Expose new libssh option publickey_accepted_algorithms

ansible-collections · Oct 27, 2023 · c938265 · c938265
1 parent fada835
commit c938265
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 0 deletions.
diff --git a/docs/ansible.netcommon.libssh_connection.rst b/docs/ansible.netcommon.libssh_connection.rst
@@ -220,6 +220,29 @@ Parameters
                         <div>TODO: write it</div>
                 </td>
             </tr>
+            <tr>
+                <td colspan="1">
+                    <div class="ansibleOptionAnchor" id="parameter-"></div>
+                    <b>publickey_accepted_algorithms</b>
+                    <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
+                    <div style="font-size: small">
+                        <span style="color: purple">string</span>
+                    </div>
+                </td>
+                <td>
+                        <b>Default:</b><br/><div style="color: blue">""</div>
+                </td>
+                    <td>
+                            <div> ini entries:
+                                    <p>[libssh_connection]<br>publickey_algorithms = </p>
+                            </div>
+                                <div>env:ANSIBLE_LIBSSH_PUBLICKEY_ALGORITHMS</div>
+                                <div>var: ansible_libssh_publickey_algorithms</div>
+                    </td>
+                <td>
+                        <div>List of algorithms to forward to SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES.</div>
+                </td>
+            </tr>
             <tr>
                 <td colspan="1">
                     <div class="ansibleOptionAnchor" id="parameter-"></div>

diff --git a/plugins/connection/libssh.py b/plugins/connection/libssh.py
@@ -100,6 +100,17 @@
           - section: libssh_connection
             key: pty
         type: boolean
+      publickey_accepted_algorithms:
+        default: ''
+        description:
+            - List of algorithms to forward to SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES.
+        type: string
+        env:
+          - name: ANSIBLE_LIBSSH_PUBLICKEY_ALGORITHMS
+        ini:
+          - {key: publickey_algorithms, section: libssh_connection}
+        vars:
+          - name: ansible_libssh_publickey_algorithms
       host_key_checking:
         description: 'Set this to "False" if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host'
         type: boolean
@@ -401,6 +412,11 @@ def _connect_uncached(self):
                     "Please upgrade to ansible-pylibssh 1.0.0 or newer." % PYLIBSSH_VERSION
                 )
 
+            if self.get_option("publickey_accepted_algorithms"):
+                ssh_connect_kwargs["publickey_accepted_algorithms"] = self.get_option(
+                    "publickey_accepted_algorithms"
+                )
+
             self.ssh.set_missing_host_key_policy(MyAddPolicy(self._new_stdin, self))
 
             self.ssh.connect(