net-ssh 5.0.0.beta1 → 5.0.0.beta2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (87) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/.rubocop_todo.yml +98 -258
  5. data/CHANGES.txt +8 -0
  6. data/Gemfile +1 -3
  7. data/Rakefile +37 -39
  8. data/lib/net/ssh.rb +26 -25
  9. data/lib/net/ssh/authentication/agent.rb +228 -225
  10. data/lib/net/ssh/authentication/certificate.rb +166 -164
  11. data/lib/net/ssh/authentication/constants.rb +17 -14
  12. data/lib/net/ssh/authentication/ed25519.rb +107 -104
  13. data/lib/net/ssh/authentication/ed25519_loader.rb +32 -28
  14. data/lib/net/ssh/authentication/key_manager.rb +5 -3
  15. data/lib/net/ssh/authentication/methods/abstract.rb +53 -47
  16. data/lib/net/ssh/authentication/methods/hostbased.rb +32 -33
  17. data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +2 -4
  18. data/lib/net/ssh/authentication/methods/none.rb +10 -10
  19. data/lib/net/ssh/authentication/methods/password.rb +13 -13
  20. data/lib/net/ssh/authentication/methods/publickey.rb +54 -55
  21. data/lib/net/ssh/authentication/pageant.rb +468 -465
  22. data/lib/net/ssh/authentication/pub_key_fingerprint.rb +44 -0
  23. data/lib/net/ssh/authentication/session.rb +127 -123
  24. data/lib/net/ssh/buffer.rb +305 -303
  25. data/lib/net/ssh/buffered_io.rb +163 -162
  26. data/lib/net/ssh/config.rb +230 -227
  27. data/lib/net/ssh/connection/channel.rb +659 -654
  28. data/lib/net/ssh/connection/constants.rb +30 -26
  29. data/lib/net/ssh/connection/event_loop.rb +108 -104
  30. data/lib/net/ssh/connection/keepalive.rb +54 -50
  31. data/lib/net/ssh/connection/session.rb +677 -678
  32. data/lib/net/ssh/connection/term.rb +180 -176
  33. data/lib/net/ssh/errors.rb +101 -99
  34. data/lib/net/ssh/key_factory.rb +108 -108
  35. data/lib/net/ssh/known_hosts.rb +148 -154
  36. data/lib/net/ssh/loggable.rb +56 -54
  37. data/lib/net/ssh/packet.rb +82 -78
  38. data/lib/net/ssh/prompt.rb +55 -53
  39. data/lib/net/ssh/proxy/command.rb +103 -102
  40. data/lib/net/ssh/proxy/errors.rb +12 -8
  41. data/lib/net/ssh/proxy/http.rb +92 -91
  42. data/lib/net/ssh/proxy/https.rb +42 -39
  43. data/lib/net/ssh/proxy/jump.rb +50 -47
  44. data/lib/net/ssh/proxy/socks4.rb +0 -2
  45. data/lib/net/ssh/proxy/socks5.rb +11 -11
  46. data/lib/net/ssh/ruby_compat.rb +1 -0
  47. data/lib/net/ssh/service/forward.rb +364 -362
  48. data/lib/net/ssh/test.rb +85 -83
  49. data/lib/net/ssh/test/channel.rb +146 -142
  50. data/lib/net/ssh/test/extensions.rb +148 -146
  51. data/lib/net/ssh/test/kex.rb +35 -31
  52. data/lib/net/ssh/test/local_packet.rb +48 -44
  53. data/lib/net/ssh/test/packet.rb +87 -84
  54. data/lib/net/ssh/test/remote_packet.rb +35 -31
  55. data/lib/net/ssh/test/script.rb +173 -171
  56. data/lib/net/ssh/test/socket.rb +59 -55
  57. data/lib/net/ssh/transport/algorithms.rb +413 -412
  58. data/lib/net/ssh/transport/cipher_factory.rb +108 -105
  59. data/lib/net/ssh/transport/constants.rb +35 -31
  60. data/lib/net/ssh/transport/ctr.rb +1 -1
  61. data/lib/net/ssh/transport/hmac.rb +1 -1
  62. data/lib/net/ssh/transport/hmac/abstract.rb +67 -64
  63. data/lib/net/ssh/transport/hmac/sha2_256_96.rb +1 -1
  64. data/lib/net/ssh/transport/hmac/sha2_512_96.rb +1 -1
  65. data/lib/net/ssh/transport/identity_cipher.rb +55 -51
  66. data/lib/net/ssh/transport/kex.rb +2 -4
  67. data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +47 -40
  68. data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +201 -197
  69. data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +53 -56
  70. data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +94 -87
  71. data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +17 -10
  72. data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +17 -10
  73. data/lib/net/ssh/transport/key_expander.rb +29 -25
  74. data/lib/net/ssh/transport/openssl.rb +17 -30
  75. data/lib/net/ssh/transport/packet_stream.rb +193 -192
  76. data/lib/net/ssh/transport/server_version.rb +64 -66
  77. data/lib/net/ssh/transport/session.rb +286 -284
  78. data/lib/net/ssh/transport/state.rb +198 -196
  79. data/lib/net/ssh/verifiers/lenient.rb +29 -25
  80. data/lib/net/ssh/verifiers/null.rb +13 -9
  81. data/lib/net/ssh/verifiers/secure.rb +45 -45
  82. data/lib/net/ssh/verifiers/strict.rb +20 -16
  83. data/lib/net/ssh/version.rb +55 -53
  84. data/net-ssh.gemspec +4 -4
  85. data/support/ssh_tunnel_bug.rb +2 -2
  86. metadata +25 -24
  87. metadata.gz.sig +0 -0
@@ -1,30 +1,34 @@
1
- module Net; module SSH; module Authentication
2
-
3
- # Loads ED25519 support which requires optinal dependecies like
4
- # rbnacl, bcrypt_pbkdf
5
- module ED25519Loader
6
-
7
- begin
8
- require 'net/ssh/authentication/ed25519'
9
- LOADED = true
10
- ERROR = nil
11
- rescue LoadError => e
12
- ERROR = e
13
- LOADED = false
14
- end
15
-
16
- def self.raiseUnlessLoaded(message)
17
- description = ERROR.is_a?(LoadError) ? dependenciesRequiredForED25519 : ''
18
- description << "#{ERROR.class} : \"#{ERROR.message}\"\n" if ERROR
19
- raise NotImplementedError, "#{message}\n#{description}" unless LOADED
20
- end
21
-
22
- def self.dependenciesRequiredForED25519
23
- result = "net-ssh requires the following gems for ed25519 support:\n"
24
- result << " * ed25519 (>= 1.2, < 2.0)\n"
25
- result << " * bcrypt_pbkdf (>= 1.0, < 2.0)\n" unless RUBY_PLATFORM == "java"
26
- result << "See https://github.com/net-ssh/net-ssh/issues/565 for more information\n"
27
- end
1
+ module Net
2
+ module SSH
3
+ module Authentication
28
4
 
