net-ssh 5.2.0 → 6.0.0

data/lib/net/ssh/transport/packet_stream.rb

@@ -1,7 +1,6 @@
 require 'net/ssh/buffered_io'
 require 'net/ssh/errors'
 require 'net/ssh/packet'
-require 'net/ssh/ruby_compat'
 require 'net/ssh/transport/cipher_factory'
 require 'net/ssh/transport/hmac'
 require 'net/ssh/transport/state'
@@ -130,7 +129,7 @@ module Net
           payload = client.compress(payload)
 
           # the length of the packet, minus the padding
-          actual_length = 4 + payload.bytesize + 1
+          actual_length = (client.hmac.etm ? 0 : 4) + payload.bytesize + 1
 
           # compute the padding length
           padding_length = client.block_size - (actual_length % client.block_size)
@@ -146,11 +145,32 @@ module Net
 
           padding = Array.new(padding_length) { rand(256) }.pack("C*")
 
-          unencrypted_data = [packet_length, padding_length, payload, padding].pack("NCA*A*")
-          mac = client.hmac.digest([client.sequence_number, unencrypted_data].pack("NA*"))
+          if client.hmac.etm
+            debug { "using encrypt-then-mac" }
 
-          encrypted_data = client.update_cipher(unencrypted_data) << client.final_cipher
-          message = encrypted_data + mac
+            # Encrypt padding_length, payload, and padding. Take MAC
+            # from the unencrypted packet_lenght and the encrypted
+            # data.
+            length_data = [packet_length].pack("N")
+
+            unencrypted_data = [padding_length, payload, padding].pack("CA*A*")
+
+            encrypted_data = client.update_cipher(unencrypted_data) << client.final_cipher
+
+            mac_data = length_data + encrypted_data
+
+            mac = client.hmac.digest([client.sequence_number, mac_data].pack("NA*"))
+
+            message = mac_data + mac
+          else
+            unencrypted_data = [packet_length, padding_length, payload, padding].pack("NCA*A*")
+
+            mac = client.hmac.digest([client.sequence_number, unencrypted_data].pack("NA*"))
+
+            encrypted_data = client.update_cipher(unencrypted_data) << client.final_cipher
+
+            message = encrypted_data + mac
+          end
 
           debug { "queueing packet nr #{client.sequence_number} type #{payload.getbyte(0)} len #{packet_length}" }
           enqueue(message)
@@ -196,17 +216,25 @@ module Net
         # algorithms specified in the server state object, and returned as a
         # new Packet object.
         def poll_next_packet
+          aad_length = server.hmac.etm ? 4 : 0
+
           if @packet.nil?
             minimum = server.block_size < 4 ? 4 : server.block_size
             return nil if available < minimum
-            data = read_available(minimum)
+            data = read_available(minimum + aad_length)
 
             # decipher it
-            @packet = Net::SSH::Buffer.new(server.update_cipher(data))
-            @packet_length = @packet.read_long
+            if server.hmac.etm
+              @packet_length = data.unpack("N").first
+              @mac_data = data
+              @packet = Net::SSH::Buffer.new(server.update_cipher(data[aad_length..-1]))
+            else
+              @packet = Net::SSH::Buffer.new(server.update_cipher(data))
+              @packet_length = @packet.read_long
+            end
           end
 
-          need = @packet_length + 4 - server.block_size
+          need = @packet_length + 4 - aad_length - server.block_size
           raise Net::SSH::Exception, "padding error, need #{need} block #{server.block_size}" if need % server.block_size != 0
 
           return nil if available < need + server.hmac.mac_length
@@ -214,6 +242,7 @@ module Net
           if need > 0
             # read the remainder of the packet and decrypt it.
             data = read_available(need)
+            @mac_data += data if server.hmac.etm
             @packet.append(server.update_cipher(data))
           end
 
@@ -226,7 +255,11 @@ module Net
 
           payload = @packet.read(@packet_length - padding_length - 1)
 
-          my_computed_hmac = server.hmac.digest([server.sequence_number, @packet.content].pack("NA*"))
+          my_computed_hmac = if server.hmac.etm
+                               server.hmac.digest([server.sequence_number, @mac_data].pack("NA*"))
+                             else
+                               server.hmac.digest([server.sequence_number, @packet.content].pack("NA*"))
+                             end
           raise Net::SSH::Exception, "corrupted hmac detected" if real_hmac != my_computed_hmac
 
