fix: config move algorithims to ssh property

app/config.js

@@ -31,7 +31,39 @@ const defaultConfig = {
     readyTimeout: 20000,
     keepaliveInterval: 120000,
     keepaliveCountMax: 10,
-    alwaysSendKeyboardInteractivePrompts: false
+    alwaysSendKeyboardInteractivePrompts: false,
+    algorithms: {
+      kex: [
+        "ecdh-sha2-nistp256",
+        "ecdh-sha2-nistp384",
+        "ecdh-sha2-nistp521",
+        "diffie-hellman-group-exchange-sha256",
+        "diffie-hellman-group14-sha1"
+      ],
+      cipher: [
+        "aes128-ctr",
+        "aes192-ctr",
+        "aes256-ctr",
+        "aes128-gcm",
+        "aes128-gcm@openssh.com",
+        "aes256-gcm",
+        "aes256-gcm@openssh.com",
+        "aes256-cbc"
+      ],
+      hmac: ["hmac-sha2-256", "hmac-sha2-512", "hmac-sha1"],
+      serverHostKey: [
+        "ssh-ed25519",
+        "rsa-sha2-512",
+        "rsa-sha2-256",
+        "ecdsa-sha2-nistp256",
+        "ecdsa-sha2-nistp384",
+        "ecdsa-sha2-nistp521",
+        "rsa-sha2-512",
+        "rsa-sha2-256",
+        "ssh-rsa"
+      ],
+      compress: ["none", "zlib@openssh.com", "zlib"]
+    }
   },
   header: {
     text: null,
@@ -44,27 +76,6 @@ const defaultConfig = {
     allowReconnect: true,
     allowReplay: true
   },
-  algorithms: {
-    kex: [
-      "ecdh-sha2-nistp256",
-      "ecdh-sha2-nistp384",
-      "ecdh-sha2-nistp521",
-      "diffie-hellman-group-exchange-sha256",
-      "diffie-hellman-group14-sha1"
-    ],
-    cipher: [
-      "aes128-ctr",
-      "aes192-ctr",
-      "aes256-ctr",
-      "aes128-gcm",
-      "aes128-gcm@openssh.com",
-      "aes256-gcm",
-      "aes256-gcm@openssh.com",
-      "aes256-cbc"
-    ],
-    hmac: ["hmac-sha2-256", "hmac-sha2-512", "hmac-sha1"],
-    compress: ["none", "zlib@openssh.com", "zlib"]
-  },
   session: {
     secret: process.env.WEBSSH_SESSION_SECRET || generateSecureSecret(),
     name: "webssh2.sid"

app/configSchema.js

@@ -38,7 +38,33 @@ const configSchema = {
         term: { type: "string" },
         readyTimeout: { type: "integer" },
         keepaliveInterval: { type: "integer" },
-        keepaliveCountMax: { type: "integer" }
+        keepaliveCountMax: { type: "integer" },
+        algorithms: {
+          type: "object",
+          properties: {
+            kex: {
+              type: "array",
+              items: { type: "string" }
+            },
+            cipher: {
+              type: "array",
+              items: { type: "string" }
+            },
+            hmac: {
+              type: "array",
+              items: { type: "string" }
+            },
+            serverHostKey: {
+              type: "array",
+              items: { type: "string" }
+            },
+            compress: {
+              type: "array",
+              items: { type: "string" }
+            }
+          },
+          required: ["kex", "cipher", "hmac", "serverHostKey", "compress"]
+        }
       },
       required: [
         "host",
@@ -68,28 +94,6 @@ const configSchema = {
       },
       required: ["challengeButton", "allowReauth", "allowReplay"]
     },
-    algorithms: {
-      type: "object",
-      properties: {
-        kex: {
-          type: "array",
-          items: { type: "string" }
-        },
-        cipher: {
-          type: "array",
-          items: { type: "string" }
-        },
-        hmac: {
-          type: "array",
-          items: { type: "string" }
-        },
-        compress: {
-          type: "array",
-          items: { type: "string" }
-        }
-      },
-      required: ["kex", "cipher", "hmac", "compress"]
-    },
     session: {
       type: "object",
       properties: {
@@ -99,6 +103,6 @@ const configSchema = {
       required: ["secret", "name"]
     }
   },
-  required: ["listen", "http", "user", "ssh", "header", "options", "algorithms"]
+  required: ["listen", "http", "user", "ssh", "header", "options"]
 }
 module.exports = configSchema

config.json.sample

@@ -11,6 +11,10 @@
     "password": null,
     "privatekey": null
   },
+  "session": {
+    "secret": "secret",
+    "name": "webssh2"
+  },
   "ssh": {
     "host": null,
     "port": 22,
@@ -20,7 +24,49 @@
     "readyTimeout": 20000,
     "keepaliveInterval": 120000,
     "keepaliveCountMax": 10,
-    "allowedSubnets": []
+    "allowedSubnets": [],
+    "alwaysSendKeyboardInteractivePrompts": false,
+    "algorithms": {
+      "kex": [
+        "curve25519-sha256",
+        "ecdh-sha2-nistp256",
+        "ecdh-sha2-nistp384",
+        "ecdh-sha2-nistp521",
+        "diffie-hellman-group-exchange-sha256",
+        "diffie-hellman-group14-sha1"
+      ],
+      "cipher": [
+        "aes128-ctr",
+        "aes192-ctr",
+        "aes256-ctr",
+        "aes128-gcm",
+        "aes128-gcm@openssh.com",
+        "aes256-gcm",
+        "aes256-gcm@openssh.com",
+        "aes256-cbc"
+      ],
+      "hmac": [
+        "hmac-sha2-256",
+        "hmac-sha2-512",
+        "hmac-sha1"
+      ],
+      "compress": [
+        "none",
+        "zlib@openssh.com",
+        "zlib"
+      ],
+      "serverHostKey": [
+        "ssh-ed25519",
+        "rsa-sha2-512",
+        "rsa-sha2-256",
+        "ecdsa-sha2-nistp256",
+        "ecdsa-sha2-nistp384",
+        "ecdsa-sha2-nistp521",
+        "rsa-sha2-512",
+        "rsa-sha2-256",
+        "ssh-rsa"
+      ]
+    }
   },
   "header": {
     "text": null,
@@ -32,34 +78,5 @@
     "allowReauth": true,
     "allowReconnect": true,
     "allowReplay": true
-  },
-  "algorithms": {
-    "kex": [
-      "ecdh-sha2-nistp256",
-      "ecdh-sha2-nistp384",
-      "ecdh-sha2-nistp521",
-      "diffie-hellman-group-exchange-sha256",
-      "diffie-hellman-group14-sha1"
-    ],
-    "cipher": [
-      "aes128-ctr",
-      "aes192-ctr",
-      "aes256-ctr",
-      "aes128-gcm",
-      "aes128-gcm@openssh.com",
-      "aes256-gcm",
-      "aes256-gcm@openssh.com",
-      "aes256-cbc"
-    ],
-    "hmac": [
-      "hmac-sha2-256",
-      "hmac-sha2-512",
-      "hmac-sha1"
-    ],
-    "compress": [
-      "none",
-      "zlib@openssh.com",
-      "zlib"
-    ]
   }
 }