Update docs and remove a leftover DSA certificate algorithm (#1632)

* Update docs and remove a leftover DSA certificate algorithm

* more cleanup

Author: Rob-Hague

README.md

@@ -8,12 +8,12 @@ SSH.NET is a Secure Shell (SSH-2) library for .NET, optimized for parallelism.
 
 ## Key Features
 
-* Execution of SSH command using both synchronous and asynchronous methods
+* Execution of SSH commands using both synchronous and asynchronous methods
 * SFTP functionality for both synchronous and asynchronous operations
 * SCP functionality
-* Remote, dynamic and local port forwarding 
+* Remote, dynamic and local port forwarding
 * Interactive shell/terminal implementation
-* Authentication via publickey, password and keyboard-interactive methods, including multi-factor
+* Authentication via public key, password and keyboard-interactive methods, including multi-factor
 * Connection via SOCKS4, SOCKS5 or HTTP proxy
 
 ## How to Use
@@ -52,12 +52,12 @@ using (var client = new SftpClient("sftp.foo.com", "guest", "pwd"))
 
 The main types provided by this library are:
 
-* Renci.SshNet.SshClient
-* Renci.SshNet.SftpClient
-* Renci.SshNet.ScpClient
-* Renci.SshNet.PrivateKeyFile
-* Renci.SshNet.SshCommand
-* Renci.SshNet.ShellStream
+* [Renci.SshNet.SshClient](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.SshClient.html)
+* [Renci.SshNet.SftpClient](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.SftpClient.html)
+* [Renci.SshNet.PrivateKeyFile](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.PrivateKeyFile.html)
+* [Renci.SshNet.SshCommand](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.SshCommand.html)
+* [Renci.SshNet.ForwardedPort](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.ForwardedPort.html)
+* [Renci.SshNet.ShellStream](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.ShellStream.html)
 
 ## Additional Documentation
 
@@ -106,11 +106,6 @@ The main types provided by this library are:
   * ssh.com format ("BEGIN SSH2 ENCRYPTED PRIVATE KEY")
   * OpenSSH key format ("BEGIN OPENSSH PRIVATE KEY")
   * PuTTY private key format ("PuTTY-User-Key-File-2", "PuTTY-User-Key-File-3")
-* DSA in
-  * OpenSSL traditional PEM format ("BEGIN DSA PRIVATE KEY")
-  * OpenSSL PKCS#8 PEM format ("BEGIN PRIVATE KEY", "BEGIN ENCRYPTED PRIVATE KEY")
-  * ssh.com format ("BEGIN SSH2 ENCRYPTED PRIVATE KEY")
-  * PuTTY private key format ("PuTTY-User-Key-File-2", "PuTTY-User-Key-File-3")
 * ECDSA 256/384/521 in
   * OpenSSL traditional PEM format ("BEGIN EC PRIVATE KEY")
   * OpenSSL PKCS#8 PEM format ("BEGIN PRIVATE KEY", "BEGIN ENCRYPTED PRIVATE KEY")
@@ -158,7 +153,8 @@ Private keys in PuTTY private key format can be encrypted using the following ci
 * rsa-sha2-512
 * rsa-sha2-256
 * ssh-rsa
-* ssh-dss
+
+OpenSSH certificate authentication is supported for all of the above, e.g. ssh-ed25519-cert-v01<span></span>@openssh.com.
 
 ## Message Authentication Code
 
@@ -187,17 +183,17 @@ Private keys in PuTTY private key format can be encrypted using the following ci
 
 The library has no special requirements to build, other than an up-to-date .NET SDK. See also [CONTRIBUTING.md](https://github.com/sshnet/SSH.NET/blob/develop/CONTRIBUTING.md).
 
-## Using Pre-Release NuGet Package
+## Using Pre-Release NuGet Packages
 
-If you need an unreleased bugfix or feature, you can use the Pre-Release NuGet packages from the `develop` branch which are published to the [GitHub NuGet Registry](https://github.com/sshnet/SSH.NET/pkgs/nuget/SSH.NET).
-In order to pull packages from the registry you first have to create a Personal Access Token with the `read:packages` permissions. Then add a NuGet Source for SSH.NET:
-
-Note: you may have to add `--store-password-in-clear-text` on non-Windows platforms.
+Pre-release NuGet packages are published from the `develop` branch to the [GitHub NuGet Registry](https://github.com/sshnet/SSH.NET/pkgs/nuget/SSH.NET).
+In order to pull packages from the registry, create a Personal Access Token with the `read:packages` permissions. Then add a package source for SSH.NET:
 
 ```
 dotnet nuget add source --name SSH.NET --username <username> --password <personalaccesstoken> https://nuget.pkg.github.com/sshnet/index.json
 ```
 
+Note: you may have to add `--store-password-in-clear-text` on non-Windows platforms.
+
 Then you can add the the package as described [here](https://github.com/sshnet/SSH.NET/pkgs/nuget/SSH.NET).
 