5
+ # Loads ED25519 support which requires optinal dependecies like
6
+ # rbnacl, bcrypt_pbkdf
7
+ module ED25519Loader
8
+
9
+ begin
10
+ require 'net/ssh/authentication/ed25519'
11
+ LOADED = true
12
+ ERROR = nil
13
+ rescue LoadError => e
14
+ ERROR = e
15
+ LOADED = false
16
+ end
17
+
18
+ def self.raiseUnlessLoaded(message)
19
+ description = ERROR.is_a?(LoadError) ? dependenciesRequiredForED25519 : ''
20
+ description << "#{ERROR.class} : \"#{ERROR.message}\"\n" if ERROR
21
+ raise NotImplementedError, "#{message}\n#{description}" unless LOADED
22
+ end
23
+
24
+ def self.dependenciesRequiredForED25519
25
+ result = "net-ssh requires the following gems for ed25519 support:\n"
26
+ result << " * ed25519 (>= 1.2, < 2.0)\n"
27
+ result << " * bcrypt_pbkdf (>= 1.0, < 2.0)\n" unless RUBY_PLATFORM == "java"
28
+ result << "See https://github.com/net-ssh/net-ssh/issues/565 for more information\n"
29
+ end
30
+
31
+ end
32
+ end
33
+ end
29
34
  end
30
- end; end; end
@@ -43,7 +43,7 @@ module Net
43
43
  self.logger = logger
44
44
  @key_files = []
45
45
  @key_data = []
46
- @use_agent = !(options[:use_agent] == false)
46
+ @use_agent = options[:use_agent] != false
47
47
  @known_identities = {}
48
48
  @agent = nil
49
49
  @options = options
@@ -182,6 +182,10 @@ module Net
182
182
  nil
183
183
  end
184
184
 
