|
|
@ -82,18 +82,19 @@ var ( |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
SSH struct { |
|
|
|
SSH struct { |
|
|
|
Disabled bool `ini:"DISABLE_SSH"` |
|
|
|
Disabled bool `ini:"DISABLE_SSH"` |
|
|
|
StartBuiltinServer bool `ini:"START_SSH_SERVER"` |
|
|
|
StartBuiltinServer bool `ini:"START_SSH_SERVER"` |
|
|
|
Domain string `ini:"SSH_DOMAIN"` |
|
|
|
Domain string `ini:"SSH_DOMAIN"` |
|
|
|
Port int `ini:"SSH_PORT"` |
|
|
|
Port int `ini:"SSH_PORT"` |
|
|
|
ListenHost string `ini:"SSH_LISTEN_HOST"` |
|
|
|
ListenHost string `ini:"SSH_LISTEN_HOST"` |
|
|
|
ListenPort int `ini:"SSH_LISTEN_PORT"` |
|
|
|
ListenPort int `ini:"SSH_LISTEN_PORT"` |
|
|
|
RootPath string `ini:"SSH_ROOT_PATH"` |
|
|
|
RootPath string `ini:"SSH_ROOT_PATH"` |
|
|
|
ServerCiphers []string `ini:"SSH_SERVER_CIPHERS"` |
|
|
|
RewriteAuthorizedKeysAtStrat bool `ini:"REWRITE_AUTHORIZED_KEYS_AT_START"` |
|
|
|
KeyTestPath string `ini:"SSH_KEY_TEST_PATH"` |
|
|
|
ServerCiphers []string `ini:"SSH_SERVER_CIPHERS"` |
|
|
|
KeygenPath string `ini:"SSH_KEYGEN_PATH"` |
|
|
|
KeyTestPath string `ini:"SSH_KEY_TEST_PATH"` |
|
|
|
MinimumKeySizeCheck bool `ini:"MINIMUM_KEY_SIZE_CHECK"` |
|
|
|
KeygenPath string `ini:"SSH_KEYGEN_PATH"` |
|
|
|
MinimumKeySizes map[string]int `ini:"-"` |
|
|
|
MinimumKeySizeCheck bool `ini:"MINIMUM_KEY_SIZE_CHECK"` |
|
|
|
|
|
|
|
MinimumKeySizes map[string]int `ini:"-"` |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// Security settings
|
|
|
|
// Security settings
|
|
|
@ -486,6 +487,7 @@ func NewContext() { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
SSH.RootPath = path.Join(homeDir, ".ssh") |
|
|
|
SSH.RootPath = path.Join(homeDir, ".ssh") |
|
|
|
|
|
|
|
SSH.RewriteAuthorizedKeysAtStrat = sec.Key("REWRITE_AUTHORIZED_KEYS_AT_START").MustBool() |
|
|
|
SSH.ServerCiphers = sec.Key("SSH_SERVER_CIPHERS").Strings(",") |
|
|
|
SSH.ServerCiphers = sec.Key("SSH_SERVER_CIPHERS").Strings(",") |
|
|
|
SSH.KeyTestPath = os.TempDir() |
|
|
|
SSH.KeyTestPath = os.TempDir() |
|
|
|
if err = Cfg.Section("server").MapTo(&SSH); err != nil { |
|
|
|
if err = Cfg.Section("server").MapTo(&SSH); err != nil { |
|
|
@ -504,6 +506,10 @@ func NewContext() { |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if SSH.StartBuiltinServer { |
|
|
|
|
|
|
|
SSH.RewriteAuthorizedKeysAtStrat = false |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// Check if server is eligible for minimum key size check when user choose to enable.
|
|
|
|
// Check if server is eligible for minimum key size check when user choose to enable.
|
|
|
|
// Windows server and OpenSSH version lower than 5.1 (https://github.com/gogits/gogs/issues/4507)
|
|
|
|
// Windows server and OpenSSH version lower than 5.1 (https://github.com/gogits/gogs/issues/4507)
|
|
|
|
// are forced to be disabled because the "ssh-keygen" in Windows does not print key type.
|
|
|
|
// are forced to be disabled because the "ssh-keygen" in Windows does not print key type.
|
|
|
|