 ## Supporting SSH.NET

docfx/toc.yml

@@ -4,3 +4,5 @@
   href: examples.md
 - name: API
   href: api/
+- name: Logging
+  href: logging.md

src/Renci.SshNet/ConnectionInfo.cs

@@ -398,7 +398,6 @@ public ConnectionInfo(string host, int port, string username, ProxyTypes proxyTy
             hostAlgs.Add("rsa-sha2-512-cert-v01@openssh.com", data => { var cert = new Certificate(data); return new CertificateHostAlgorithm("rsa-sha2-512-cert-v01@openssh.com", cert, new RsaDigitalSignature((RsaKey)cert.Key, HashAlgorithmName.SHA512), hostAlgs); });
             hostAlgs.Add("rsa-sha2-256-cert-v01@openssh.com", data => { var cert = new Certificate(data); return new CertificateHostAlgorithm("rsa-sha2-256-cert-v01@openssh.com", cert, new RsaDigitalSignature((RsaKey)cert.Key, HashAlgorithmName.SHA256), hostAlgs); });
             hostAlgs.Add("ssh-rsa-cert-v01@openssh.com", data => { var cert = new Certificate(data); return new CertificateHostAlgorithm("ssh-rsa-cert-v01@openssh.com", cert, hostAlgs); });
-            hostAlgs.Add("ssh-dss-cert-v01@openssh.com", data => { var cert = new Certificate(data); return new CertificateHostAlgorithm("ssh-dss-cert-v01@openssh.com", cert, hostAlgs); });
             hostAlgs.Add("ssh-ed25519", data => new KeyHostAlgorithm("ssh-ed25519", new ED25519Key(new SshKeyData(data))));
             hostAlgs.Add("ecdsa-sha2-nistp256", data => new KeyHostAlgorithm("ecdsa-sha2-nistp256", new EcdsaKey(new SshKeyData(data))));
             hostAlgs.Add("ecdsa-sha2-nistp384", data => new KeyHostAlgorithm("ecdsa-sha2-nistp384", new EcdsaKey(new SshKeyData(data))));

src/Renci.SshNet/PrivateKeyFile.cs

@@ -28,9 +28,6 @@ namespace Renci.SshNet
     ///         <description>RSA in OpenSSL PEM, ssh.com, OpenSSH and PuTTY key format</description>
     ///     </item>
     ///     <item>
-    ///         <description>DSA in OpenSSL PEM, ssh.com and PuTTY key format</description>
-    ///     </item>
-    ///     <item>
     ///         <description>ECDSA 256/384/521 in OpenSSL PEM, OpenSSH and PuTTY key format</description>
     ///     </item>
     ///     <item>
@@ -321,7 +318,6 @@ private void Open(Stream privateKey, string? passPhrase)
             switch (keyName)
             {
                 case "RSA PRIVATE KEY":
-                case "DSA PRIVATE KEY":
                 case "EC PRIVATE KEY":
                     var cipherName = privateKeyMatch.Result("${cipherName}");
                     var salt = privateKeyMatch.Result("${salt}");

src/Renci.SshNet/Security/Certificate.cs

@@ -22,7 +22,6 @@ public class Certificate
         /// The value is one of the following:
         /// <list type="bullet">
         ///     <item>ssh-rsa-cert-v01@openssh.com</item>
-        ///     <item>ssh-dss-cert-v01@openssh.com</item>
         ///     <item>ecdsa-sha2-nistp256-cert-v01@openssh.com</item>
         ///     <item>ecdsa-sha2-nistp384-cert-v01@openssh.com</item>
         ///     <item>ecdsa-sha2-nistp521-cert-v01@openssh.com</item>
@@ -203,7 +202,7 @@ public IDictionary<string, string> Extensions
         /// <summary>
         /// The CA key used to sign the certificate.
         /// The valid key types for CA keys are ssh-rsa,
-        /// ssh-dss, ssh-ed25519 and the ECDSA types ecdsa-sha2-nistp256,
+        /// ssh-ed25519 and the ECDSA types ecdsa-sha2-nistp256,
         /// ecdsa-sha2-nistp384, ecdsa-sha2-nistp521. "Chained" certificates, where
         /// the signature key type is a certificate type itself are NOT supported.
         /// Note that it is possible for a RSA certificate key to be signed by a

