summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorroedie <github@roedie.nl>2016-02-19 09:28:10 +0100
committerroedie <github@roedie.nl>2016-02-19 09:28:10 +0100
commitf94b05616433f8c2840df7d6fa25442f92f57b7e (patch)
tree75a2b59569234f80a92a2e49a318ef2125d20dc2
parent2e7dd813f8659e9418b65983b661b48a1aaf832e (diff)
Add support to specify cipher and kex for ssh connections
Some network equipment exists that does not want to play nice with ssh. This adds the vars ssh_encryption and ssh_kex which can be used to make tell oxidized to use certain encryption and key exchange so it can connect to these devices.
-rw-r--r--lib/oxidized/input/ssh.rb18
1 files changed, 12 insertions, 6 deletions
diff --git a/lib/oxidized/input/ssh.rb b/lib/oxidized/input/ssh.rb
index e7296b5..63d1067 100644
--- a/lib/oxidized/input/ssh.rb
+++ b/lib/oxidized/input/ssh.rb
@@ -26,12 +26,18 @@ module Oxidized
if proxy_host = vars(:proxy)
proxy = Net::SSH::Proxy::Command.new("ssh #{proxy_host} nc %h %p")
end
- @ssh = Net::SSH.start(@node.ip, @node.auth[:username], :port => port.to_i,
- :password => @node.auth[:password], :timeout => Oxidized.config.timeout,
- :paranoid => secure,
- :auth_methods => %w(none publickey password keyboard-interactive),
- :number_of_password_prompts => 0,
- :proxy => proxy)
+ ssh_opts = {
+ :port => port.to_i,
+ :password => @node.auth[:password], :timeout => Oxidized.config.timeout,
+ :paranoid => secure,
+ :auth_methods => %w(none publickey password keyboard-interactive),
+ :number_of_password_prompts => 0,
+ :proxy => proxy
+ }
+ ssh_opts[:encryption] = vars(:ssh_encryption) if vars(:ssh_encryption)
+ ssh_opts[:kex] = vars(:ssh_kex) if vars(:ssh_kex)
+
+ @ssh = Net::SSH.start(@node.ip, @node.auth[:username], ssh_opts)
unless @exec
shell_open @ssh
begin