           # try to decompress the payload, in case compression is active

data/lib/net/ssh/transport/state.rb

@@ -141,7 +141,7 @@ module Net
     
           @max_packets ||= 1 << 31
     
-          @block_size = cipher.name == "RC4" ? 8 : cipher.block_size
+          @block_size = cipher.block_size
     
           if max_blocks.nil?
             # cargo-culted from openssh. the idea is that "the 2^(blocksize*2)

data/lib/net/ssh/version.rb

@@ -46,10 +46,10 @@ module Net
       end
 
       # The major component of this version of the Net::SSH library
-      MAJOR = 5
+      MAJOR = 6
 
       # The minor component of this version of the Net::SSH library
-      MINOR = 2
+      MINOR = 0
 
       # The tiny component of this version of the Net::SSH library
       TINY  = 0

data/net-ssh-public_cert.pem

@@ -1,7 +1,7 @@
 -----BEGIN CERTIFICATE-----
 MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDDBpuZXRz
-c2gvREM9c29sdXRpb3VzL0RDPWNvbTAeFw0xOTAzMTEwOTQ1MzZaFw0yMDAzMTAw
-OTQ1MzZaMCUxIzAhBgNVBAMMGm5ldHNzaC9EQz1zb2x1dGlvdXMvREM9Y29tMIIB
+c2gvREM9c29sdXRpb3VzL0RDPWNvbTAeFw0yMDA0MTEwNTQyMTZaFw0yMTA0MTEw
+NTQyMTZaMCUxIzAhBgNVBAMMGm5ldHNzaC9EQz1zb2x1dGlvdXMvREM9Y29tMIIB
 IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxieE22fR/qmdPKUHyYTyUx2g
 wskLwrCkxay+Tvc97ZZUOwf85LDDDPqhQaTWLvRwnIOMgQE2nBPzwalVclK6a+pW
 x/18KDeZY15vm3Qn5p42b0wi9hUxOqPm3J2hdCLCcgtENgdX21nVzejn39WVqFJO
@@ -11,10 +11,10 @@ fBbmDnsMLAtAtauMOxORrbx3EOY7sHku/kSrMg3FXFay7jc6BkbbUij+MjJ/k82l
 AQABo3sweTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQUBfKiwO2e
 M4NEiRrVG793qEPLYyMwHwYDVR0RBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20w
 HwYDVR0SBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20wDQYJKoZIhvcNAQELBQAD
-ggEBAILNXrrFaLruwlBoTx3F7iL5wiRUT+cOMfdon25gzX8Tf87hi6rITnRgFfak
-w+C/rbrYOuEfUJMeZSU5ASxzrB4ohgJ5AFxuxGNkWEQJC4nICGn3ML8PmHzEV12z
-+nMm9AtBM16dJTdTKA2B6du0ZtTtbm4M3ULB7rhkUO2L2RbDyyiGQw85IBdaVdzr
-GmrxZPAOhBABOREsvJU1+3GIyJncqXmtrYUGUoLiIf/WO0mxPzYALZC/6ZYfu2UP
-+MqVFjDxsJA7cDfACke51RypSH1gZoPjzoW6w0sMRAzZT8hU1eGyqtNuBiSZ1UKv
-B/ztNLEP0OWhpj/NZ1fnGRvo/T0=
+ggEBAJTylLYXo5AybI+tLq79+OXQ8/nbGZ7iydU1uTHQud1JZQ1MRV5dRDjeBmCT
+lRxaEZT4NopEzuHO0sm3nVpSYtQwTaQyVKmnllNI3kc0f4H6i7dpPd7eUAQ3/O2I
+eWjDJlzu0zwqTa+N6vzS8Y3ypDSGgb1gJKzluOv7viVUAthmuuJws7XQq/qMMaNw
+3163oCKuJvMW1w8kdUMQqvlLJkVKaxz9K64r2+a04Ok1cKloTB3OSowfAYFoRlqP
+voajiJNS75Pw/2j13WnPB4Q6w7dHSb57E/VluBpVKmcQZN0dGdAkEIVty3v7kw9g
+y++VpCpWM/PstIFv4ApZMf501UY=
 -----END CERTIFICATE-----

data/net-ssh.gemspec

@@ -1,4 +1,3 @@
-
 require_relative 'lib/net/ssh/version'
 
