From f94b05616433f8c2840df7d6fa25442f92f57b7e Mon Sep 17 00:00:00 2001 From: roedie Date: Fri, 19 Feb 2016 09:28:10 +0100 Subject: Add support to specify cipher and kex for ssh connections Some network equipment exists that does not want to play nice with ssh. This adds the vars ssh_encryption and ssh_kex which can be used to make tell oxidized to use certain encryption and key exchange so it can connect to these devices. --- lib/oxidized/input/ssh.rb | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'lib/oxidized') diff --git a/lib/oxidized/input/ssh.rb b/lib/oxidized/input/ssh.rb index e7296b5..63d1067 100644 --- a/lib/oxidized/input/ssh.rb +++ b/lib/oxidized/input/ssh.rb @@ -26,12 +26,18 @@ module Oxidized if proxy_host = vars(:proxy) proxy = Net::SSH::Proxy::Command.new("ssh #{proxy_host} nc %h %p") end - @ssh = Net::SSH.start(@node.ip, @node.auth[:username], :port => port.to_i, - :password => @node.auth[:password], :timeout => Oxidized.config.timeout, - :paranoid => secure, - :auth_methods => %w(none publickey password keyboard-interactive), - :number_of_password_prompts => 0, - :proxy => proxy) + ssh_opts = { + :port => port.to_i, + :password => @node.auth[:password], :timeout => Oxidized.config.timeout, + :paranoid => secure, + :auth_methods => %w(none publickey password keyboard-interactive), + :number_of_password_prompts => 0, + :proxy => proxy + } + ssh_opts[:encryption] = vars(:ssh_encryption) if vars(:ssh_encryption) + ssh_opts[:kex] = vars(:ssh_kex) if vars(:ssh_kex) + + @ssh = Net::SSH.start(@node.ip, @node.auth[:username], ssh_opts) unless @exec shell_open @ssh begin -- cgit v1.2.1