 require 'net/ssh/config'
 require 'net/ssh/errors'
@@ -14,7 +15,6 @@ require 'net/ssh/connection/session'
 require 'net/ssh/prompt'
 
 module Net
-
   # Net::SSH is a library for interacting, programmatically, with remote
   # processes via the SSH2 protocol. Sessions are always initiated via
   # Net::SSH.start. From there, a program interacts with the new SSH session
@@ -62,17 +62,18 @@ module Net
   module SSH
     # This is the set of options that Net::SSH.start recognizes. See
     # Net::SSH.start for a description of each option.
-    VALID_OPTIONS = [
-      :auth_methods, :bind_address, :compression, :compression_level, :config,
-      :encryption, :forward_agent, :hmac, :host_key, :remote_user,
-      :keepalive, :keepalive_interval, :keepalive_maxcount, :kex, :keys, :key_data,
-      :languages, :logger, :paranoid, :password, :port, :proxy,
-      :rekey_blocks_limit,:rekey_limit, :rekey_packet_limit, :timeout, :verbose,
-      :known_hosts, :global_known_hosts_file, :user_known_hosts_file, :host_key_alias,
-      :host_name, :user, :properties, :passphrase, :keys_only, :max_pkt_size,
-      :max_win_size, :send_env, :use_agent, :number_of_password_prompts,
-      :append_all_supported_algorithms, :non_interactive, :password_prompt,
-      :agent_socket_factory, :minimum_dh_bits, :verify_host_key
+    VALID_OPTIONS = %i[
+      auth_methods bind_address compression compression_level config
+      encryption forward_agent hmac host_key remote_user
+      keepalive keepalive_interval keepalive_maxcount kex keys key_data
+      keycerts languages logger paranoid password port proxy
+      rekey_blocks_limit rekey_limit rekey_packet_limit timeout verbose
+      known_hosts global_known_hosts_file user_known_hosts_file host_key_alias
+      host_name user properties passphrase keys_only max_pkt_size
+      max_win_size send_env set_env use_agent number_of_password_prompts
+      append_all_supported_algorithms non_interactive password_prompt
+      agent_socket_factory minimum_dh_bits verify_host_key
+      fingerprint_hash check_host_ip
     ]
 
