summaryrefslogtreecommitdiff
path: root/lib/oxidized/input/ssh.rb
diff options
context:
space:
mode:
authorroedie <github@roedie.nl>2016-02-19 09:28:10 +0100
committerroedie <github@roedie.nl>2016-02-19 09:28:10 +0100
commitf94b05616433f8c2840df7d6fa25442f92f57b7e (patch)
tree75a2b59569234f80a92a2e49a318ef2125d20dc2 /lib/oxidized/input/ssh.rb
parent2e7dd813f8659e9418b65983b661b48a1aaf832e (diff)
Add support to specify cipher and kex for ssh connections
Some network equipment exists that does not want to play nice with ssh. This adds the vars ssh_encryption and ssh_kex which can be used to make tell oxidized to use certain encryption and key exchange so it can connect to these devices.
Diffstat (limited to 'lib/oxidized/input/ssh.rb')
-rw-r--r--lib/oxidized/input/ssh.rb18
1 files changed, 12 insertions, 6 deletions
diff --git a/lib/oxidized/input/ssh.rb b/lib/oxidized/input/ssh.rb
index e7296b5..63d1067 100644
--- a/lib/oxidized/input/ssh.rb
+++ b/lib/oxidized/input/ssh.rb
@@ -26,12 +26,18 @@ module Oxidized
if proxy_host = vars(:proxy)
proxy = Net::SSH::Proxy::Command.new("ssh #{proxy_host} nc %h %p")
end
- @ssh = Net::SSH.start(@node.ip, @node.auth[:username], :port => port.to_i,
- :password => @node.auth[:password], :timeout => Oxidized.config.timeout,
- :paranoid => secure,
- :auth_methods => %w(none publickey password keyboard-interactive),
- :number_of_password_prompts => 0,
- :proxy => proxy)
+ ssh_opts = {
+ :port => port.to_i,
+ :password => @node.auth[:password], :timeout => Oxidized.config.timeout,
+ :paranoid => secure,
+ :auth_methods => %w(none publickey password keyboard-interactive),
+ :number_of_password_prompts => 0,
+ :proxy => proxy
+ }
+ ssh_opts[:encryption] = vars(:ssh_encryption) if vars(:ssh_encryption)
+ ssh_opts[:kex] = vars(:ssh_kex) if vars(:ssh_kex)
+
+ @ssh = Net::SSH.start(@node.ip, @node.auth[:username], ssh_opts)
unless @exec
shell_open @ssh
begin