Diego ssh inline mod #1033

- Remove the very curious usage of '[:]', which was used because the hex function requires []byte, but md5/sha1.Sum give you [Size]byte, and [:] will return []byte. - Stop iterating through the bytes to construct the colonized string; use fmt.Sprintf("% x", data) as shown in Golang docs (and replace the spaces with colons): https://play.golang.org/p/e7W5FVB-hW

…enerators Simplify SHA1/MD5 fingerprint generators

Signed-off-by: Andrew Edgar <[email protected]>

[#101458218] Signed-off-by: Luan Santos <[email protected]>

[#108774978] Signed-off-by: Connor Braa <[email protected]>

[#108774978] Signed-off-by: James Myers <[email protected]>

[#105811350] Signed-off-by: Dan Lavine <[email protected]>

The cli team has integrated the authentication and interactive shell functions into the core.

[#110832166] Signed-off-by: James Myers <[email protected]>

[#110773500] Signed-off-by: James Myers <[email protected]>

This reverts commit 166b986. Signed-off-by: Dan Lavine <[email protected]>

[#107353646] Signed-off-by: Jen Spinney <[email protected]>

Remove chacha20 cipher from cmd/ssh-proxy/main.go file in accordance to SAP security standards in order to prevent vulnerabilities related to terapin attacks. Related BLI: https://jira.tools.sap/browse/CFAR-1064

Remove chacha20 cipher from cmd/sshd/main.go file in accordance to SAP security standards in order to prevent vulnerabilities related to terapin attacks. Related BLI: https://jira.tools.sap/browse/CFAR-1064

Remove chacha20 cipher from tests Related BLI: https://jira.tools.sap/browse/CFAR-1064

for SHA256 the accepted value is a base64 encoded value instead of hex pair.

…0db7383ee9bcf656eaec6bc50f9' git-subtree-dir: src/code.cloudfoundry.org/diego-ssh git-subtree-mainline: b824aeb git-subtree-split: bd398c2