185
+ def no_keys?
186
+ key_files.empty? && key_data.empty?
187
+ end
188
+
185
189
  private
186
190
 
187
191
  # Prepares identities from user key_files for loading, preserving their order and sources.
@@ -235,7 +239,6 @@ module Net
235
239
  else
236
240
  identity
237
241
  end
238
-
239
242
  rescue OpenSSL::PKey::RSAError, OpenSSL::PKey::DSAError, OpenSSL::PKey::ECError, OpenSSL::PKey::PKeyError, ArgumentError => e
240
243
  if ignore_decryption_errors
241
244
  identity
@@ -260,7 +263,6 @@ module Net
260
263
  raise e
261
264
  end
262
265
  end
263
-
264
266
  end
265
267
  end
266
268
  end
@@ -3,62 +3,68 @@ require 'net/ssh/errors'
3
3
  require 'net/ssh/loggable'
4
4
  require 'net/ssh/authentication/constants'
5
5
 
6
- module Net; module SSH; module Authentication; module Methods
6
+ module Net
7
+ module SSH
8
+ module Authentication
9
+ module Methods
7
10
 
8
- # The base class of all user authentication methods. It provides a few
9
- # bits of common functionality.
10
- class Abstract
11
- include Constants, Loggable
11
+ # The base class of all user authentication methods. It provides a few
12
+ # bits of common functionality.
13
+ class Abstract
14
+ include Loggable
15
+ include Constants
12
16
 
13
- # The authentication session object
14
- attr_reader :session
17
+ # The authentication session object
18
+ attr_reader :session
15
19
 
16
- # The key manager object. Not all authentication methods will require
17
- # this.
18
- attr_reader :key_manager
20
+ # The key manager object. Not all authentication methods will require
21
+ # this.
22
+ attr_reader :key_manager
19
23
 
20
- # Instantiates a new authentication method.
21
- def initialize(session, options={})
22
- @session = session
23
- @key_manager = options[:key_manager]
24
- @options = options
25
- @prompt = options[:password_prompt]
26
- self.logger = session.logger
27
- end
24
+ # Instantiates a new authentication method.
25
+ def initialize(session, options={})
26
+ @session = session
27
+ @key_manager = options[:key_manager]
28
+ @options = options
29
+ @prompt = options[:password_prompt]
30
+ self.logger = session.logger
31
+ end
28
32
 
29
- # Returns the session-id, as generated during the first key exchange of
30
- # an SSH connection.
31
- def session_id
32
- session.transport.algorithms.session_id
33
- end
33
+ # Returns the session-id, as generated during the first key exchange of
34
+ # an SSH connection.
35
+ def session_id
36
+ session.transport.algorithms.session_id
37
+ end
34
38
 
35
- # Sends a message via the underlying transport layer abstraction. This
36
- # will block until the message is completely sent.
37
- def send_message(msg)
38
- session.transport.send_message(msg)
39
- end
39
+ # Sends a message via the underlying transport layer abstraction. This
40
+ # will block until the message is completely sent.
41
+ def send_message(msg)
42
+ session.transport.send_message(msg)
43
+ end
40
44
 
41
- # Creates a new USERAUTH_REQUEST packet. The extra arguments on the end
42
- # must be either boolean values or strings, and are tacked onto the end
43
- # of the packet. The new packet is returned, ready for sending.
44
- def userauth_request(username, next_service, auth_method, *others)
45
- buffer = Net::SSH::Buffer.from(:byte, USERAUTH_REQUEST,
46
- :string, username, :string, next_service, :string, auth_method)
45
+ # Creates a new USERAUTH_REQUEST packet. The extra arguments on the end
46
+ # must be either boolean values or strings, and are tacked onto the end
47
+ # of the packet. The new packet is returned, ready for sending.
48
+ def userauth_request(username, next_service, auth_method, *others)
49
+ buffer = Net::SSH::Buffer.from(:byte, USERAUTH_REQUEST,
50
+ :string, username, :string, next_service, :string, auth_method)
47
51
 
