From dca6c35ac8fd556a33ff331edfed5c1a122fdc8f Mon Sep 17 00:00:00 2001
From: RoniKish <34077434+RoniKish@users.noreply.github.com>
Date: Thu, 10 Feb 2022 10:48:18 +0200
Subject: [PATCH] Add option to connect with disabled_algorithms (#149)

* Add option to connect with disabled_algorithms

* Added disabled_algorithms to FakeExecutor

* Added docs on using disabled algorithms

* Fix pep8 mistakes

* move disabled_algorithms to executor

* Fix tests for disabled_algorithms

* Fix read me

* fix None to disabled_algorithms in ssh.py

* Move disabled_algorithms from executor to host

* Move disabled_algorithms to RemoteExecutorFactory

* Remove space around dict

Co-authored-by: RoniKish <R_k@gmail.com>
---
 README.rst      | 12 ++++++++++++
 rrmngmnt/ssh.py | 20 +++++++++++++++++---
 2 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/README.rst b/README.rst
index 063e825..43b223a 100644
--- a/README.rst
+++ b/README.rst
@@ -34,6 +34,18 @@ Using SSH key for authentication
 
     h.executor(user).run_cmd(['echo', 'Use pkey for auth instead of password'])
 
+Using SSH key with disabled algorithms on paramiko SSHClient connect (Used when connecting to machines using old SSH)
+
+.. code:: python
+
+    from rrmngmnt import Host, UserWithPKey, RemoteExecutorFactory
+
+    h = Host("10.11.12.13")
+    h.executor_factory = RemoteExecutorFactory(disabled_algorithms=dict(pubkeys=['rsa-sha2-256', 'rsa-sha2-512'])
+    user = UserWithPKey('user', '/path/to/pkey'))
+
+    h.executor(user).run_cmd(['echo', 'Use pkey and disabled algorithms for old openSSH connection'])
+
 Features
 --------
 
diff --git a/rrmngmnt/ssh.py b/rrmngmnt/ssh.py
index 7a79a84..c8e41f4 100644
--- a/rrmngmnt/ssh.py
+++ b/rrmngmnt/ssh.py
@@ -98,6 +98,7 @@ def open(self):
                     timeout=self._timeout,
                     pkey=self.pkey,
                     port=self._executor.port,
+                    disabled_algorithms=self._executor.disabled_algorithms
                 )
             except (socket.gaierror, socket.herror) as ex:
                 args = list(ex.args)
@@ -215,7 +216,13 @@ def run(self, input_, timeout=None, get_pty=False):
                 self.err = normalize_string(err.read())
             return self.rc, self.out, self.err
 
-    def __init__(self, user, address, use_pkey=False, port=22, sudo=False):
+    def __init__(self,
+                 user,
+                 address,
+                 use_pkey=False,
+                 port=22,
+                 sudo=False,
+                 disabled_algorithms=None):
         """
         Args:
             use_pkey (bool): Use ssh private key in the connection
@@ -229,6 +236,7 @@ def __init__(self, user, address, use_pkey=False, port=22, sudo=False):
         self.use_pkey = use_pkey
         self.port = port
         self.sudo = sudo
+        self.disabled_algorithms = disabled_algorithms
         if use_pkey:
             warnings.warn(
                 "Parameter 'use_pkey' is deprecated and will be removed in "
@@ -327,9 +335,10 @@ def wait_for_connectivity_state(
 
 
 class RemoteExecutorFactory(ExecutorFactory):
-    def __init__(self, use_pkey=False, port=22):
+    def __init__(self, use_pkey=False, port=22, disabled_algorithms=None):
         self.use_pkey = use_pkey
         self.port = port
+        self.disabled_algorithms = disabled_algorithms
         if use_pkey:
             warnings.warn(
                 "Parameter 'use_pkey' is deprecated and will be removed in "
@@ -338,4 +347,9 @@ def __init__(self, use_pkey=False, port=22):
 
     def build(self, host, user, sudo=False):
         return RemoteExecutor(
-            user, host.ip, use_pkey=self.use_pkey, port=self.port, sudo=sudo)
+            user,
+            host.ip,
+            use_pkey=self.use_pkey,
+            port=self.port,
+            sudo=sudo,
+            disabled_algorithms=self.disabled_algorithms)