linux-foundation-easycla · 2025-08-26T13:17:49Z

✅ login: DimitarSch / name: dimitarsch (7049bbe, 04a92b0, 680f78e, badd9d4)
✅ login: geofffranks / name: Geoff Franks (129a002, 290dd69, d0e61fe, 3db90b9, e5eaed3, adc1f26, df0301f, a73aaa4, 16a2bc4, 7461829, dd16875, d38c194, 19bc255, 4f068d9, ac210b7, f2368be, 8b59f7d, 7b0458d)
✅ login: mariash / name: Maria Shaldybin (6f19a31, 051ad77, 5e233c1, 1bdd96c, 991c3a9, 810ba66, ddb0135, 0e1b7b1, bd398c2, 4b24269, 1853596, 3a36901, 5542e25)
✅ login: ameowlia / name: Amelia Downs (138c885, 182f15a, a4977de, d9a2944, 0138f4e, b4cd6f2)
✅ login: winkingturtle-vmw / name: Amin Jamali (0db8c36, 1003fb5, a6d7524, 739cdc5)
✅ login: emalm / name: Eric Malm (1047a12, 1a29996, 7497fcf, 0f5b562, d4f94dc, e0c3eb9, efbaf5a)
✅ login: andrew-edgar / name: Andrew Edgar (c6292bb, 0c1efef, c542856, 0a0f2ba, d7edb85, 0bcbdc5)
✅ login: JamesClonk / name: Fabio Berchtold (c2e0008, cca2f2a)
✅ login: reneighbor / name: Renee Chu (0fc4f3a, 71ed07f)
✅ login: MarcPaquette / name: Marc Paquette (e96542e, fcfa02a, 016d223)
✅ login: kart2bc / name: Karthick Udayakumar (b28f013, b824aeb, 5ad37d6)
❌ The email address for the commit (8cc14e0, 7847384, 6c373b2, e1e411d, ff188ef, 19d2baa, d560480, f259678, 08b408d, f7fdb2a, af9d79f, 4e330a2, f299081, 3e7d2f4, c3bf02c, 4f2112b, f9b7545, 33e69be, 878a23c, 62afa25, 3f136c4, 71c5630, 5bd77ce, 512a1c1, b23c508, 8beefc1, 18cdb35, c9dc416, 091bfa6, 8982225, f0a2d8d, 72c4d7e, 30305a9, 3baf789, 0f92f36, f68f8a4, fd9db4f) is not linked to the GitHub account, preventing the EasyCLA check. Consult this Help Article and GitHub Help to resolve. (To view the commit's email address, add .patch at the end of this PR page's URL.) For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @jvshahid / name: John Shahid . The commit (46bd01f, d0a23d3, 2deb396, b0cbc38, b58d49a, 99e7818, 2923b71, 1d5d857, 61a4d27, 72df32a, 931ad9a, a3238a0, fab2259, 402201c, 0d8d8a4, 74208bc, e1c7132, 9f06b1d, fe896d7, c1520bf, 0ea1343, 22aea32, bbfc30d, df8cd01, 7eef40b, 90247b6, b514749, 1f4a252) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @sjolicoeur / name: Stephane Jolicoeur . The commit (9b3f460, 65db946, e65bd26) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @jfmyers9 / name: Jim Myers . The commit (86da3cf, 61bf75c, bc29b7e, 5e0bd9d, c3af3a0, 9b47eab, f66b4a5, 6377d20, 1a750f2, bcca109, 3dff1c7, b88aead, 44328c2, d08a40f, c900aa8, a22901e, 5bc46ed, c3de54e, 9ee2bf9, 4976a8d, 8e783ca, ff4e16e, 1aa0d9f, 69d0750, 1aa15c1, a3d710c, c31932f) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @robertjsullivan / name: Robert Sullivan . The commit (01335ca, 517d22c) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @sykesm / name: Matthew Sykes . The commit (9b6d2bf, 9eb2398, fb7cc19, 77140fa, 7be5d91, b5ed976, 6959ab2, 1cc2eb9, 0286037, 603398b) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @flawedmatrix / name: Edwin Xie . The commit (9928ba0, 9806bf5, 421727c, 7053984, 30df0e6) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @andyliuliming / name: Liming Liu . The commit (1174556) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @goonzoid / name: Will Pragnell . The commit (1000dd7, 9a61d39) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @joachimvaldez / name: Joachim Valdez . The commit (b5713cc, 3ce14ee, 183c5ab, 6b726c1) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @caod123 / name: Danny Cao . The commit (9ddfd3b, ea7a826, 8f216fb, 32bf6d5, fcd0983, 978f6c6) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @SocalNick / name: Nicholas Calugar . The commit (2775bfc, 18955d4, 54ad907) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @luan / name: Luan Santos . The commit (3baa210, fc5f549, 09a8c83, bf0955b, 8292045) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @krishicks / name: Kris Hicks . The commit (0b18356) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @crhino / name: Chris Piraino . The commit (dabbdc9, 1475d13, a327615, 5c819b8) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @jenspinney / name: Jen Spinney . The commit (0ae78e7, 46738e8, dbe8750, 214bf27, c655138, f3f25a7, 410cb55, 9eac0dc, 166b986) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @tas-runtime-bot / name: App Platform Runtime Working Group CI Bot . The commit (4d6c6f7, fab8c5a, 3efd7e8, ec3d721, f465a65, b5002bc) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @sesmith177 / name: Sam Smith . The commit (468b07b, 84db2a1) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @sunjayBhatia / name: Sunjay Bhatia . The commit (744d42f, 2b75a7a, 93ba2e0, fa05406) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @mhoran / name: Matthew Horan . The commit (2be354e) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @johnsonj / name: Jeff Johnson . The commit (fded206) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @cwlbraa / name: Connor Braa . The commit (550820a, 8c6a69b, dcbfba6, 71b7a68, 5675caa) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @nimakaviani / name: Nima Kaviani . The commit (dc29936, 3acbdfe, aded50a, 7cbc341, 816d867, 58eb902, 574f125, 602a5a6, c73d30c) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @swetharepakula / name: Swetha Repakula . The commit (e055be4, a0438f7) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @wendorf / name: Dan Wendorf . The commit (c8feb81) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @jrussett / name: Josh Russett . The commit (5473ddd) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @Birdrock / name: Andrew Wittrock . The commit (51df591) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @mdelillo / name: Mark DeLillo . The commit (89075dd) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.
❌ - login: @charlievieth / name: Charlie Vieth . The commit (de8b027) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.

sykesm and others added 30 commits September 22, 2015 13:31

Add get-ssh-code command information

603398b

[##103353142] Signed-off-by: Connor Braa <[email protected]>

Add get-ssh-code to plugin command list

1cc2eb9

[#103353142] Signed-off-by: Connor Braa <[email protected]>

CLI plugin uses authentication code as ssh password

9b6d2bf

[#103324660]

Remove bearer token authentication with ssh-proxy

0286037

[#103324662]

Update plugin version

b5ed976

Keep Alive for non-interactive sessions

b88aead

[#101789464] Signed-off-by: Andrew Edgar <[email protected]>

Send app instance index when checking ssh_access from CC

bcca109

[#103827886] Signed-off-by: Andrew Edgar <[email protected]>

Add flags to configure BBS HTTP client

fc5f549

[#103957864]

Save off original file infos for comparison

f299081

* scp itself modifies access time in normal operation [#104680132] Signed-off-by: James Myers <[email protected]>

Update README.md

0b18356

Merge pull request cloudfoundry#8 from krishicks/patch-1

efbaf5a

Update README.md

Clarify scope of CLI version notice

d4f94dc

improve fatal log messages around CF authentication

71b7a68

Signed-off-by: Sam Nelson <[email protected]>

dropsondePort is configurable

3f136c4

[#103689460] Signed-off-by: Sam Nelson <[email protected]>

Additional logging context in proxy

9eb2398

Wait for exec stream copies to complete

fb7cc19

Signed-off-by: Michael Fraenkel <[email protected]>

Merge remote-tracking branch 'origin/pr/14'