48
- others.each do |value|
49
- case value
50
- when true, false then buffer.write_bool(value)
51
- when String then buffer.write_string(value)
52
- else raise ArgumentError, "don't know how to write #{value.inspect}"
53
- end
54
- end
52
+ others.each do |value|
53
+ case value
54
+ when true, false then buffer.write_bool(value)
55
+ when String then buffer.write_string(value)
56
+ else raise ArgumentError, "don't know how to write #{value.inspect}"
57
+ end
58
+ end
55
59
 
56
- buffer
57
- end
60
+ buffer
61
+ end
58
62
 
59
- private
63
+ private
60
64
 
61
- attr_reader :prompt
65
+ attr_reader :prompt
66
+ end
67
+ end
68
+ end
62
69
  end
63
-
64
- end; end; end; end
70
+ end
@@ -24,49 +24,48 @@ module Net
24
24
 
25
25
  private
26
26
 
27
- # Returns the hostname as reported by the underlying socket.
28
- def hostname
29
- session.transport.socket.client_name
30
- end
31
-
32
- # Attempts to perform host-based authentication of the user, using
33
- # the given host identity (key).
34
- def authenticate_with(identity, next_service, username, key_manager)
35
- debug { "trying hostbased (#{identity.fingerprint})" }
36
- client_username = ENV['USER'] || username
27
+ # Returns the hostname as reported by the underlying socket.
28
+ def hostname
29
+ session.transport.socket.client_name
30
+ end
37
31
 
38
- req = build_request(identity, next_service, username, "#{hostname}.", client_username)
39
- sig_data = Buffer.from(:string, session_id, :raw, req)
32
+ # Attempts to perform host-based authentication of the user, using
33
+ # the given host identity (key).
34
+ def authenticate_with(identity, next_service, username, key_manager)
35
+ debug { "trying hostbased (#{identity.fingerprint})" }
36
+ client_username = ENV['USER'] || username
40
37
 
41
- sig = key_manager.sign(identity, sig_data.to_s)
38
+ req = build_request(identity, next_service, username, "#{hostname}.", client_username)
39
+ sig_data = Buffer.from(:string, session_id, :raw, req)
42
40
 
43
- message = Buffer.from(:raw, req, :string, sig)
41
+ sig = key_manager.sign(identity, sig_data.to_s)
44
42
 
45
- send_message(message)
46
- message = session.next_message
43
+ message = Buffer.from(:raw, req, :string, sig)
47
44
 
48
- case message.type
49
- when USERAUTH_SUCCESS
50
- info { "hostbased succeeded (#{identity.fingerprint})" }
51
- return true
52
- when USERAUTH_FAILURE
53
- info { "hostbased failed (#{identity.fingerprint})" }
45
+ send_message(message)
46
+ message = session.next_message
54
47
 
55
- raise Net::SSH::Authentication::DisallowedMethod unless
56
- message[:authentications].split(/,/).include? 'hostbased'
48
+ case message.type
49
+ when USERAUTH_SUCCESS
50
+ info { "hostbased succeeded (#{identity.fingerprint})" }
51
+ return true
52
+ when USERAUTH_FAILURE
53
+ info { "hostbased failed (#{identity.fingerprint})" }
57
54
 
58
- return false
59
- else
60
- raise Net::SSH::Exception, "unexpected server response to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
61
- end
62
- end
55
+ raise Net::SSH::Authentication::DisallowedMethod unless
56
+ message[:authentications].split(/,/).include? 'hostbased'
63
57
 
64
- # Build the "core" hostbased request string.
65
- def build_request(identity, next_service, username, hostname, client_username)
66
- userauth_request(username, next_service, "hostbased", identity.ssh_type,
67
- Buffer.from(:key, identity).to_s, hostname, client_username).to_s
58
+ return false
59
+ else
60
+ raise Net::SSH::Exception, "unexpected server response to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
68
61
  end
62
+ end
69
63
 
