1*a91a2465SEd Maste# $OpenBSD: putty-kex.sh,v 1.11 2024/02/09 08:56:59 dtucker Exp $ 2ce3adf43SDag-Erling Smørgrav# Placed in the Public Domain. 3ce3adf43SDag-Erling Smørgrav 4ce3adf43SDag-Erling Smørgravtid="putty KEX" 5ce3adf43SDag-Erling Smørgrav 6*a91a2465SEd Masteputtysetup 7e9e8876aSEd Maste 8*a91a2465SEd Mastecp ${OBJ}/sshd_proxy ${OBJ}/sshd_proxy_bak 9ce3adf43SDag-Erling Smørgrav 10*a91a2465SEd Maste# Enable group1, which PuTTY now disables by default 11*a91a2465SEd Masteecho "KEX=dh-group1-sha1" >>${OBJ}/.putty/sessions/localhost_proxy 12ce3adf43SDag-Erling Smørgrav 13*a91a2465SEd Maste# Grepping algos out of the binary is pretty janky, but AFAIK there's no way 14*a91a2465SEd Maste# to query supported algos. 15*a91a2465SEd Mastekex="" 16*a91a2465SEd Mastefor k in `$SSH -Q kex`; do 17*a91a2465SEd Maste if strings "${PLINK}" | grep -E "^${k}$" >/dev/null; then 18*a91a2465SEd Maste kex="${kex} ${k}" 19*a91a2465SEd Maste else 20*a91a2465SEd Maste trace "omitting unsupported KEX ${k}" 21ce3adf43SDag-Erling Smørgrav fi 22ce3adf43SDag-Erling Smørgravdone 23ce3adf43SDag-Erling Smørgrav 24*a91a2465SEd Mastefor k in ${kex}; do 25*a91a2465SEd Maste verbose "$tid: kex $k" 26*a91a2465SEd Maste cp ${OBJ}/sshd_proxy_bak ${OBJ}/sshd_proxy 27*a91a2465SEd Maste echo "KexAlgorithms ${k}" >>${OBJ}/sshd_proxy 28*a91a2465SEd Maste 29*a91a2465SEd Maste env HOME=$PWD ${PLINK} -v -load localhost_proxy -batch -i ${OBJ}/putty.rsa2 true \ 30*a91a2465SEd Maste 2>${OBJ}/log/putty-kex-$k.log 31*a91a2465SEd Maste if [ $? -ne 0 ]; then 32*a91a2465SEd Maste fail "KEX $k failed" 33*a91a2465SEd Maste fi 34*a91a2465SEd Maste kexmsg=`grep -E '^Doing.* key exchange' ${OBJ}/log/putty-kex-$k.log` 35*a91a2465SEd Maste trace putty: ${kexmsg} 36*a91a2465SEd Mastedone 37