test/Renci.SshNet.IntegrationTests/HostKeyFile.cs

@@ -3,7 +3,6 @@
     public sealed class HostKeyFile
     {
         public static readonly HostKeyFile Rsa = new HostKeyFile("ssh-rsa", "/etc/ssh/ssh_host_rsa_key", 3072, new byte[] { 0x3d, 0x90, 0xd8, 0x0d, 0xd5, 0xe0, 0xb6, 0x13, 0x42, 0x7c, 0x78, 0x1e, 0x19, 0xa3, 0x99, 0x2b });
-        public static readonly HostKeyFile Dsa = new HostKeyFile("ssh-dsa", "/etc/ssh/ssh_host_dsa_key", 1024, new byte[] { 0xcc, 0xb4, 0x4c, 0xe1, 0xba, 0x6d, 0x15, 0x79, 0xec, 0xe1, 0x31, 0x9f, 0xc0, 0x4a, 0x07, 0x9d });
         public static readonly HostKeyFile Ed25519 = new HostKeyFile("ssh-ed25519", "/etc/ssh/ssh_host_ed25519_key", 256, new byte[] { 0xb3, 0xb9, 0xd0, 0x1b, 0x73, 0xc4, 0x60, 0xb4, 0xce, 0xed, 0x06, 0xf8, 0x58, 0x49, 0xa3, 0xda });
         public static readonly HostKeyFile Ecdsa256 = new HostKeyFile("ecdsa-sha2-nistp256", "/etc/ssh/ssh_host_ecdsa256_key", 256, new byte[] { 0xbe, 0x98, 0xa1, 0x54, 0x91, 0x2c, 0x96, 0xc3, 0x77, 0x39, 0x6e, 0x37, 0x8e, 0x64, 0x26, 0x72 });
         public static readonly HostKeyFile Ecdsa384 = new HostKeyFile("ecdsa-sha2-nistp384", "/etc/ssh/ssh_host_ecdsa384_key", 384, new byte[] { 0xab, 0xbb, 0x20, 0x07, 0x3c, 0xb2, 0x89, 0x9e, 0x40, 0xfe, 0x32, 0x56, 0xfe, 0xd9, 0x95, 0x0b });

test/Renci.SshNet.IntegrationTests/server/ssh/ssh_host_dsa_key

@@ -4,4 +4,3 @@ ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOwUDIZh
 ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBFL5NEL9uRhgkF2q+8m58EvtZq4mDGgcVEzafPRuNIn1018m9KuqNpOQ6d+435n+MRYThe4MUdijSIDuopX2i14Z35oKZ9x2LsV+RxQczjmbnoWZdvgcvdOo6jiJdY7XJw== Key.OPENSSH.ECDSA384.Encrypted
 ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAH9BVM6bRhbELtgdMGsin5lM42R2EWoT+6Akakl5rQy2tHHLIYGLEfaqI+0iUo2V6MxEf9w0hVz6SEsF+yDgyrYPQCIieaB1oBvIl+PZmL1XsuAXs2uMRsNJb4myGU/DiekxqzIPa0LMrBZ4xmErcn5Gazkw1EA0B3HoaW5wj+geI/efQ== Key.OPENSSH.ECDSA521.Encrypted
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGFdyflleGqSPOhgSYZf7ZQFlG0zEL9VDGC69UbtaaBy Key.OPENSSH.ED25519.Encrypted
-ssh-dss AAAAB3NzaC1kc3MAAACBAI8gyHFchkVhkPiwkhkjFDqN6w2nFWTqVy9sLjFs38oEWLMpAw9+c132erUptAhNQ6JZUAVZGllv/3V5hksSDyChe9WY5IfsOlh6X0dcZCwBKysEzQlPyMFqAtbc9uv7oUWNzBfvEbtV6WN/VmcmXf7dyo3EBVXbBFdPl1NKC7W9AAAAFQDY1+bTt7s2iNmYoBE4C9hdWRCyeQAAAIAEtj09ugx/Tdl6bo7X6mX17hcgVgIxcYj5VNONg2k6IHmRFriLviYaS68mIB4SG3jmvvxbXAGqR1bWBUrv90n0wpxxcuuNoCFylJQyuqUkzSsUHb0WMcncZ/tBQt+NJnRB1Zp9sw8n20ocpg3WVPdaXTtc4pk83NYB6ywG6UFPvgAAAIAX+De5dwo33LMl9W8IvA4dY8Q1wshdycAGJzhy+qYF9dCcwD1Pg+4EbPjYPmzJopsVrK97v9QhxyYcXMr/iHhngGwd9nYNzzSKx665vkSjzyeJWpeQ+fvNV3CLItP01ypbUreM+s+Vz1wor5joLKcDS4X0oQ0RIVZNEHnekuLuFg== Key.SSH2.DSA.Encrypted.Des.CBC.12345