64
+ # Build the "core" hostbased request string.
65
+ def build_request(identity, next_service, username, hostname, client_username)
66
+ userauth_request(username, next_service, "hostbased", identity.ssh_type,
67
+ Buffer.from(:key, identity).to_s, hostname, client_username).to_s
68
+ end
70
69
  end
71
70
 
72
71
  end
@@ -40,12 +40,10 @@ module Net
40
40
  instruction = message.read_string
41
41
  debug { "keyboard-interactive info request" }
42
42
 
43
- if password.nil? && interactive? && prompter.nil?
44
- prompter = prompt.start(type: 'keyboard-interactive', name: name, instruction: instruction)
45
- end
43
+ prompter = prompt.start(type: 'keyboard-interactive', name: name, instruction: instruction) if password.nil? && interactive? && prompter.nil?
46
44
 
47
45
  _ = message.read_string # lang_tag
48
- responses =[]
46
+ responses = []
49
47
 
50
48
  message.read_long.times do
51
49
  text = message.read_string
@@ -14,18 +14,18 @@ module Net
14
14
  message = session.next_message
15
15
 
16
16
  case message.type
17
- when USERAUTH_SUCCESS
18
- debug { "none succeeded" }
19
- return true
20
- when USERAUTH_FAILURE
21
- debug { "none failed" }
17
+ when USERAUTH_SUCCESS
18
+ debug { "none succeeded" }
19
+ return true
20
+ when USERAUTH_FAILURE
21
+ debug { "none failed" }
22
22
 
23
- raise Net::SSH::Authentication::DisallowedMethod unless
24
- message[:authentications].split(/,/).include? 'none'
23
+ raise Net::SSH::Authentication::DisallowedMethod unless
24
+ message[:authentications].split(/,/).include? 'none'
25
25
 
26
- return false
27
- else
28
- raise Net::SSH::Exception, "unexpected reply to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
26
+ return false
27
+ else
28
+ raise Net::SSH::Exception, "unexpected reply to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
29
29
  end
30
30
 
31
31
  end
@@ -14,7 +14,7 @@ module Net
14
14
  def authenticate(next_service, username, password=nil)
15
15
  clear_prompter!
16
16
  retries = 0
17
- max_retries = get_max_retries
17
+ max_retries = get_max_retries
18
18
  return false if !password && max_retries == 0
19
19
 
20
20
  begin
@@ -34,17 +34,17 @@ module Net
34
34
  end until (message.type != USERAUTH_FAILURE || retries >= max_retries)
35
35
 
36
36
  case message.type
37
- when USERAUTH_SUCCESS
38
- debug { "password succeeded" }
39
- @prompter.success if @prompter
40
- return true
41
- when USERAUTH_FAILURE
42
- return false
43
- when USERAUTH_PASSWD_CHANGEREQ
44
- debug { "password change request received, failing" }
45
- return false
46
- else
47
- raise Net::SSH::Exception, "unexpected reply to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
37
+ when USERAUTH_SUCCESS
38
+ debug { "password succeeded" }
39
+ @prompter.success if @prompter
40
+ return true
41
+ when USERAUTH_FAILURE
42
+ return false
43
+ when USERAUTH_PASSWD_CHANGEREQ
44
+ debug { "password change request received, failing" }
45
+ return false
46
+ else
47
+ raise Net::SSH::Exception, "unexpected reply to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
48
48
  end
49
49
  end
50
50
 
@@ -59,7 +59,7 @@ module Net
59
59
 
60
60
  def ask_password(username)
61
61
  host = session.transport.host
62
- prompt_info = {type: 'password', user: username, host: host}
62
+ prompt_info = { type: 'password', user: username, host: host }
63
63
  if @prompt_info != prompt_info
64
64
  @prompt_info = prompt_info
65
65
  @prompter = prompt.start(prompt_info)
@@ -25,69 +25,68 @@ module Net
25
25
 
26
26
  private
27
27
 
28
- # Builds a packet that contains the request formatted for sending
29
- # a public-key request to the server.
30
- def build_request(pub_key, username, next_service, has_sig)
31
- blob = Net::SSH::Buffer.new
32
- blob.write_key pub_key
33
-
34
- userauth_request(username, next_service, "publickey", has_sig,
35
- pub_key.ssh_type, blob.to_s)
36
- end
28
+ # Builds a packet that contains the request formatted for sending
29
+ # a public-key request to the server.
30
+ def build_request(pub_key, username, next_service, has_sig)
31
+ blob = Net::SSH::Buffer.new
32
+ blob.write_key pub_key
33
+
34
+ userauth_request(username, next_service, "publickey", has_sig,
35
+ pub_key.ssh_type, blob.to_s)
36
+ end
37
37
 
