From 9603fc818619574f10c02c47431eb0a7edafef9a Mon Sep 17 00:00:00 2001 From: Steven Agyekum Date: Wed, 6 Mar 2024 12:16:35 +0100 Subject: [PATCH] feat: Make usage of legacy rsa hostkeys conditional The usage of RSA host keys introduced with c7baefdc23c4bb3b517a16ffa6ddda31763f0be8 was adjusted to make it conditional/configurable and to keep backward compatibility --- entrypoint.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index a19b5cf..b854a54 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -13,8 +13,11 @@ echo "$INPUT_REMOTE_KEY" | SSH_PASS="$INPUT_REMOTE_KEY_PASS" agent-add set -eu # Variables. +LEGACY_RSA_HOSTKEYS="-o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa" +LEGACY_RSA_HOSTKEYS=$([ "$INPUT_LEGACY_ALLOW_RSA_HOSTKEYS" = "true" ] && echo "$LEGACY_RSA_HOSTKEYS" || echo "") + SWITCHES="$INPUT_SWITCHES" -RSH="ssh -o StrictHostKeyChecking=no -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa -p $INPUT_REMOTE_PORT $INPUT_RSH" +RSH="ssh -o StrictHostKeyChecking=no $LEGACY_RSA_HOSTKEYS -p $INPUT_REMOTE_PORT $INPUT_RSH" LOCAL_PATH="$GITHUB_WORKSPACE/$INPUT_PATH" DSN="$INPUT_REMOTE_USER@$INPUT_REMOTE_HOST"