test/Renci.SshNet.IntegrationTests/user/sshnet/authorized_keys

@@ -16,7 +16,6 @@ public sealed class HostKeyAlgorithm
         public static readonly HostKeyAlgorithm RsaSha2512 = new HostKeyAlgorithm("rsa-sha2-512");
         public static readonly HostKeyAlgorithm RsaSha2256 = new HostKeyAlgorithm("rsa-sha2-256");
         public static readonly HostKeyAlgorithm SshRsa = new HostKeyAlgorithm("ssh-rsa");
-        public static readonly HostKeyAlgorithm SshDss = new HostKeyAlgorithm("ssh-dss");
 
         public HostKeyAlgorithm(string name)
         {

test/Renci.SshNet.TestTools.OpenSSH/HostKeyAlgorithm.cs

@@ -9,7 +9,6 @@ public sealed class PublicKeyAlgorithm
         public static readonly PublicKeyAlgorithm SshRsa = new PublicKeyAlgorithm("ssh-rsa");
         public static readonly PublicKeyAlgorithm RsaSha2256 = new PublicKeyAlgorithm("rsa-sha2-256");
         public static readonly PublicKeyAlgorithm RsaSha2512 = new PublicKeyAlgorithm("rsa-sha2-512");
-        public static readonly PublicKeyAlgorithm SshDss = new PublicKeyAlgorithm("ssh-dss");
         public static readonly PublicKeyAlgorithm EcdsaSha2Nistp256 = new PublicKeyAlgorithm("ecdsa-sha2-nistp256");
         public static readonly PublicKeyAlgorithm EcdsaSha2Nistp384 = new PublicKeyAlgorithm("ecdsa-sha2-nistp384");
         public static readonly PublicKeyAlgorithm EcdsaSha2Nistp521 = new PublicKeyAlgorithm("ecdsa-sha2-nistp521");
@@ -18,7 +17,6 @@ public sealed class PublicKeyAlgorithm
         public static readonly PublicKeyAlgorithm SshRsaCertV01OpenSSH = new PublicKeyAlgorithm("ssh-rsa-cert-v01@openssh.com");
         public static readonly PublicKeyAlgorithm RsaSha2256CertV01OpenSSH = new PublicKeyAlgorithm("rsa-sha2-256-cert-v01@openssh.com");
         public static readonly PublicKeyAlgorithm RsaSha2512CertV01OpenSSH = new PublicKeyAlgorithm("rsa-sha2-512-cert-v01@openssh.com");
-        public static readonly PublicKeyAlgorithm SshDssCertV01OpenSSH = new PublicKeyAlgorithm("ssh-dss-cert-v01@openssh.com");
         public static readonly PublicKeyAlgorithm EcdsaSha2Nistp256CertV01OpenSSH = new PublicKeyAlgorithm("ecdsa-sha2-nistp256-cert-v01@openssh.com");
         public static readonly PublicKeyAlgorithm EcdsaSha2Nistp384CertV01OpenSSH = new PublicKeyAlgorithm("ecdsa-sha2-nistp384-cert-v01@openssh.com");
         public static readonly PublicKeyAlgorithm EcdsaSha2Nistp521CertV01OpenSSH = new PublicKeyAlgorithm("ecdsa-sha2-nistp521-cert-v01@openssh.com");