Skip to content

Commit

Permalink
Make tsh puttyconfig disable GSSApi auth
Browse files Browse the repository at this point in the history
GSSApi auth can cause PuTTY to go into "Not Responding" mode while
waiting on a lookup. We can disable it in the generated PuTTY session to
avoid this issue.
  • Loading branch information
programmerq committed Nov 19, 2024
1 parent 8db3872 commit 84fce0c
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions tool/tsh/common/putty_config_windows.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,8 @@ const puttyDwordProxyLogToTerm = `00000002` // only until session starts
const puttyPermitRSASHA1 = `00000000`
const puttyPermitRSASHA256 = `00000001`
const puttyPermitRSASHA512 = `00000001`
const puttyAuthGSSAPI = `00000000`
const puttyAuthGSSAPIKEX = `00000000`

// despite the strings/ints in struct, these are stored in the registry as DWORDs
type puttyRegistrySessionDwords struct {
Expand All @@ -60,6 +62,8 @@ type puttyRegistrySessionDwords struct {
ProxyPort int // dword
ProxyMethod string // dword
ProxyLogToTerm string // dword
AuthGSSAPI string // dword
AuthGSSAPIKEX string // dword
}

type puttyRegistrySessionStrings struct {
Expand Down Expand Up @@ -93,6 +97,8 @@ func addPuTTYSession(proxyHostname string, hostname string, port int, login stri
ProxyPort: puttyDefaultProxyPort,
ProxyMethod: puttyDwordProxyMethod,
ProxyLogToTerm: puttyDwordProxyLogToTerm,
AuthGSSAPI: puttyAuthGSSAPI,
AuthGSSAPIKEX: puttyAuthGSSAPIKEX,
}

sessionStrings := puttyRegistrySessionStrings{
Expand Down Expand Up @@ -130,6 +136,12 @@ func addPuTTYSession(proxyHostname string, hostname string, port int, login stri
if err := registry.WriteDword(pk, "ProxyLogToTerm", sessionDwords.ProxyLogToTerm); err != nil {
return trace.Wrap(err)
}
if err := registry.WriteDword(pk, "AuthGSSAPI", sessionDwords.AuthGSSAPI); err != nil {
return trace.Wrap(err)
}
if err := registry.WriteDword(pk, "AuthGSSAPIKEX", sessionDwords.AuthGSSAPIKEX); err != nil {
return trace.Wrap(err)
}

// write strings
if err := registry.WriteString(pk, "Hostname", sessionStrings.Hostname); err != nil {
Expand Down

0 comments on commit 84fce0c

Please sign in to comment.