38
- # Builds and sends a request formatted for a public-key
39
- # authentication request.
40
- def send_request(pub_key, username, next_service, signature=nil)
41
- msg = build_request(pub_key, username, next_service, !signature.nil?)
42
- msg.write_string(signature) if signature
43
- send_message(msg)
44
- end
38
+ # Builds and sends a request formatted for a public-key
39
+ # authentication request.
40
+ def send_request(pub_key, username, next_service, signature=nil)
41
+ msg = build_request(pub_key, username, next_service, !signature.nil?)
42
+ msg.write_string(signature) if signature
43
+ send_message(msg)
44
+ end
45
+
46
+ # Attempts to perform public-key authentication for the given
47
+ # username, with the given identity (public key). Returns +true+ if
48
+ # successful, or +false+ otherwise.
49
+ def authenticate_with(identity, next_service, username)
50
+ debug { "trying publickey (#{identity.fingerprint})" }
51
+ send_request(identity, username, next_service)
45
52
 
46
- # Attempts to perform public-key authentication for the given
47
- # username, with the given identity (public key). Returns +true+ if
48
- # successful, or +false+ otherwise.
49
- def authenticate_with(identity, next_service, username)
50
- debug { "trying publickey (#{identity.fingerprint})" }
51
- send_request(identity, username, next_service)
53
+ message = session.next_message
52
54
 
55
+ case message.type
56
+ when USERAUTH_PK_OK
57
+ buffer = build_request(identity, username, next_service, true)
58
+ sig_data = Net::SSH::Buffer.new
59
+ sig_data.write_string(session_id)
60
+ sig_data.append(buffer.to_s)
61
+
62
+ sig_blob = key_manager.sign(identity, sig_data)
63
+
64
+ send_request(identity, username, next_service, sig_blob.to_s)
53
65
  message = session.next_message
54
66
 
55
67
  case message.type
56
- when USERAUTH_PK_OK
57
- buffer = build_request(identity, username, next_service, true)
58
- sig_data = Net::SSH::Buffer.new
59
- sig_data.write_string(session_id)
60
- sig_data.append(buffer.to_s)
61
-
62
- sig_blob = key_manager.sign(identity, sig_data)
63
-
64
- send_request(identity, username, next_service, sig_blob.to_s)
65
- message = session.next_message
66
-
67
- case message.type
68
- when USERAUTH_SUCCESS
69
- debug { "publickey succeeded (#{identity.fingerprint})" }
70
- return true
71
- when USERAUTH_FAILURE
72
- debug { "publickey failed (#{identity.fingerprint})" }
73
-
74
- raise Net::SSH::Authentication::DisallowedMethod unless
75
- message[:authentications].split(/,/).include? 'publickey'
76
-
77
- return false
78
- else
79
- raise Net::SSH::Exception,
80
- "unexpected server response to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
81
- end
82
-
83
- when USERAUTH_FAILURE
84
- return false
85
-
86
- else
87
- raise Net::SSH::Exception, "unexpected reply to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
68
+ when USERAUTH_SUCCESS
69
+ debug { "publickey succeeded (#{identity.fingerprint})" }
70
+ return true
71
+ when USERAUTH_FAILURE
72
+ debug { "publickey failed (#{identity.fingerprint})" }
73
+
74
+ raise Net::SSH::Authentication::DisallowedMethod unless
75
+ message[:authentications].split(/,/).include? 'publickey'
76
+
77
+ return false
78
+ else
79
+ raise Net::SSH::Exception,
80
+ "unexpected server response to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
88
81
  end
89
- end
90
82
 
83
+ when USERAUTH_FAILURE
84
+ return false
85
+
86
+ else
87
+ raise Net::SSH::Exception, "unexpected reply to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
88
+ end
89
+ end
91
90
  end
92
91
 
93
92
  end