[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 3/3] examples: Update ssh_server_fork for new SSH_BIND_OPTIONS_HOSTKEY


Tested by

ssh_server_fork -k <an ecdsa key> -k <an rsa key> ...

and connection succeeded with OpenSSH clients both for ECDSA and RSA
(the latter forced via -o HostKeyAlgorithms=ssh-rsa and some known
hosts clearing was necessary).  Also

ssh_server_fork -k <an ecdsa key> -k <another ecdsa key> ...

caused the second key to be used, as expected.

Signed-off-by: Alan Dunn <amdunn@xxxxxxxxx>
---
 examples/ssh_server_fork.c |   10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/examples/ssh_server_fork.c b/examples/ssh_server_fork.c
index 21177f3..837db6f 100644
--- a/examples/ssh_server_fork.c
+++ b/examples/ssh_server_fork.c
@@ -97,7 +97,8 @@ static struct argp_option options[] = {
         .key   = 'k',
         .arg   = "FILE",
         .flags = 0,
-        .doc   = "Set the host key.",
+        .doc   = "Set a host key.  Can be used multiple times.  "
+                 "Implies no default keys.",
         .group = 0
     },
     {
@@ -163,10 +164,11 @@ static error_t parse_opt (int key, char *arg, struct argp_state *state) {
             dsa_already_set = 1;
             break;
         case 'k':
-            /* This currently sets the public key algorithms the
-               server is willing to use, not which key files it will
-               load */
             ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, arg);
+            /* We can't track the types of keys being added with this
+               option, so let's ensure we keep the keys we're adding
+               by just not setting the default keys */
+            no_default_keys = 1;
             break;
         case 'r':
             ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY, arg);
-- 
1.7.9.5


References:
[PATCH 0/3] Add generic host key loadingAlan Dunn <amdunn@xxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org