From cfa7d4cd6951b6636c2f9fb0d6723a31c5c44360 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20Heitm=C3=BCller?= Date: Fri, 29 Jan 2021 17:38:23 +0100 Subject: [PATCH] configure internal ssh server w/ macs and ciphers, refs #14518 --- modules/ssh/ssh.go | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/modules/ssh/ssh.go b/modules/ssh/ssh.go index 2b7fd593b5eb1..925f9615b4b38 100644 --- a/modules/ssh/ssh.go +++ b/modules/ssh/ssh.go @@ -241,13 +241,17 @@ func publicKeyHandler(ctx ssh.Context, key ssh.PublicKey) bool { // Listen starts a SSH server listens on given port. func Listen(host string, port int, ciphers []string, keyExchanges []string, macs []string) { - // TODO: Handle ciphers, keyExchanges, and macs - srv := ssh.Server{ Addr: fmt.Sprintf("%s:%d", host, port), PublicKeyHandler: publicKeyHandler, Handler: sessionHandler, - + ServerConfigCallback: func(ctx ssh.Context) *gossh.ServerConfig { + config := &gossh.ServerConfig{} + config.KeyExchanges = keyExchanges + config.MACs = macs + config.Ciphers = ciphers + return config + }, // We need to explicitly disable the PtyCallback so text displays // properly. PtyCallback: func(ctx ssh.Context, pty ssh.Pty) bool {