vendor: explicitly vendor golang.org/x/sys

Vendor golang.org/x/sys to get the UtimesNanoAt function defined for all unix-like OSes. The function will be used in a successive commit. This also re-vendors the other dependencies from glide.yaml. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-10-20 11:38:03 +02:00 · 2017-10-20 11:38:03 +02:00 · 7742183cd4
commit 7742183cd4
parent 8bcd48e401
398 changed files with 23547 additions and 37694 deletions
--- a/vendor/golang.org/x/crypto/ssh/agent/client.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/client.go
@ -2,13 +2,12 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

-// Package agent implements the ssh-agent protocol, and provides both
-// a client and a server. The client can talk to a standard ssh-agent
-// that uses UNIX sockets, and one could implement an alternative
-// ssh-agent process using the sample server.
-//
-// References:
-//  [PROTOCOL.agent]:    http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.agent?rev=HEAD
+/*
+  Package agent implements a client to an ssh-agent daemon.
+
+References:
+  [PROTOCOL.agent]:    http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.agent
+*/
 package agent // import "golang.org/x/crypto/ssh/agent"

 import (
@ -25,7 +24,6 @@ import (
 	"math/big"
 	"sync"

-	"golang.org/x/crypto/ed25519"
 	"golang.org/x/crypto/ssh"
 )

@ -38,8 +36,9 @@ type Agent interface {
 	// in [PROTOCOL.agent] section 2.6.2.
 	Sign(key ssh.PublicKey, data []byte) (*ssh.Signature, error)

-	// Add adds a private key to the agent.
-	Add(key AddedKey) error
+	// Insert adds a private key to the agent. If a certificate
+	// is given, that certificate is added as public key.
+	Add(s interface{}, cert *ssh.Certificate, comment string) error

 	// Remove removes all identities with the given public key.
 	Remove(key ssh.PublicKey) error
@ -57,28 +56,9 @@ type Agent interface {
 	Signers() ([]ssh.Signer, error)
 }

-// AddedKey describes an SSH key to be added to an Agent.
-type AddedKey struct {
-	// PrivateKey must be a *rsa.PrivateKey, *dsa.PrivateKey or
-	// *ecdsa.PrivateKey, which will be inserted into the agent.
-	PrivateKey interface{}
-	// Certificate, if not nil, is communicated to the agent and will be
-	// stored with the key.
-	Certificate *ssh.Certificate
-	// Comment is an optional, free-form string.
-	Comment string
-	// LifetimeSecs, if not zero, is the number of seconds that the
-	// agent will store the key for.
-	LifetimeSecs uint32
-	// ConfirmBeforeUse, if true, requests that the agent confirm with the
-	// user before each use of this key.
-	ConfirmBeforeUse bool
-}
-
 // See [PROTOCOL.agent], section 3.
 const (
-	agentRequestV1Identities   = 1
-	agentRemoveAllV1Identities = 9
+	agentRequestV1Identities = 1

 	// 3.2 Requests from client to agent for protocol 2 key operations
 	agentAddIdentity         = 17
@ -185,13 +165,10 @@ func (k *Key) Marshal() []byte {
 	return k.Blob
 }

-// Verify satisfies the ssh.PublicKey interface.
+// Verify satisfies the ssh.PublicKey interface, but is not
+// implemented for agent keys.
 func (k *Key) Verify(data []byte, sig *ssh.Signature) error {
-	pubKey, err := ssh.ParsePublicKey(k.Blob)
-	if err != nil {
-		return fmt.Errorf("agent: bad public key: %v", err)
-	}
-	return pubKey.Verify(data, sig)
+	return errors.New("agent: agent key does not know how to verify")
 }

 type wireKey struct {
@ -381,8 +358,6 @@ func unmarshal(packet []byte) (interface{}, error) {
 		msg = new(identitiesAnswerAgentMsg)
 	case agentSignResponse:
 		msg = new(signResponseAgentMsg)
-	case agentV1IdentitiesAnswer:
-		msg = new(agentV1IdentityMsg)
 	default:
 		return nil, fmt.Errorf("agent: unknown type tag %d", packet[0])
 	}
@ -393,47 +368,36 @@ func unmarshal(packet []byte) (interface{}, error) {
 }

