Skip to content

Commit a784b5e

Browse files
zeroSal-lezeroSal-le
committed
Deprecated DSA host keys
1 parent 5ec62b0 commit a784b5e

2 files changed

Lines changed: 33 additions & 1 deletion

File tree

src/Adapter/Ssh/SshAdapter.php

Lines changed: 17 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,6 @@ public function __construct()
3232
'-o', 'ControlMaster=auto',
3333
'-o', 'ControlPath=/tmp/php-seven-ssh-%C',
3434
'-o', 'ControlPersist=60m',
35-
'-o', 'HostKeyAlgorithms=+ssh-dss',
3635
'-o', 'StrictHostKeyChecking=no',
3736
'-o', 'UserKnownHostsFile=/dev/null',
3837
];
@@ -274,4 +273,21 @@ public function addIdentityFile(string $path): self
274273

275274
return $this;
276275
}
276+
277+
public function permitDsaHostKey(bool $status): self
278+
{
279+
$this->options = array_values(array_filter(
280+
$this->options,
281+
fn ($opt) => 'HostKeyAlgorithms=+ssh-dss' !== $opt
282+
));
283+
284+
if ($status) {
285+
$this->options = array_merge(
286+
$this->options,
287+
['-o', 'HostKeyAlgorithms=+ssh-dss']
288+
);
289+
}
290+
291+
return $this;
292+
}
277293
}

tests/Adapter/Ssh/SshAdapterTest.php

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,4 +19,20 @@ public function testSetters()
1919
$this->assertEquals(30, $adapter->getTimeout());
2020
$this->assertContains('-o', $adapter->getOptions());
2121
}
22+
23+
public function testPermitDsaHostKey()
24+
{
25+
$adapter = new SshAdapter();
26+
$options = $adapter->getOptions();
27+
28+
$this->assertNotContains('HostKeyAlgorithms=+ssh-dss', $options);
29+
30+
$adapter->permitDsaHostKey(true);
31+
$options = $adapter->getOptions();
32+
$this->assertContains('HostKeyAlgorithms=+ssh-dss', $options);
33+
34+
$adapter->permitDsaHostKey(false);
35+
$options = $adapter->getOptions();
36+
$this->assertNotContains('HostKeyAlgorithms=+ssh-dss', $options);
37+
}
2238
}

0 commit comments

Comments
 (0)