/usr/lib/ruby/vendor_ruby/net/ssh/verifiers/lenient.rb is in ruby-net-ssh 1:4.2.0-2ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 | require 'net/ssh/verifiers/strict'
module Net; module SSH; module Verifiers
# Basically the same as the Strict verifier, but does not try to actually
# verify a connection if the server is the localhost and the port is a
# nonstandard port number. Those two conditions will typically mean the
# connection is being tunnelled through a forwarded port, so the known-hosts
# file will not be helpful (in general).
class Lenient < Strict
# Tries to determine if the connection is being tunnelled, and if so,
# returns true. Otherwise, performs the standard strict verification.
def verify(arguments)
return true if tunnelled?(arguments)
super
end
private
# A connection is potentially being tunnelled if the port is not 22,
# and the ip refers to the localhost.
def tunnelled?(args)
return false if args[:session].port == Net::SSH::Transport::Session::DEFAULT_PORT
ip = args[:session].peer[:ip]
return ip == "127.0.0.1" || ip == "::1"
end
end
end; end; end
|