Fabio/webssh2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: config move algorithims to ssh property

Browse source
This commit is contained in:
Bill Church 2024-11-21 15:30:58 +00:00
parent 6ff58c55f5
commit 52a989bbb2
No known key found for this signature in database
3 changed files with 108 additions and 76 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
app/config.js
View file

@ -31,7 +31,39 @@ const defaultConfig = {
readyTimeout: 20000, readyTimeout: 20000,
keepaliveInterval: 120000, keepaliveInterval: 120000,
keepaliveCountMax: 10, keepaliveCountMax: 10,
alwaysSendKeyboardInteractivePrompts: false alwaysSendKeyboardInteractivePrompts: false,
algorithms: {
kex: [
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group14-sha1"
],
cipher: [
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"aes128-gcm",
"aes128-gcm@openssh.com",
"aes256-gcm",
"aes256-gcm@openssh.com",
"aes256-cbc"
],
hmac: ["hmac-sha2-256", "hmac-sha2-512", "hmac-sha1"],
serverHostKey: [
"ssh-ed25519",
"rsa-sha2-512",
"rsa-sha2-256",
"ecdsa-sha2-nistp256",
"ecdsa-sha2-nistp384",
"ecdsa-sha2-nistp521",
"rsa-sha2-512",
"rsa-sha2-256",
"ssh-rsa"
],
compress: ["none", "zlib@openssh.com", "zlib"]
}
}, },
header: { header: {
text: null, text: null,
@ -44,27 +76,6 @@ const defaultConfig = {
allowReconnect: true, allowReconnect: true,
allowReplay: true allowReplay: true
}, },
algorithms: {
kex: [
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group14-sha1"
],
cipher: [
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"aes128-gcm",
"aes128-gcm@openssh.com",
"aes256-gcm",
"aes256-gcm@openssh.com",
"aes256-cbc"
],
hmac: ["hmac-sha2-256", "hmac-sha2-512", "hmac-sha1"],
compress: ["none", "zlib@openssh.com", "zlib"]
},
session: { session: {
secret: process.env.WEBSSH_SESSION_SECRET || generateSecureSecret(), secret: process.env.WEBSSH_SESSION_SECRET || generateSecureSecret(),
name: "webssh2.sid" name: "webssh2.sid"

52
app/configSchema.js
View file

@ -38,7 +38,33 @@ const configSchema = {
term: { type: "string" }, term: { type: "string" },
readyTimeout: { type: "integer" }, readyTimeout: { type: "integer" },
keepaliveInterval: { type: "integer" }, keepaliveInterval: { type: "integer" },
keepaliveCountMax: { type: "integer" } keepaliveCountMax: { type: "integer" },
algorithms: {
type: "object",
properties: {
kex: {
type: "array",
items: { type: "string" }
},
cipher: {
type: "array",
items: { type: "string" }
},
hmac: {
type: "array",
items: { type: "string" }
},
serverHostKey: {
type: "array",
items: { type: "string" }
},
compress: {
type: "array",
items: { type: "string" }
}
},
required: ["kex", "cipher", "hmac", "serverHostKey", "compress"]
}
}, },
required: [ required: [
"host", "host",
@ -68,28 +94,6 @@ const configSchema = {
}, },
required: ["challengeButton", "allowReauth", "allowReplay"] required: ["challengeButton", "allowReauth", "allowReplay"]
}, },
algorithms: {
type: "object",
properties: {
kex: {
type: "array",
items: { type: "string" }
},
cipher: {
type: "array",
items: { type: "string" }
},
hmac: {
type: "array",
items: { type: "string" }
},
compress: {
type: "array",
items: { type: "string" }
}
},
required: ["kex", "cipher", "hmac", "compress"]
},
session: { session: {
type: "object", type: "object",
properties: { properties: {
@ -99,6 +103,6 @@ const configSchema = {
required: ["secret", "name"] required: ["secret", "name"]
} }
}, },
required: ["listen", "http", "user", "ssh", "header", "options", "algorithms"] required: ["listen", "http", "user", "ssh", "header", "options"]
} }
module.exports = configSchema module.exports = configSchema

77
config.json.sample
View file

@ -11,6 +11,10 @@
"password": null, "password": null,
"privatekey": null "privatekey": null
}, },
"session": {
"secret": "secret",
"name": "webssh2"
},
"ssh": { "ssh": {
"host": null, "host": null,
"port": 22, "port": 22,
@ -20,7 +24,49 @@
"readyTimeout": 20000, "readyTimeout": 20000,
"keepaliveInterval": 120000, "keepaliveInterval": 120000,
"keepaliveCountMax": 10, "keepaliveCountMax": 10,
"allowedSubnets": [] "allowedSubnets": [],
"alwaysSendKeyboardInteractivePrompts": false,
"algorithms": {
"kex": [
"curve25519-sha256",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group14-sha1"
],
"cipher": [
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"aes128-gcm",
"aes128-gcm@openssh.com",
"aes256-gcm",
"aes256-gcm@openssh.com",
"aes256-cbc"
],
"hmac": [
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"compress": [
"none",
"zlib@openssh.com",
"zlib"
],
"serverHostKey": [
"ssh-ed25519",
"rsa-sha2-512",
"rsa-sha2-256",
"ecdsa-sha2-nistp256",
"ecdsa-sha2-nistp384",
"ecdsa-sha2-nistp521",
"rsa-sha2-512",
"rsa-sha2-256",
"ssh-rsa"
]
}
}, },
"header": { "header": {
"text": null, "text": null,
@ -32,34 +78,5 @@
"allowReauth": true, "allowReauth": true,
"allowReconnect": true, "allowReconnect": true,
"allowReplay": true "allowReplay": true
},
"algorithms": {
"kex": [
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group14-sha1"
],
"cipher": [
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"aes128-gcm",
"aes128-gcm@openssh.com",
"aes256-gcm",
"aes256-gcm@openssh.com",
"aes256-cbc"
],
"hmac": [
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"compress": [
"none",
"zlib@openssh.com",
"zlib"
]
} }
} }