Viewer: Don't stomp on OpenSSH cfg PreferredAuth

(again) Regression introduced by 5a583cd Referring to ae7a994, we don't want the default list of SSH authentication methods to contain gssapi-with-mic, but referring to 20537fc, we also want to allow the list of SSH authentication methods to be specified in an OpenSSH config file. This commit simply removes gssapi-with-mic from the default list of SSH authentication methods in JSch rather than trying to override the default list in the TurboVNC Viewer.
TurboVNC · Feb 25, 2023 · 6838846 · 6838846
1 parent 4a40896
commit 6838846
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 4 deletions.
diff --git a/ChangeLog.md b/ChangeLog.md
@@ -66,6 +66,8 @@ and `SSHKeyFile` parameters are not specified.
 `PubkeyAcceptedAlgorithms` OpenSSH config file keyword to specify a set of
 algorithms that should be appended to, prepended to, or removed from the
 default list.
+     - Fixed a regression introduced by 2.2.1[5] that caused the
+`PreferredAuthentications` OpenSSH config file keyword to be ignored.
 
 
 3.0.2

diff --git a/java/com/jcraft/jsch/JSch.java b/java/com/jcraft/jsch/JSch.java
@@ -132,7 +132,7 @@ public class JSch{
     config.put("StrictHostKeyChecking",  "ask");
     config.put("HashKnownHosts",  "no");
 
-    config.put("PreferredAuthentications", "gssapi-with-mic,publickey,keyboard-interactive,password");
+    config.put("PreferredAuthentications", "publickey,keyboard-interactive,password");
     config.put("PubkeyAcceptedAlgorithms", "rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521");
 
     config.put("CheckCiphers", "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256");

diff --git a/java/com/turbovnc/vncviewer/Tunnel.java b/java/com/turbovnc/vncviewer/Tunnel.java
@@ -241,9 +241,8 @@ protected static void createTunnelJSch(String host, Options opts)
       opts.sshSession.setConfig("StrictHostKeyChecking", "ask");
     opts.sshSession.setConfig("MaxAuthTries", "3");
     String auth = System.getProperty("turbovnc.sshauth");
-    if (auth == null)
-      auth = "publickey,keyboard-interactive,password";
-    opts.sshSession.setConfig("PreferredAuthentications", auth);
+    if (auth != null)
+      opts.sshSession.setConfig("PreferredAuthentications", auth);
     PasswdDialog dlg = new PasswdDialog(new String("SSH Authentication"),
                                         true, user, false, true, -1);
     if (!Utils.getBooleanProperty("turbovnc.sshkeytest", false))