Old SSH Terminal Remote Interactive Console Helper
Version: 0.1.8
New versions of SSH no longer have old ciphers compiled in as they are considered insecure. Similarly a lot of older equipment used 768 bit host keys and later versions of SSH will not connect to hosts with less that 1024 bit host keys.
However, sometimes we need to connect to an old piece of hardware that has older versions of SSH that can not be upgraded. An example of this is connecting to old APC PDUs.
This script provides a wrapper that:
- Creates a docker image based on Ubuntu 16.04 which has a version of SSH with older ciphers
- Runs SSH/SCP from the docker container with older cipher options
CC BY-SA: https://creativecommons.org/licenses/by-sa/4.0/
Fund me here: https://ko-fi.com/richardatlateralblast
This script is currently going through a refresh and clean up.
The old script can be located in the old subdirectory.
As this script is primarily designed for connecting to older SSH servers, and older docker container with and old version of SSH and thus Linux is required. Also old Key Exchange algorithms are enabled by default, and strict host checking is disabled.
The following components are required on the deployment host and target:
- docker
- docker-compose
An example of installing docker and docker-compose on Ubuntu:
sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
sudo apt-update
sudo apt install docker-ce
sudo apt install docker-compose
The script will check if the docker image ostrich exists, if not it will create it.
If for some reason this fails, there is a Docker and compose file included that can be run manaually in the directory where the Dockerfile is:
docker-compose build
SSH to a host:
./ozzie.sh [email protected]
SSH to a host (starts an interactive session):
./ozzie.sh --ssh --username admin --hostname 192.168.10.250
SCP a file to a host:
./ozzie.sh /tmp/blah [email protected]:/tmp/blah
SCP a file to a host:
./ozzie.sh --username admin --hostname 192.168.1.100 --source /tmp/blah --destination /tmp/blah
SSH to a host and run a command:
./ozzie.sh username@hostname "ls -l"
Get usage information:
./ozzie.sh --help
Usage: ozzie.sh --action(s) [action(,action)] --option(s) [option(,option)]
switch(es):
-----------
switch(es):
-----------
--action*)
Action(s) to perform
--check*)
Check Docker install
-c|--cipher)
Cipher
--composefile)
Docker compose file
--command)
Run command via SSH
--copy|--scp)
SCP
-D|--sftps*)
SFTP server path
-i|--identity*)
SFTP server path
-F|--sshconf*)
SSH config
--destfile|--destinationfile)
Destination file (SCP)
-J|--destination)
Destination
--dockerfile)
Docker file
--dryrun)
Dry run
-h|--help)
Display help
-l}--limit)
Limit
--oldkex)
Enable old key exchange algorithms
--nooldkex)
Disable old key exchange algorithms
-o)
SSH/SCP Options
--ping)
Enable ping test
--noping)
Enable ping test
-P|--port)
Port
-S|--program)
Program to use for the encrypted connection
-s|--host|--hostname)
Hostname
--source*)
Destination file (SCP)
--ssh)
SSH
--sshopt*)
Additional SSH/SCP options
--strict)
Enable strict mode
--nostrict)
Disable strict mode
--tag|--name)
Container name
--usage)
Usage
-u|--user*)
Username
-V|--version)
Display Version
-v|--verbose)
Enable verbose mode
-X|--sftpo*)
Program to use for the encrypted connection
Get actions usage/information:
Usage: ozzie.sh --action(s) [action(,action)] --option(s) [option(,option)]
action(s):
----------
check*)
Check docker
shell*)
Run shellcheck against script
ssh|scp)
Perform SSH or SCP action
Get options usage/information:
Usage: ozzie.sh --action(s) [action(,action)] --option(s) [option(,option)]
option(s):
----------
verbose (default = true)
Verbose mode
"ssh" (default = )
SSH mode
scp (default = false)
SCP mode
strict (default = false)
Strict mode
oldkex (default = true)
Use old key exchange algorithms
debug (default = false)
Debug mode
dryrun (default = false)
Dryrun mode
username (default = spindler)
SSH username
hostname (default = )
Hostname to SSH to
sourcefile (default = )
Source file
command (default = )
Command to run via SSH
docker (default = )
Docker command
destfile (default = )
Destination file
builddir (default = /tmp/ostrich)
Docker build directory
dockerfile (default = /tmp/ostrich/Dockerfile)
Docker file
composefile (default = /tmp/ostrich/docker-compose.yml)
Compose file
container (default = ostrich)
Container name/tag
sshargs (default = )
SSH options
ping (default = )
Enable ping test