     # The standard means of starting a new SSH connection. When used with a
@@ -107,6 +108,8 @@ module Net
     # * :bind_address => the IP address on the connecting machine to use in
     #   establishing connection. (:bind_address is discarded if :proxy
     #   is set.)
+    # * :check_host_ip => Also ckeck IP address when connecting to remote host.
+    #   Defaults to +true+.
     # * :compression => the compression algorithm to use, or +true+ to use
     #   whatever is supported.
     # * :compression_level => the compression level to use when sending data
@@ -118,7 +121,7 @@ module Net
     # * :forward_agent => set to true if you want the SSH agent connection to
     #   be forwarded
     # * :known_hosts => a custom object holding known hosts records.
-    #   It must implement #search_for and add in a similiar manner as KnownHosts.
+    #   It must implement #search_for and `add` in a similiar manner as KnownHosts.
     # * :global_known_hosts_file => the location of the global known hosts
     #   file. Set to an array if you want to specify multiple global known
     #   hosts files. Defaults to %w(/etc/ssh/ssh_known_hosts /etc/ssh/ssh_known_hosts2).
@@ -141,6 +144,8 @@ module Net
     # * :kex => the key exchange algorithm (or algorithms) to use
     # * :keys => an array of file names of private keys to use for publickey
     #   and hostbased authentication
+    # * :keycerts => an array of file names of key certificates to use
+    #    with publickey authentication
     # * :key_data => an array of strings, with each element of the array being
     #   a raw private key in PEM format.
     # * :keys_only => set to +true+ to use only private keys from +keys+ and
@@ -170,6 +175,8 @@ module Net
     # * :rekey_packet_limit => the max number of packets to process before rekeying
     # * :send_env => an array of local environment variable names to export to the
     #   remote environment. Names may be given as String or Regexp.
+    # * :set_env => a hash of environment variable names and values to set to the
+    #   remote environment. Override the ones if specified in +send_env+.
     # * :timeout => how long to wait for the initial connection to be made
     # * :user => the user name to log in as; this overrides the +user+
     #   parameter, and is primarily only useful when provided via an SSH
@@ -192,18 +199,22 @@ module Net
     # * :password_prompt => a custom prompt object with ask method. See Net::SSH::Prompt
     #
     # * :agent_socket_factory => enables the user to pass a lambda/block that will serve as the socket factory
-    #    Net::SSH::start(user,host,agent_socket_factory: ->{ UNIXSocket.open('/foo/bar') })
+    #    Net::SSH.start(host,user,agent_socket_factory: ->{ UNIXSocket.open('/foo/bar') })
     #    example: ->{ UNIXSocket.open('/foo/bar')}
-    # * :verify_host_key => either false, true, :very, or :secure specifying how
-    #   strict host-key verification should be (in increasing order here).
+    # * :verify_host_key => specify how strict host-key verification should be.
+    #   In order of increasing strictness:
+    #   * :never (very insecure) ::Net::SSH::Verifiers::Never
+    #   * :accept_new_or_local_tunnel (insecure) ::Net::SSH::Verifiers::AcceptNewOrLocalTunnel
+    #   * :accept_new (insecure) ::Net::SSH::Verifiers::AcceptNew
+    #   * :always (secure) ::Net::SSH::Verifiers::Always
     #   You can also provide an own Object which responds to +verify+. The argument
     #   given to +verify+ is a hash consisting of the +:key+, the +:key_blob+,
     #   the +:fingerprint+ and the +:session+. Returning true accepts the host key,
     #   returning false declines it and closes the connection.
-    #
+    # * :fingerprint_hash => 'MD5' or 'SHA256', defaults to 'SHA256'
     # If +user+ parameter is nil it defaults to USER from ssh_config, or
     # local username
-    def self.start(host, user=nil, options={}, &block)
+    def self.start(host, user = nil, options = {}, &block)
       invalid_options = options.keys - VALID_OPTIONS
       if invalid_options.any?
         raise ArgumentError, "invalid option(s): #{invalid_options.join(', ')}"
@@ -216,6 +227,8 @@ module Net
       options = configuration_for(host, options.fetch(:config, true)).merge(options)
       host = options.fetch(:host_name, host)
 
+      options[:check_host_ip] = true unless options.key?(:check_host_ip)
+
       if options[:non_interactive]
         options[:number_of_password_prompts] = 0
       end
@@ -224,20 +237,20 @@ module Net
 
       if options[:verbose]
         options[:logger].level = case options[:verbose]
-          when Integer then options[:verbose]
-          when :debug then Logger::DEBUG
-          when :info  then Logger::INFO
-          when :warn  then Logger::WARN
-          when :error then Logger::ERROR
-          when :fatal then Logger::FATAL
-          else raise ArgumentError, "can't convert #{options[:verbose].inspect} to any of the Logger level constants"
-        end
+                                 when Integer then options[:verbose]
+                                 when :debug then Logger::DEBUG
+                                 when :info  then Logger::INFO
+                                 when :warn  then Logger::WARN
+                                 when :error then Logger::ERROR
+                                 when :fatal then Logger::FATAL
+                                 else raise ArgumentError, "can't convert #{options[:verbose].inspect} to any of the Logger level constants"
+                                 end
       end
 
       transport = Transport::Session.new(host, options)
       auth = Authentication::Session.new(transport, options)
 
-      user = options.fetch(:user, user) || Etc.getlogin
+      user = options.fetch(:user, user) || Etc.getpwuid.name
       if auth.authenticate("ssh-connection", user, options[:password])
         connection = Connection::Session.new(transport, options)
         if block_given?
@@ -266,10 +279,10 @@ module Net
     # See Net::SSH::Config for the full description of all supported options.
     def self.configuration_for(host, use_ssh_config)
       files = case use_ssh_config
-        when true then Net::SSH::Config.expandable_default_files
-        when false, nil then return {}
-        else Array(use_ssh_config)
-        end
+              when true then Net::SSH::Config.expandable_default_files
+              when false, nil then return {}
+              else Array(use_ssh_config)
+              end
 
