Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option #3721

Merged
merged 1 commit into from
Jul 2, 2024
Merged

ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option #3721

merged 1 commit into from
Jul 2, 2024

Conversation

HollyGurza
Copy link
Contributor

@HollyGurza HollyGurza commented Jun 25, 2024
edited
Loading

Change Summary

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Code style update (formatting, renaming)
  • Refactoring (no functional changes)
  • Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
  • Other (please describe):

Related Task(s)

Related PR(s)

Component(s) name

Proposed changes

How to test

Smoketest result

vyos@vyos:~$ python3 /usr/libexec/vyos/tests/smoke/cli/test_service_ssh.py 
test_ssh_default (__main__.TestServiceSSH.test_ssh_default) ... ok
test_ssh_dynamic_protection (__main__.TestServiceSSH.test_ssh_dynamic_protection) ... ok
test_ssh_login (__main__.TestServiceSSH.test_ssh_login) ... ok
test_ssh_multiple_listen_addresses (__main__.TestServiceSSH.test_ssh_multiple_listen_addresses) ... ok
test_ssh_ndcpp (__main__.TestServiceSSH.test_ssh_ndcpp) ... ok
test_ssh_pubkey_accepted_algorithm (__main__.TestServiceSSH.test_ssh_pubkey_accepted_algorithm) ... ok
test_ssh_single_listen_address (__main__.TestServiceSSH.test_ssh_single_listen_address) ... ok
test_ssh_vrf_multi (__main__.TestServiceSSH.test_ssh_vrf_multi) ... 
VRF "red" does not exist!

ok
test_ssh_vrf_single (__main__.TestServiceSSH.test_ssh_vrf_single) ... 
VRF "mgmt" does not exist!

ok

----------------------------------------------------------------------
Ran 9 tests in 41.441s

OK

Checklist:

  • I have read the CONTRIBUTING document
  • I have linked this PR to one or more Phabricator Task(s)
  • I have run the components SMOKETESTS if applicable
  • My commit headlines contain a valid Task id
  • My change requires a change to the documentation
  • I have updated the documentation accordingly

@HollyGurza HollyGurza requested a review from a team as a code owner June 25, 2024 10:39
@dmbaturin dmbaturin changed the title ssh: T5878: Allow change the PubkeyAcceptedAlgorithms option ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option Jun 25, 2024
dmbaturin
dmbaturin requested changes Jun 25, 2024
View reviewed changes
Copy link
Member

@dmbaturin dmbaturin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please correct the grammar in the commit message? I corrected in the PR title. I have no issues with the implementation.

@HollyGurza HollyGurza mentioned this pull request Jun 26, 2024
Merged
1 task
@HollyGurza
Copy link
Contributor Author

doc PR: vyos/vyos-documentation#1492

dmbaturin
dmbaturin requested changes Jun 27, 2024
View reviewed changes
Copy link
Member

@dmbaturin dmbaturin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All other SSH options (key exchange, cipher...) use explicit lists of values and don't allow excluding algorithms.

We should redo the PR to only allow explicit lists as well.

@github-actions GitHub Actions
Copy link

❌ VyOS CLI smoketests failed!

dmbaturin
dmbaturin approved these changes Jul 2, 2024
View reviewed changes
Copy link
Member

@dmbaturin dmbaturin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The smoketest failure is unrelated to the change and is safe to ignore.

@dmbaturin dmbaturin merged commit 0bd50e7 into vyos:current Jul 2, 2024
12 of 13 checks passed
@dmbaturin
Copy link
Member

@Mergifyio backport circinus

@mergify Mergify
Copy link

mergify bot commented Jul 3, 2024
edited
Loading

backport circinus

✅ Backports have been created

@dmbaturin
Copy link
Member

@Mergifyio backport sagitta

@mergify mergify bot mentioned this pull request Jul 3, 2024
Merged
12 tasks
@mergify Mergify
Copy link

mergify bot commented Jul 3, 2024
edited
Loading

backport sagitta

✅ Backports have been created

@mergify mergify bot mentioned this pull request Jul 3, 2024
Merged
12 tasks
c-po added a commit that referenced this pull request Jul 3, 2024
@c-po
Merge pull request #3758 from vyos/mergify/bp/circinus/pr-3721
c85e722 
ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option (backport #3721)
c-po added a commit that referenced this pull request Jul 4, 2024
@c-po
Merge pull request #3759 from vyos/mergify/bp/sagitta/pr-3721
ea4fb0c 
ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option (backport #3721)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmbaturin dmbaturin dmbaturin approved these changes

@sever-sever sever-sever sever-sever approved these changes

@sarthurdev sarthurdev Awaiting requested review from sarthurdev sarthurdev is a code owner automatically assigned from vyos/reviewers

@zdc zdc Awaiting requested review from zdc zdc is a code owner automatically assigned from vyos/reviewers

@jestabro jestabro Awaiting requested review from jestabro jestabro is a code owner automatically assigned from vyos/reviewers

@fett0 fett0 Awaiting requested review from fett0 fett0 is a code owner automatically assigned from vyos/reviewers

Assignees

@HollyGurza HollyGurza

Labels
backport current
Milestone
No milestone
3 participants
@HollyGurza @dmbaturin @sever-sever