9ee2bf9

Merge pull request cloudfoundry#12 from krishicks/simplify-sha1-md5-g…

18955d4

…enerators Simplify SHA1/MD5 fingerprint generators

Add sftp subsystem to daemon

6959ab2

Merge remote-tracking branch 'origin/pr/15'

a22901e

Signed-off-by: Andrew Edgar <[email protected]>

Inherit PATH from sshd environment

166b986

[#101458218] Signed-off-by: Luan Santos <[email protected]>

Fix fakeBBS route to v2

bc29b7e

[#108774978] Signed-off-by: Connor Braa <[email protected]>

Update fakeBBS routes

dcbfba6

[#108774978] Signed-off-by: James Myers <[email protected]>

SSH Proxy emits metrics about the number of connections

0a0f2ba

[#105811350] Signed-off-by: Dan Lavine <[email protected]>

Remove cli plugin from diego-ssh

77140fa

The cli team has integrated the authentication and interactive shell functions into the core.

Bump cf-plugin version to 0.2.2

2775bfc

[#110832166] Signed-off-by: James Myers <[email protected]>

Merge remote-tracking branch 'origin/pr/16'

54ad907

[#110773500] Signed-off-by: James Myers <[email protected]>

Revert "Inherit PATH from sshd environment"

550820a

This reverts commit 166b986. Signed-off-by: Dan Lavine <[email protected]>

Add logging when metric sending fails

138c885

[#107353646] Signed-off-by: Jen Spinney <[email protected]>

tas-runtime-bot and others added 22 commits October 1, 2024 19:48

Sync README.md

3efd7e8

Use SHA256 Instead of SHA1

016d223

WIP Update name for SHA256

fcfa02a

Support SHA1 & SHA256

e96542e

Sync README.md

ec3d721

Sync README.md

fab8c5a

Sync README.md

b5002bc

Sync README.md

4d6c6f7

Remove chacha20 cipher from cmd/ssh-proxy/main.go

badd9d4

Remove chacha20 cipher from cmd/ssh-proxy/main.go file in accordance to SAP security standards in order to prevent vulnerabilities related to terapin attacks. Related BLI: https://jira.tools.sap/browse/CFAR-1064

Remove chacha20 cipher from cmd/sshd/main.go

04a92b0

Remove chacha20 cipher from cmd/sshd/main.go file in accordance to SAP security standards in order to prevent vulnerabilities related to terapin attacks. Related BLI: https://jira.tools.sap/browse/CFAR-1064

Update ssh-proxy/main_test.go

680f78e

Remove chacha20 cipher from tests Related BLI: https://jira.tools.sap/browse/CFAR-1064

Update sshd/main_test.go

7049bbe

Remove chacha20 cipher from tests Related BLI: https://jira.tools.sap/browse/CFAR-1064

Use the correct package for SHA256

a6d7524

for SHA256 the accepted value is a base64 encoded value instead of hex pair.

fix typo

739cdc5

Update wording for error match

1853596

More error wording change

4b24269

Fix other error matching testst

5542e25

Fix sshd tests with error wording

3a36901

Fix error message

bd398c2

remove diego-ssh submodule entry

b824aeb

Add 'src/code.cloudfoundry.org/diego-ssh/' from commit 'bd398c2f4b891…

b28f013

…0db7383ee9bcf656eaec6bc50f9' git-subtree-dir: src/code.cloudfoundry.org/diego-ssh git-subtree-mainline: b824aeb git-subtree-split: bd398c2

Inline submodule diego-ssh into main repo

5ad37d6

cf-foundation-community-automation bot added this to Application Runtime Platform Working Group Aug 26, 2025

cf-foundation-community-automation bot moved this to Inbox in Application Runtime Platform Working Group Aug 26, 2025

Merge branch 'develop' into diego-ssh-inline-mod

0138f4e

ameowlia marked this pull request as ready for review September 10, 2025 18:05

ameowlia requested a review from a team as a code owner September 10, 2025 18:05

ameowlia merged commit 364aba1 into cloudfoundry:develop Sep 10, 2025

github-project-automation bot moved this from Inbox to Done in Application Runtime Platform Working Group Sep 10, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Diego ssh inline mod #1033

Diego ssh inline mod #1033

Uh oh!

kart2bc commented Aug 26, 2025 •

edited by ameowlia

Loading

Uh oh!

linux-foundation-easycla bot commented Aug 26, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

39 participants

Diego ssh inline mod #1033

Diego ssh inline mod #1033

Uh oh!

Conversation

kart2bc commented Aug 26, 2025 • edited by ameowlia Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Backward Compatibility

Uh oh!

linux-foundation-easycla bot commented Aug 26, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

39 participants

kart2bc commented Aug 26, 2025 •

edited by ameowlia

Loading

linux-foundation-easycla bot commented Aug 26, 2025 •

edited

Loading