       Net::SSH::Config.for(host, files)
     end
@@ -282,15 +295,15 @@ module Net
 
       options[:password_prompt] ||= Prompt.default(options)
 
-      [:password, :passphrase].each do |key|
+      %i[password passphrase].each do |key|
         options.delete(key) if options.key?(key) && options[key].nil?
       end
     end
 
     def self._sanitize_options(options)
-      invalid_option_values = [nil,[nil]]
+      invalid_option_values = [nil, [nil]]
       unless (options.values & invalid_option_values).empty?
-        nil_options = options.select { |_k,v| invalid_option_values.include?(v) }.map(&:first)
+        nil_options = options.select { |_k, v| invalid_option_values.include?(v) }.map(&:first)
         Kernel.warn "#{caller_locations(2, 1)[0]}: Passing nil, or [nil] to Net::SSH.start is deprecated for keys: #{nil_options.join(', ')}"
       end
     end

data/net-ssh-public_cert.pem

@@ -1,21 +1,20 @@
 -----BEGIN CERTIFICATE-----
-MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBBMQ8wDQYDVQQDDAZuZXRz
-c2gxGTAXBgoJkiaJk/IsZAEZFglzb2x1dGlvdXMxEzARBgoJkiaJk/IsZAEZFgNj
-b20wHhcNMTYxMjE1MTgwNTIyWhcNMTcxMjE1MTgwNTIyWjBBMQ8wDQYDVQQDDAZu
-ZXRzc2gxGTAXBgoJkiaJk/IsZAEZFglzb2x1dGlvdXMxEzARBgoJkiaJk/IsZAEZ
-FgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGJ4TbZ9H+qZ08
-pQfJhPJTHaDCyQvCsKTFrL5O9z3tllQ7B/zksMMM+qFBpNYu9HCcg4yBATacE/PB
-qVVyUrpr6lbH/XwoN5ljXm+bdCfmnjZvTCL2FTE6o+bcnaF0IsJyC0Q2B1fbWdXN
-6Off1ZWoUk6We2BIM1bn6QJLxBpGyYhvOPXsYoqSuzDf2SJDDsWFZ8kV5ON13Ohm
-JbBzn0oD8HF8FuYOewwsC0C1q4w7E5GtvHcQ5juweS7+RKsyDcVcVrLuNzoGRttS
-KP4yMn+TzaXijyjRg7gECfJr3TGASaA4bQsILFGG5dAWcwO4OMrZedR7SHj/o0Kf
-3gL7P0axAgMBAAGjezB5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
-BBQF8qLA7Z4zg0SJGtUbv3eoQ8tjIzAfBgNVHREEGDAWgRRuZXRzc2hAc29sdXRp
-b3VzLmNvbTAfBgNVHRIEGDAWgRRuZXRzc2hAc29sdXRpb3VzLmNvbTANBgkqhkiG
-9w0BAQUFAAOCAQEATd8If+Ytmhf5lELy24j76ahGv64m518WTCdV2nIViGXB2BnV
-uLQylGRb1rcgUS3Eh9TE28hqrfhotKS6a96qF9kN0mY2H6UwPWswJ+tj3gA1vLW8
-wlZNlYGJ91Ig9zULPSbATyOOprUZyggy5p1260BaaI3LQYDeGJOSqpHCVu+TuMcy
-k00ofiLT1crDSUl2WE/OIFK8AXpmd798AMsef8okHeoo+Dj7zCXn0VSimN+MO1mE
-L4d54WIy4HkZCqQXoTSiK5HZMIdXkPk3F1bZdJ8Dy1sMRru0rUkkM5mW7TQ75mfW
-Zp0QrZyNZhtitrXFbZneGRrIA/8G2Krft5Ly/A==
+MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDDBpuZXRz
+c2gvREM9c29sdXRpb3VzL0RDPWNvbTAeFw0yMTA4MTAwODMyMzBaFw0yMjA4MTAw
+ODMyMzBaMCUxIzAhBgNVBAMMGm5ldHNzaC9EQz1zb2x1dGlvdXMvREM9Y29tMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxieE22fR/qmdPKUHyYTyUx2g
+wskLwrCkxay+Tvc97ZZUOwf85LDDDPqhQaTWLvRwnIOMgQE2nBPzwalVclK6a+pW
+x/18KDeZY15vm3Qn5p42b0wi9hUxOqPm3J2hdCLCcgtENgdX21nVzejn39WVqFJO
+lntgSDNW5+kCS8QaRsmIbzj17GKKkrsw39kiQw7FhWfJFeTjddzoZiWwc59KA/Bx
+fBbmDnsMLAtAtauMOxORrbx3EOY7sHku/kSrMg3FXFay7jc6BkbbUij+MjJ/k82l
+4o8o0YO4BAnya90xgEmgOG0LCCxRhuXQFnMDuDjK2XnUe0h4/6NCn94C+z9GsQID
+AQABo3sweTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQUBfKiwO2e
+M4NEiRrVG793qEPLYyMwHwYDVR0RBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20w
+HwYDVR0SBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20wDQYJKoZIhvcNAQELBQAD
+ggEBABRChgo0Jo+iXSnTpODNongzZoU0sWqwx3/FQVo8nyAyr1qFuiqpSPb4bDbU
+DsVnUn3t0X/gGA8qJhutlmfTpEQCjUeyj2x9rWpD3lvttlGWV6btQ0qN4Dfc2gsw
+rCp9Jpful0HGWhiwfjWfsarqAdtLzIG0UC47IN7LGeCMRJIijOsXQhiZ915eNBEw
+g9+WSSGHkMFt/7vi2pFkvXSC0+RF8ovvRWf4Zw2aYXtJ1GElgi4ZS/s6ZU0gmv20
+i4SfC5m5UXIVZvOBYiMuZ/1B2m6R9xU41027zfOVwRFNtlVDiNfQRq6sDmz44At/
+dv8pkxXDgySe41vzlRXFsgIgz5A=
 -----END CERTIFICATE-----