 Gem::Specification.new do |spec|
@@ -16,11 +15,14 @@ Gem::Specification.new do |spec|
   spec.description   = %q{Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2.}
   spec.homepage      = "https://github.com/net-ssh/net-ssh"
   spec.license       = "MIT"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.2.6")
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.3")
+  spec.metadata = {
+    "changelog_uri" => "https://github.com/net-ssh/net-ssh/blob/master/CHANGES.txt"
+  }
 
   spec.extra_rdoc_files = [
     "LICENSE.txt",
-    "README.rdoc"
+    "README.md"
   ]
 
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
@@ -31,12 +33,12 @@ Gem::Specification.new do |spec|
   unless ENV['NET_SSH_NO_ED25519']
     spec.add_development_dependency("bcrypt_pbkdf", "~> 1.0") unless RUBY_PLATFORM == "java"
     spec.add_development_dependency("ed25519", "~> 1.2")
+    spec.add_development_dependency('x25519') unless RUBY_PLATFORM == 'java'
   end
 
-  spec.add_development_dependency "bundler", "~> 1.11"
-
+  spec.add_development_dependency "bundler", ">= 1.17"
   spec.add_development_dependency "minitest", "~> 5.10"
-  spec.add_development_dependency "mocha", ">= 1.2.1"
+  spec.add_development_dependency "mocha", "~> 1.11.2"
   spec.add_development_dependency "rake", "~> 12.0"
-  spec.add_development_dependency "rubocop", "~> 0.54.0"
+  spec.add_development_dependency "rubocop", "~> 0.74.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: net-ssh
 version: !ruby/object:Gem::Version
-  version: 5.2.0
+  version: 6.0.0
 platform: ruby
 authors:
 - Jamis Buck
@@ -13,8 +13,8 @@ cert_chain:
 - |
   -----BEGIN CERTIFICATE-----
   MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDDBpuZXRz
-  c2gvREM9c29sdXRpb3VzL0RDPWNvbTAeFw0xOTAzMTEwOTQ1MzZaFw0yMDAzMTAw
-  OTQ1MzZaMCUxIzAhBgNVBAMMGm5ldHNzaC9EQz1zb2x1dGlvdXMvREM9Y29tMIIB
+  c2gvREM9c29sdXRpb3VzL0RDPWNvbTAeFw0yMDA0MTEwNTQyMTZaFw0yMTA0MTEw
+  NTQyMTZaMCUxIzAhBgNVBAMMGm5ldHNzaC9EQz1zb2x1dGlvdXMvREM9Y29tMIIB
   IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxieE22fR/qmdPKUHyYTyUx2g
   wskLwrCkxay+Tvc97ZZUOwf85LDDDPqhQaTWLvRwnIOMgQE2nBPzwalVclK6a+pW
   x/18KDeZY15vm3Qn5p42b0wi9hUxOqPm3J2hdCLCcgtENgdX21nVzejn39WVqFJO
@@ -24,14 +24,14 @@ cert_chain:
   AQABo3sweTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQUBfKiwO2e
   M4NEiRrVG793qEPLYyMwHwYDVR0RBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20w
   HwYDVR0SBBgwFoEUbmV0c3NoQHNvbHV0aW91cy5jb20wDQYJKoZIhvcNAQELBQAD
-  ggEBAILNXrrFaLruwlBoTx3F7iL5wiRUT+cOMfdon25gzX8Tf87hi6rITnRgFfak
-  w+C/rbrYOuEfUJMeZSU5ASxzrB4ohgJ5AFxuxGNkWEQJC4nICGn3ML8PmHzEV12z
-  +nMm9AtBM16dJTdTKA2B6du0ZtTtbm4M3ULB7rhkUO2L2RbDyyiGQw85IBdaVdzr
-  GmrxZPAOhBABOREsvJU1+3GIyJncqXmtrYUGUoLiIf/WO0mxPzYALZC/6ZYfu2UP
-  +MqVFjDxsJA7cDfACke51RypSH1gZoPjzoW6w0sMRAzZT8hU1eGyqtNuBiSZ1UKv
-  B/ztNLEP0OWhpj/NZ1fnGRvo/T0=
+  ggEBAJTylLYXo5AybI+tLq79+OXQ8/nbGZ7iydU1uTHQud1JZQ1MRV5dRDjeBmCT
+  lRxaEZT4NopEzuHO0sm3nVpSYtQwTaQyVKmnllNI3kc0f4H6i7dpPd7eUAQ3/O2I
+  eWjDJlzu0zwqTa+N6vzS8Y3ypDSGgb1gJKzluOv7viVUAthmuuJws7XQq/qMMaNw
+  3163oCKuJvMW1w8kdUMQqvlLJkVKaxz9K64r2+a04Ok1cKloTB3OSowfAYFoRlqP
+  voajiJNS75Pw/2j13WnPB4Q6w7dHSb57E/VluBpVKmcQZN0dGdAkEIVty3v7kw9g
