Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523)

diff --git a/modules/ssh/ssh.go b/modules/ssh/ssh.go
index 2b7fd593b5eb1cf79fdc6618cf08919a863ed9a2..925f9615b4b38692e1a2f9c502b7f2cb3f00c8ce 100644 (file)
--- a/modules/ssh/ssh.go
+++ b/modules/ssh/ssh.go
@@ -241,13 +241,17 @@ func publicKeyHandler(ctx ssh.Context, key ssh.PublicKey) bool {
 
 // Listen starts a SSH server listens on given port.
 func Listen(host string, port int, ciphers []string, keyExchanges []string, macs []string) {
-       // TODO: Handle ciphers, keyExchanges, and macs
-
        srv := ssh.Server{
                Addr:             fmt.Sprintf("%s:%d", host, port),
                PublicKeyHandler: publicKeyHandler,
                Handler:          sessionHandler,
-
+               ServerConfigCallback: func(ctx ssh.Context) *gossh.ServerConfig {
+                       config := &gossh.ServerConfig{}
+                       config.KeyExchanges = keyExchanges
+                       config.MACs = macs
+                       config.Ciphers = ciphers
+                       return config
+               },
                // We need to explicitly disable the PtyCallback so text displays
                // properly.
                PtyCallback: func(ctx ssh.Context, pty ssh.Pty) bool {