data/net-ssh.gemspec

@@ -1,4 +1,3 @@
-# coding: utf-8
 require_relative 'lib/net/ssh/version'
 
 Gem::Specification.new do |spec|
@@ -16,11 +15,14 @@ Gem::Specification.new do |spec|
   spec.description   = %q{Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2.}
   spec.homepage      = "https://github.com/net-ssh/net-ssh"
   spec.license       = "MIT"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.0")
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.6")
+  spec.metadata = {
+    "changelog_uri" => "https://github.com/net-ssh/net-ssh/blob/master/CHANGES.txt"
+  }
 
   spec.extra_rdoc_files = [
     "LICENSE.txt",
-    "README.rdoc"
+    "README.md"
   ]
 
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
@@ -28,16 +30,15 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  unless ENV['NET_SSH_NO_RBNACL']
-    spec.add_development_dependency("rbnacl-libsodium", "~> 1.0.11")
-    spec.add_development_dependency("rbnacl", ['>= 3.2.0','< 5.0'])
+  unless ENV['NET_SSH_NO_ED25519']
     spec.add_development_dependency("bcrypt_pbkdf", "~> 1.0") unless RUBY_PLATFORM == "java"
+    spec.add_development_dependency("ed25519", "~> 1.2")
+    spec.add_development_dependency('x25519') unless RUBY_PLATFORM == 'java'
   end
 