+  y++VpCpWM/PstIFv4ApZMf501UY=
   -----END CERTIFICATE-----
-date: 2019-03-11 00:00:00.000000000 Z
+date: 2020-04-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt_pbkdf
@@ -61,20 +61,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.2'
+- !ruby/object:Gem::Dependency
+  name: x25519
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.11'
+        version: '1.17'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.11'
+        version: '1.17'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -93,16 +107,16 @@ dependencies:
   name: mocha
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.1
+        version: 1.11.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.1
+        version: 1.11.2
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -123,14 +137,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.54.0
+        version: 0.74.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.54.0
+        version: 0.74.0
 description: 'Net::SSH: a pure-Ruby implementation of the SSH2 client protocol. It
   allows you to write programs that invoke and interact with processes on remote servers,
   via SSH2.'
@@ -140,7 +154,7 @@ executables: []
 extensions: []
 extra_rdoc_files:
 - LICENSE.txt
-- README.rdoc
+- README.md
 files:
 - ".gitignore"
 - ".rubocop.yml"
@@ -149,11 +163,10 @@ files:
 - CHANGES.txt
 - Gemfile
 - Gemfile.noed25519
-- Gemfile.noed25519.lock
 - ISSUE_TEMPLATE.md
 - LICENSE.txt
 - Manifest
-- README.rdoc
+- README.md
 - Rakefile
 - THANKS.txt
 - appveyor.yml
@@ -195,7 +208,6 @@ files:
 - lib/net/ssh/proxy/jump.rb
 - lib/net/ssh/proxy/socks4.rb
 - lib/net/ssh/proxy/socks5.rb
-- lib/net/ssh/ruby_compat.rb
 - lib/net/ssh/service/forward.rb
 - lib/net/ssh/test.rb
 - lib/net/ssh/test/channel.rb
@@ -220,10 +232,16 @@ files:
 - lib/net/ssh/transport/hmac/sha1_96.rb
 - lib/net/ssh/transport/hmac/sha2_256.rb
 - lib/net/ssh/transport/hmac/sha2_256_96.rb
+- lib/net/ssh/transport/hmac/sha2_256_etm.rb
 - lib/net/ssh/transport/hmac/sha2_512.rb
 - lib/net/ssh/transport/hmac/sha2_512_96.rb
+- lib/net/ssh/transport/hmac/sha2_512_etm.rb
 - lib/net/ssh/transport/identity_cipher.rb
 - lib/net/ssh/transport/kex.rb
+- lib/net/ssh/transport/kex/abstract.rb
+- lib/net/ssh/transport/kex/abstract5656.rb
+- lib/net/ssh/transport/kex/curve25519_sha256.rb
+- lib/net/ssh/transport/kex/curve25519_sha256_loader.rb
 - lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb
 - lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb
 - lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb
@@ -244,12 +262,12 @@ files:
 - lib/net/ssh/version.rb
 - net-ssh-public_cert.pem
 - net-ssh.gemspec
-- support/arcfour_check.rb
 - support/ssh_tunnel_bug.rb
 homepage: https://github.com/net-ssh/net-ssh
 licenses:
 - MIT
-metadata: {}
+metadata:
+  changelog_uri: https://github.com/net-ssh/net-ssh/blob/master/CHANGES.txt
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -258,15 +276,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.2.6
+      version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.8
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: 'Net::SSH: a pure-Ruby implementation of the SSH2 client protocol.'

