From 4e6a15cf5b7c4a83b34e21c1ec54e0a2b5fab6dd Mon Sep 17 00:00:00 2001 From: alazik Date: Tue, 13 May 2025 17:58:01 +0200 Subject: [PATCH] Fixes #38425 - Make prune_known_hosts work on ed25519 keys Currently, prune_known_hosts does not work on ed25519 type SSH keys. This causes issues for example when rebuilding a provisioned host with the same ip address that uses ed25519 type keys. The rex jobs run on the host fail becase of a conflicting ssh key in the known_hosts smart proxy file. Normally, prune_known_hosts method is expected to take of such keys. prune_known_hosts uses the KnownHosts.search_for method from the net-ssh gem to find the associated keys. While ssh-ed25519 is among the supported types, for the method to process these keys additional gems need to be present. You can confirm this by examining the links below which point to the relevant parts of code in net-ssh. With the inclusion of new gems the issue is no longer present. [1]: https://github.com/net-ssh/net-ssh/blob/d9549e4226dc3aed12efcca24a8b6d349143f398/lib/net/ssh/known_hosts.rb#L106 [2]: https://github.com/net-ssh/net-ssh/blob/d9549e4226dc3aed12efcca24a8b6d349143f398/lib/net/ssh/authentication/ed25519_loader.rb --- smart_proxy_remote_execution_ssh.gemspec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/smart_proxy_remote_execution_ssh.gemspec b/smart_proxy_remote_execution_ssh.gemspec index b07913b..ce71563 100644 --- a/smart_proxy_remote_execution_ssh.gemspec +++ b/smart_proxy_remote_execution_ssh.gemspec @@ -30,6 +30,8 @@ Gem::Specification.new do |gem| gem.add_development_dependency('rack-test', '~> 0') gem.add_development_dependency('rubocop', '~> 0.82.0') + gem.add_runtime_dependency('ed25519', '>= 1.2', '< 2.0') + gem.add_runtime_dependency('bcrypt_pbkdf', '>= 1.0', '< 2.0') gem.add_runtime_dependency('smart_proxy_dynflow', '~> 0.9', '>= 0.9.4') gem.add_runtime_dependency('net-ssh', '~> 7.2') gem.add_runtime_dependency('mqtt', '~> 0.5')