-  spec.add_development_dependency "bundler", "~> 1.11"
-
-  spec.add_development_dependency "rake", "~> 12.0"
+  spec.add_development_dependency "bundler", ">= 1.17"
   spec.add_development_dependency "minitest", "~> 5.10"
-  spec.add_development_dependency "rubocop", "~> 0.47.0"
-  spec.add_development_dependency "mocha", ">= 1.2.1"
+  spec.add_development_dependency "mocha", "~> 1.11.2"
+  spec.add_development_dependency "rake", "~> 12.0"
+  spec.add_development_dependency "rubocop", "~> 1.28.0"
 end

data/support/ssh_tunnel_bug.rb

@@ -15,12 +15,12 @@
 #       visible_hostname netsshtest
 #     * Start squid squid -N -d 1 -D
 # * Run this script
-# * Configure browser proxy to use localhost with LOCAL_PORT. 
+# * Configure browser proxy to use localhost with LOCAL_PORT.
 # * Load any page, wait for it to load fully. If the page loads
 #   correctly, move on. If not, something needs to be corrected.
 # * Refresh the page several times. This should cause this
 #   script to failed with the error: "closed stream". You may
-#   need to try a few times. 
+#   need to try a few times.
 #
 
 require 'highline/import'
@@ -37,10 +37,10 @@ pass = ask("Password: ") { |q| q.echo = "*" }
 puts "Configure your browser proxy to localhost:#{LOCAL_PORT}"
 