metadata.gz.sig

@@ -1,3 +1,2 @@
-rj��j
n�����G]F�#��5-�4�P������
-uЭ3[I���
m�
-�֒3����ty�#h�Kk�2J��B�䫼���M�}��s�*��`	��
+q�v͊�.���kA1Y�bҭ��NL�a��I��T����<K:�n�������@sN�*P�sRߩ��K��������H��B8��'LA�a��K�畅��i4���܄��4�)@A���	��9G�ʞ���I�����tD��ڐ	P�Ѐ�Z�
+�pO������r��-��Wj7���T�8�o��P�d9��Y��Y:1Z�
�ꊚJW�V�$�ݢ��G,�Q-�U�wr�?8#�����=!6����9+��I�=

data/Gemfile.noed25519.lock

@@ -1,41 +0,0 @@
-PATH
-  remote: .
-  specs:
-    net-ssh (4.2.0)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    ast (2.3.0)
-    metaclass (0.0.4)
-    minitest (5.10.3)
-    mocha (1.3.0)
-      metaclass (~> 0.0.1)
-    parser (2.4.0.2)
-      ast (~> 2.3)
-    powerpack (0.1.1)
-    rainbow (2.2.2)
-      rake
-    rake (12.3.0)
-    rubocop (0.47.1)
-      parser (>= 2.3.3.1, < 3.0)
-      powerpack (~> 0.1)
-      rainbow (>= 1.99.1, < 3.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (~> 1.0, >= 1.0.1)
-    ruby-progressbar (1.9.0)
-    unicode-display_width (1.3.0)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  bundler (~> 1.11)
-  minitest (~> 5.10)
-  mocha (>= 1.2.1)
-  net-ssh!
-  rake (~> 12.0)
-  rubocop (~> 0.47.0)
-
-BUNDLED WITH
-   1.14.6

