From 12c613f3b4371d7975b65049dc5b5db054ae32e0 Mon Sep 17 00:00:00 2001 From: "Greg T. Wallace" Date: Thu, 6 Jun 2024 22:51:13 -0400 Subject: [PATCH] apcssh: remove logging For sanity and consistency, centralize logging in the app with the app's loggers. --- pkg/apcssh/client.go | 8 +------- pkg/app/cmd_install.go | 5 +++++ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/pkg/apcssh/client.go b/pkg/apcssh/client.go index 33b01d5..4e7f1d3 100644 --- a/pkg/apcssh/client.go +++ b/pkg/apcssh/client.go @@ -4,9 +4,7 @@ import ( "crypto/sha256" "encoding/base64" "encoding/hex" - "errors" "fmt" - "log" "net" "runtime" "strings" @@ -57,10 +55,7 @@ func New(cfg *Config) (*Client, error) { // check for fingerprint match (b64 or hex) if actualHashB64 != cfg.ServerFingerprint && actualHashHex != cfg.ServerFingerprint { - log.Printf("apcssh: remote server key fingerprint (b64): %s", actualHashB64) - log.Printf("apcssh: remote server key fingerprint (hex): %s", actualHashHex) - - return errors.New("apcssh: fingerprint didn't match") + return fmt.Errorf("apcssh: server returned wrong fingerprint (b64: %s ; hex: %s)", actualHashB64, actualHashHex) } return nil @@ -86,7 +81,6 @@ func New(cfg *Config) (*Client, error) { // insecure cipher options? if cfg.InsecureCipher { - log.Println("WARNING: insecure ciphers are enabled (--insecurecipher). SSH with an insecure cipher is NOT secure and should NOT be used.") ciphers = append(ciphers, "aes128-cbc", "3des-cbc") } diff --git a/pkg/app/cmd_install.go b/pkg/app/cmd_install.go index f4b8a22..3cdf2cf 100644 --- a/pkg/app/cmd_install.go +++ b/pkg/app/cmd_install.go @@ -51,6 +51,11 @@ func (app *app) cmdInstall(cmdCtx context.Context, args []string) error { return err } + // log warning if insecure cipher + if app.config.install.insecureCipher != nil && *app.config.install.insecureCipher { + app.stdLogger.Println("WARNING: install: insecure ciphers are enabled (--insecurecipher). SSH with an insecure cipher is NOT secure and should NOT be used.") + } + // make APC SSH client cfg := &apcssh.Config{ Hostname: *app.config.install.hostAndPort,