 begin
-  session = Net::SSH.start(host, user, password: pass)  
+  session = Net::SSH.start(host, user, password: pass)
   session.forward.local(LOCAL_PORT, host, PROXY_PORT)
-  session.loop{true}
-rescue => e
+  session.loop {true}
+rescue StandardError => e
   puts e.message
   puts e.backtrace
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: net-ssh
 version: !ruby/object:Gem::Version
-  version: 4.2.0
+  version: 7.0.1
 platform: ruby
 authors:
 - Jamis Buck
@@ -12,146 +12,139 @@ bindir: exe
 cert_chain:
 - |
   -----BEGIN CERTIFICATE-----
-  MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBBMQ8wDQYDVQQDDAZuZXRz
-  c2gxGTAXBgoJkiaJk/IsZAEZFglzb2x1dGlvdXMxEzARBgoJkiaJk/IsZAEZFgNj
-  b20wHhcNMTYxMjE1MTgwNTIyWhcNMTcxMjE1MTgwNTIyWjBBMQ8wDQYDVQQDDAZu
-  ZXRzc2gxGTAXBgoJkiaJk/IsZAEZFglzb2x1dGlvdXMxEzARBgoJkiaJk/IsZAEZ
-  FgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGJ4TbZ9H+qZ08
-  pQfJhPJTHaDCyQvCsKTFrL5O9z3tllQ7B/zksMMM+qFBpNYu9HCcg4yBATacE/PB
-  qVVyUrpr6lbH/XwoN5ljXm+bdCfmnjZvTCL2FTE6o+bcnaF0IsJyC0Q2B1fbWdXN
-  6Off1ZWoUk6We2BIM1bn6QJLxBpGyYhvOPXsYoqSuzDf2SJDDsWFZ8kV5ON13Ohm
-  JbBzn0oD8HF8FuYOewwsC0C1q4w7E5GtvHcQ5juweS7+RKsyDcVcVrLuNzoGRttS
-  KP4yMn+TzaXijyjRg7gECfJr3TGASaA4bQsILFGG5dAWcwO4OMrZedR7SHj/o0Kf
-  3gL7P0axAgMBAAGjezB5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
-  BBQF8qLA7Z4zg0SJGtUbv3eoQ8tjIzAfBgNVHREEGDAWgRRuZXRzc2hAc29sdXRp
-  b3VzLmNvbTAfBgNVHRIEGDAWgRRuZXRzc2hAc29sdXRpb3VzLmNvbTANBgkqhkiG
-  9w0BAQUFAAOCAQEATd8If+Ytmhf5lELy24j76ahGv64m518WTCdV2nIViGXB2BnV
-  uLQylGRb1rcgUS3Eh9TE28hqrfhotKS6a96qF9kN0mY2H6UwPWswJ+tj3gA1vLW8
-  wlZNlYGJ91Ig9zULPSbATyOOprUZyggy5p1260BaaI3LQYDeGJOSqpHCVu+TuMcy
-  k00ofiLT1crDSUl2WE/OIFK8AXpmd798AMsef8okHeoo+Dj7zCXn0VSimN+MO1mE
-  L4d54WIy4HkZCqQXoTSiK5HZMIdXkPk3F1bZdJ8Dy1sMRru0rUkkM5mW7TQ75mfW
-  Zp0QrZyNZhtitrXFbZneGRrIA/8G2Krft5Ly/A==
+  MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDDBpuZXRz
+  c2gvREM9c29sdXRpb3VzL0RDPWNvbTAeFw0yMTA4MTAwODMyMzBaFw0yMjA4MTAw
+  ODMyMzBaMCUxIzAhBgNVBAMMGm5ldHNzaC9EQz1zb2x1dGlvdXMvREM9Y29tMIIB
+  IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxieE22fR/qmdPKUHyYTyUx2g
+  wskLwrCkxay+Tvc97ZZUOwf85LDDDPqhQaTWLvRwnIOMgQE2nBPzwalVclK6a+pW
+  x/18KDeZY15vm3Qn5p42b0wi9hUxOqPm3J2hdCLCcgtENgdX21nVzejn39WVqFJO
+  lntgSDNW5+kCS8QaRsmIbzj17GKKkrsw39kiQw7FhWfJFeTjddzoZiWwc59KA/Bx
+  fBbmDnsMLAtAtauMOxORrbx3EOY7sHku/kSrMg3FXFay7jc6BkbbUij+MjJ/k82l
+  4o8o0YO4BAnya90xgEmgOG0LCCxRhuXQFnMDuDjK2XnUe0h4/6NCn94C+z9GsQID
+  AQABo3sweTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQUBfKiwO2e
+  M4NEiRrVG793qEPLYyMwHwYDVR0RBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20w
+  HwYDVR0SBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20wDQYJKoZIhvcNAQELBQAD
+  ggEBABRChgo0Jo+iXSnTpODNongzZoU0sWqwx3/FQVo8nyAyr1qFuiqpSPb4bDbU
+  DsVnUn3t0X/gGA8qJhutlmfTpEQCjUeyj2x9rWpD3lvttlGWV6btQ0qN4Dfc2gsw
+  rCp9Jpful0HGWhiwfjWfsarqAdtLzIG0UC47IN7LGeCMRJIijOsXQhiZ915eNBEw
+  g9+WSSGHkMFt/7vi2pFkvXSC0+RF8ovvRWf4Zw2aYXtJ1GElgi4ZS/s6ZU0gmv20
+  i4SfC5m5UXIVZvOBYiMuZ/1B2m6R9xU41027zfOVwRFNtlVDiNfQRq6sDmz44At/
+  dv8pkxXDgySe41vzlRXFsgIgz5A=
   -----END CERTIFICATE-----
-date: 2017-09-06 00:00:00.000000000 Z
+date: 2022-06-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rbnacl-libsodium
+  name: bcrypt_pbkdf
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.0.11
+        version: '1.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.0.11
+        version: '1.0'
 - !ruby/object:Gem::Dependency
-  name: rbnacl
+  name: ed25519
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.2.0
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '1.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.2.0
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '1.2'
 - !ruby/object:Gem::Dependency
-  name: bcrypt_pbkdf
+  name: x25519
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.11'
+        version: '1.17'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.11'
+        version: '1.17'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '5.10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '5.10'
