From matthew.rubenstein@blue-green-group.com Fri Dec 2 19:27:58 2016 Received: (at submit) by bugs.x2go.org; 2 Dec 2016 18:27:59 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: * X-Spam-Status: No, score=1.3 required=3.0 tests=BAYES_50,DKIM_SIGNED, DKIM_VALID,RCVD_IN_SORBS_SPAM,URIBL_BLOCKED autolearn=no version=3.3.2 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 8B88B5DBE7 for ; Fri, 2 Dec 2016 19:27:58 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uys7r3b2pFPC for ; Fri, 2 Dec 2016 19:27:51 +0100 (CET) Received: from mail-qt0-f169.google.com (mail-qt0-f169.google.com [209.85.216.169]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 6BDB05DA91 for ; Fri, 2 Dec 2016 19:27:51 +0100 (CET) Received: by mail-qt0-f169.google.com with SMTP id n6so260211274qtd.1 for ; Fri, 02 Dec 2016 10:27:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blue-green-group-com.20150623.gappssmtp.com; s=20150623; h=message-id:subject:from:to:date:mime-version :content-transfer-encoding; bh=Xh2fsRU39UkPY8KqxlUCXPXeXY+7pRTMhs5VnTlaUws=; b=YjQIdxEV9qcc0h9BRBAfpL/39AuwDyH/82xVpAkeuJNbO7GWUvMUW6zeR6nu6We7ZZ ek/D0XO4MRaBzGntUlWd7fYkdxQitU7V+5vc0nprPia/SRUXMFR/7aWUHynu7xpiIuTF FsYdtVrOsBN6jx6V+InzpRgYsGT42hLHrjm6bff4IyGQ8Nm1wENxpKm4qjNTA8KteTk7 8lup6+xG7qxIawWasZiNO1thShb1EVlcZLqCy5uCxt5w2OLWjrXWPjAwteGCQWCEyevg rhi3ynIsngwhAMIZU3uzm96RRJDNYll+6fMoDBXWfLa4p5zBI879hCNUKKR0WEKcpBYw zwpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:subject:from:to:date:mime-version :content-transfer-encoding; bh=Xh2fsRU39UkPY8KqxlUCXPXeXY+7pRTMhs5VnTlaUws=; b=PcAX1CYhBDlfQVq0dWDeW0OSeGwfGIawuD97aQGiCScUv9HrIE+Ijqeq7wCISLlzTs GwDRGVN9+didtaD0S9mbirfrQ0oAJ1xD54AaQkJMVbuFBF9Lvfy4qUJmUz4l5T7Blcx8 MTinnGDB7d7nn2B46OWSMhVQMuLhbC4QwVUZVDyiWZvhAZkN0YdtT3n9jQbVUob58JDm Mz+3Pt8JFNUilwEfWcS/upswweZ3mOceKiMfafJBHGWuV24hPCkYgYYS62dpwpXuVK+5 8z0adrIKhxvIot7tqVs+YzdvGOshu2GT18evGFu+1TOT+2//qxg0JF8Xvi+sa27QNKdt higw== X-Gm-Message-State: AKaTC02dbzVmgkLdD3CWfGM2843mrTexlfXifKjLkeKn2KswONgzBIsIcrbphUfM2reGUQ== X-Received: by 10.237.60.200 with SMTP id e8mr39491730qtf.248.1480703270093; Fri, 02 Dec 2016 10:27:50 -0800 (PST) Received: from studion177 (ool-4356cd50.dyn.optonline.net. [67.86.205.80]) by smtp.gmail.com with ESMTPSA id j64sm3168385qkc.24.2016.12.02.10.27.49 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 02 Dec 2016 10:27:49 -0800 (PST) Message-ID: <1480703268.1913.24.camel@blue-green-group.com> Subject: x2goclient Doesn't Use libssh Config File From: Matthew Rubenstein To: submit@bugs.x2go.org Date: Fri, 02 Dec 2016 13:27:48 -0500 Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.22.1-0ubuntu2 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Package: x2goclient Version: 4.0.5.1 Severity: wishlist Hello. x2goclient uses libssh but does not use a client config file the way libssh can, ssh_options_parse_config() http://api.libssh.org/master/group__libssh__session.html#ga82371e723260 c7572ea061edecc2e9f1 ~/.ssh/config or /etc/ssh_config are essential for client configuration of the ssh connection over which x2go sessions run. Among other important configurations are Ciphers and KexAlgorithms specifications, with which a client can require only trusted crypto algorithms or else refuse connection. The current code simply negotiates whichever algorithm is the first match in the hardcoded libssh list to whatever the remote sshd specifies (eg. in its sshd_config file). The agreed algorithm is currently not exposed to the x2goclient user, but specifying it in the client config file would make it knowable by the user depending on it. There are many other configurations the config file could specify, to make x2goclient meet user requirements, even just "work the same as my other ssh sessions" where libssh supports those features. The Session preferences dialog's Connection tab could expose a file open dialog to select a config file. That file open dialog could default to the user's .ssh directory, or else to the directory specified in the Session tab's "Use RSA/DSA key [...]" value if any. -- Matthew.Rubenstein@Blue-Green-Group.com 718-233-5097