data/README.rdoc

@@ -1,194 +0,0 @@
-{<img src="https://badge.fury.io/rb/net-ssh.svg" alt="Gem Version" />}[https://badge.fury.io/rb/net-ssh]
-{<img src="https://badges.gitter.im/net-ssh/net-ssh.svg" alt="Join the chat at https://gitter.im/net-ssh/net-ssh">}[https://gitter.im/net-ssh/net-ssh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge]
-{<img src="https://travis-ci.org/net-ssh/net-ssh.svg?branch=master" alt="Build Status" />}[https://travis-ci.org/net-ssh/net-ssh]
-{<img src="https://codecov.io/gh/net-ssh/net-ssh/branch/master/graph/badge.svg" alt="Coverage status" />}[https://codecov.io/gh/net-ssh/net-ssh]
-{<img src="https://opencollective.com/net-ssh/backers/badge.svg" alt="Backers on Open Collective" />}[#backers]
-{<img src="https://opencollective.com/net-ssh/sponsors/badge.svg" alt="Sponsors on Open Collective" />}[#sponsors]
- 
-
-= Net::SSH 5.x
-
-* Docs: http://net-ssh.github.com/net-ssh
-* Issues: https://github.com/net-ssh/net-ssh/issues
-* Codes: https://github.com/net-ssh/net-ssh
-* Email: net-ssh@solutious.com
-
-<em>As of v2.6.4, all gem releases are signed. See INSTALL.</em>
-
-== DESCRIPTION:
-
-Net::SSH is a pure-Ruby implementation of the SSH2 client protocol. It allows you to write programs that invoke and interact with processes on remote servers, via SSH2.
-
-== FEATURES:
-
-* Execute processes on remote servers and capture their output
-* Run multiple processes in parallel over a single SSH connection
-* Support for SSH subsystems
-* Forward local and remote ports via an SSH connection
-
-== SYNOPSIS:
-
-In a nutshell:
-
-  require 'net/ssh'
-
-  Net::SSH.start('host', 'user', password: "password") do |ssh|
-    # capture all stderr and stdout output from a remote process
-    output = ssh.exec!("hostname")
-    puts output
-
-    # capture only stdout matching a particular pattern
-    stdout = ""
-    ssh.exec!("ls -l /home/jamis") do |channel, stream, data|
-      stdout << data if stream == :stdout
-    end
-    puts stdout
-
-    # run multiple processes in parallel to completion
-    ssh.exec "sed ..."
-    ssh.exec "awk ..."
-    ssh.exec "rm -rf ..."
-    ssh.loop
-
-    # open a new channel and configure a minimal set of callbacks, then run
-    # the event loop until the channel finishes (closes)
-    channel = ssh.open_channel do |ch|
-      ch.exec "/usr/local/bin/ruby /path/to/file.rb" do |ch, success|
-        raise "could not execute command" unless success
-
-        # "on_data" is called when the process writes something to stdout
-        ch.on_data do |c, data|
-          $stdout.print data
-        end
-
-        # "on_extended_data" is called when the process writes something to stderr
-        ch.on_extended_data do |c, type, data|
-          $stderr.print data
-        end
-
-        ch.on_close { puts "done!" }
-      end
-    end
-
-    channel.wait
-
-    # forward connections on local port 1234 to port 80 of www.capify.org
-    ssh.forward.local(1234, "www.capify.org", 80)
-    ssh.loop { true }
-  end
-
-See Net::SSH for more documentation, and links to further information.
-
-== REQUIREMENTS:
-
-The only requirement you might be missing is the OpenSSL bindings for Ruby. These are built by default on most platforms, but you can verify that they're built and installed on your system by running the following command line:
-
-  ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'
-
-If that spits out something like "OpenSSL 0.9.8g 19 Oct 2007", then you're set. If you get an error, then you'll need to see about rebuilding ruby with OpenSSL support, or (if your platform supports it) installing the OpenSSL bindings separately.
-
-Lastly, if you want to run the tests or use any of the Rake tasks, you'll need Mocha and other dependencies listed in Gemfile
-
-
-== INSTALL:
-
-* gem install net-ssh (might need sudo privileges)
-
-NOTE: If you are running on jruby on windows you need to install jruby-pageant manually (gemspec doesn't allow for platform specific dependencies).
-
-However, in order to be sure the code you're installing hasn't been tampered with, it's recommended that you verify the signature[http://docs.rubygems.org/read/chapter/21]. To do this, you need to add my public key as a trusted certificate (you only need to do this once):
-
-    # Add the public key as a trusted certificate
-    # (You only need to do this once)
-    $ curl -O https://raw.githubusercontent.com/net-ssh/net-ssh/master/net-ssh-public_cert.pem
-    $ gem cert --add net-ssh-public_cert.pem
-
-Then, when install the gem, do so with high security:
-
-    $ gem install net-ssh -P HighSecurity
-
-If you don't add the public key, you'll see an error like "Couldn't verify data signature". If you're still having trouble let me know and I'll give you a hand.
-
-For ed25519 public key auth support your bundle file should contain ```ed25519```, ```bcrypt_pbkdf``` dependencies.
-
-== RUBY SUPPORT
-
-* Ruby 1.8.x is supported up until the net-ssh 2.5.1 release.
-* Ruby 1.9.x is supported up until the net-ssh 2.9.x release.
-* See {net-ssh.gemspec}[https://github.com/net-ssh/net-ssh/blob/master/net-ssh.gemspec] for current versions ruby requirements
-
-== RUNNING TESTS
-
-Run the test suite from the net-ssh directory with the following command:
-
-     bundle exec rake test
-
-Run a single test file like this:
-
-     ruby -Ilib -Itest test/transport/test_server_version.rb
-
-To run integration tests see test/integration/README.txt
-
-=== BUILDING GEM
-
-     rake build
-
-=== GEM SIGNING (for maintainers)
-
-If you have the net-ssh private signing key, you will be able to create signed release builds. Make sure the private key path matches the `signing_key` path set in `net-ssh.gemspec` and tell rake to sign the gem by setting the `NET_SSH_BUILDGEM_SIGNED` flag:
-
-     NET_SSH_BUILDGEM_SIGNED=true rake build
-
-For time to time, the public certificate associated to the private key needs to be renewed. You can do this with the following command:
-
-     gem cert --build netssh@solutious.com --private-key path/2/net-ssh-private_key.pem
-     mv gem-public_cert.pem net-ssh-public_cert.pem
-     gem cert --add net-ssh-public_cert.pem
-
-== CREDITS
-
-=== Contributors
-
-This project exists thanks to all the people who contribute. 
-
-{<img src="https://opencollective.com/net-ssh/contributors.svg?width=890&button=false" />}["graphs/contributors"]
-
-
-=== Backers
-
-Thank you to all our backers! 🙏 {Become a backer}[https://opencollective.com/net-ssh#backer)]
-
-{<img src="https://opencollective.com/net-ssh/backers.svg?width=890”>}["https://opencollective.com/net-ssh#backers"]
-
-=== Sponsors
-
-Support this project by becoming a sponsor. Your logo will show up here with a link to your website. {Become a sponsor}[https://opencollective.com/net-ssh#sponsor]
-{<img src="https://opencollective.com/net-ssh/sponsor/0/avatar.svg" alt="Sponsor" />}[https://opencollective.com/net-ssh/sponsor/0/website]
-
-
-
-
-== LICENSE:
-
-(The MIT License)
-
-Copyright (c) 2008 Jamis Buck
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-'Software'), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
-CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
-TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
-SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.