 - !ruby/object:Gem::Dependency
-  name: minitest
+  name: mocha
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.10'
+        version: 1.11.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.10'
+        version: 1.11.2
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.47.0
+        version: '12.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.47.0
+        version: '12.0'
 - !ruby/object:Gem::Dependency
-  name: mocha
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.1
+        version: 1.28.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.1
+        version: 1.28.0
 description: 'Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It
   allows you to write programs that invoke and interact with processes on remote servers,
   via SSH2.'
@@ -161,23 +154,29 @@ executables: []
 extensions: []
 extra_rdoc_files:
 - LICENSE.txt
-- README.rdoc
+- README.md
 files:
+- ".dockerignore"
+- ".github/config/rubocop_linter_action.yml"
+- ".github/workflows/ci-with-docker.yml"
+- ".github/workflows/ci.yml"
+- ".github/workflows/rubocop.yml"
 - ".gitignore"
 - ".rubocop.yml"
 - ".rubocop_todo.yml"
-- ".travis.yml"
 - CHANGES.txt
+- Dockerfile
+- Dockerfile.openssl3
 - Gemfile
-- Gemfile.norbnacl
-- Gemfile.norbnacl.lock
+- Gemfile.noed25519
 - ISSUE_TEMPLATE.md
 - LICENSE.txt
 - Manifest
-- README.rdoc
+- README.md
 - Rakefile
 - THANKS.txt
 - appveyor.yml
+- docker-compose.yml
 - lib/net/ssh.rb
 - lib/net/ssh/authentication/agent.rb
 - lib/net/ssh/authentication/certificate.rb
@@ -192,6 +191,7 @@ files:
 - lib/net/ssh/authentication/methods/password.rb
 - lib/net/ssh/authentication/methods/publickey.rb
 - lib/net/ssh/authentication/pageant.rb
+- lib/net/ssh/authentication/pub_key_fingerprint.rb
 - lib/net/ssh/authentication/session.rb
 - lib/net/ssh/buffer.rb
 - lib/net/ssh/buffered_io.rb
@@ -215,7 +215,6 @@ files:
 - lib/net/ssh/proxy/jump.rb
 - lib/net/ssh/proxy/socks4.rb
 - lib/net/ssh/proxy/socks5.rb
-- lib/net/ssh/ruby_compat.rb
 - lib/net/ssh/service/forward.rb
 - lib/net/ssh/test.rb
 - lib/net/ssh/test/channel.rb
@@ -240,11 +239,18 @@ files:
 - lib/net/ssh/transport/hmac/sha1_96.rb
 - lib/net/ssh/transport/hmac/sha2_256.rb
 - lib/net/ssh/transport/hmac/sha2_256_96.rb
+- lib/net/ssh/transport/hmac/sha2_256_etm.rb
 - lib/net/ssh/transport/hmac/sha2_512.rb
 - lib/net/ssh/transport/hmac/sha2_512_96.rb
+- lib/net/ssh/transport/hmac/sha2_512_etm.rb
 - lib/net/ssh/transport/identity_cipher.rb
 - lib/net/ssh/transport/kex.rb
+- lib/net/ssh/transport/kex/abstract.rb
+- lib/net/ssh/transport/kex/abstract5656.rb
+- lib/net/ssh/transport/kex/curve25519_sha256.rb
+- lib/net/ssh/transport/kex/curve25519_sha256_loader.rb
 - lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb
+- lib/net/ssh/transport/kex/diffie_hellman_group14_sha256.rb
 - lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb
 - lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb
 - lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb
@@ -257,19 +263,19 @@ files:
 - lib/net/ssh/transport/server_version.rb
 - lib/net/ssh/transport/session.rb
 - lib/net/ssh/transport/state.rb
-- lib/net/ssh/verifiers/lenient.rb
-- lib/net/ssh/verifiers/null.rb
-- lib/net/ssh/verifiers/secure.rb
-- lib/net/ssh/verifiers/strict.rb
+- lib/net/ssh/verifiers/accept_new.rb
+- lib/net/ssh/verifiers/accept_new_or_local_tunnel.rb
+- lib/net/ssh/verifiers/always.rb
+- lib/net/ssh/verifiers/never.rb
 - lib/net/ssh/version.rb
 - net-ssh-public_cert.pem
 - net-ssh.gemspec
-- support/arcfour_check.rb
 - support/ssh_tunnel_bug.rb
 homepage: https://github.com/net-ssh/net-ssh
 licenses:
 - MIT
-metadata: {}
+metadata:
+  changelog_uri: https://github.com/net-ssh/net-ssh/blob/master/CHANGES.txt
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -278,15 +284,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.0'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.10
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: 'Net::SSH: a pure-Ruby implementation of the SSH2 client protocol.'