 type rsaKeyMsg struct {
-	Type        string `sshtype:"17|25"`
-	N           *big.Int
-	E           *big.Int
-	D           *big.Int
-	Iqmp        *big.Int // IQMP = Inverse Q Mod P
-	P           *big.Int
-	Q           *big.Int
-	Comments    string
-	Constraints []byte `ssh:"rest"`
+	Type     string `sshtype:"17"`
+	N        *big.Int
+	E        *big.Int
+	D        *big.Int
+	Iqmp     *big.Int // IQMP = Inverse Q Mod P
+	P        *big.Int
+	Q        *big.Int
+	Comments string
 }

 type dsaKeyMsg struct {
-	Type        string `sshtype:"17|25"`
-	P           *big.Int
-	Q           *big.Int
-	G           *big.Int
-	Y           *big.Int
-	X           *big.Int
-	Comments    string
-	Constraints []byte `ssh:"rest"`
+	Type     string `sshtype:"17"`
+	P        *big.Int
+	Q        *big.Int
+	G        *big.Int
+	Y        *big.Int
+	X        *big.Int
+	Comments string
 }

 type ecdsaKeyMsg struct {
-	Type        string `sshtype:"17|25"`
-	Curve       string
-	KeyBytes    []byte
-	D           *big.Int
-	Comments    string
-	Constraints []byte `ssh:"rest"`
-}
-
-type ed25519KeyMsg struct {
-	Type        string `sshtype:"17|25"`
-	Pub         []byte
-	Priv        []byte
-	Comments    string
-	Constraints []byte `ssh:"rest"`
+	Type     string `sshtype:"17"`
+	Curve    string
+	KeyBytes []byte
+	D        *big.Int
+	Comments string
 }

 // Insert adds a private key to the agent.
-func (c *client) insertKey(s interface{}, comment string, constraints []byte) error {
+func (c *client) insertKey(s interface{}, comment string) error {
 	var req []byte
 	switch k := s.(type) {
 	case *rsa.PrivateKey:
@ -442,54 +406,37 @@ func (c *client) insertKey(s interface{}, comment string, constraints []byte) er
 		}
 		k.Precompute()
 		req = ssh.Marshal(rsaKeyMsg{
-			Type:        ssh.KeyAlgoRSA,
-			N:           k.N,
-			E:           big.NewInt(int64(k.E)),
-			D:           k.D,
-			Iqmp:        k.Precomputed.Qinv,
-			P:           k.Primes[0],
-			Q:           k.Primes[1],
-			Comments:    comment,
-			Constraints: constraints,
+			Type:     ssh.KeyAlgoRSA,
+			N:        k.N,
+			E:        big.NewInt(int64(k.E)),
+			D:        k.D,
+			Iqmp:     k.Precomputed.Qinv,
+			P:        k.Primes[0],
+			Q:        k.Primes[1],
+			Comments: comment,
 		})
 	case *dsa.PrivateKey:
 		req = ssh.Marshal(dsaKeyMsg{
-			Type:        ssh.KeyAlgoDSA,
-			P:           k.P,
-			Q:           k.Q,
-			G:           k.G,
-			Y:           k.Y,
-			X:           k.X,
-			Comments:    comment,
-			Constraints: constraints,
+			Type:     ssh.KeyAlgoDSA,
+			P:        k.P,
+			Q:        k.Q,
+			G:        k.G,
+			Y:        k.Y,
+			X:        k.X,
+			Comments: comment,
 		})
 	case *ecdsa.PrivateKey:
 		nistID := fmt.Sprintf("nistp%d", k.Params().BitSize)
 		req = ssh.Marshal(ecdsaKeyMsg{
-			Type:        "ecdsa-sha2-" + nistID,
-			Curve:       nistID,
-			KeyBytes:    elliptic.Marshal(k.Curve, k.X, k.Y),
-			D:           k.D,
-			Comments:    comment,
-			Constraints: constraints,
-		})
-	case *ed25519.PrivateKey:
-		req = ssh.Marshal(ed25519KeyMsg{
-			Type:        ssh.KeyAlgoED25519,
-			Pub:         []byte(*k)[32:],
-			Priv:        []byte(*k),
-			Comments:    comment,
-			Constraints: constraints,
+			Type:     "ecdsa-sha2-" + nistID,
+			Curve:    nistID,
+			KeyBytes: elliptic.Marshal(k.Curve, k.X, k.Y),
+			D:        k.D,
+			Comments: comment,
 		})
 	default:
 		return fmt.Errorf("agent: unsupported key type %T", s)
 	}
-
-	// if constraints are present then the message type needs to be changed.
-	if len(constraints) != 0 {
-		req[0] = agentAddIdConstrained
-	}
-
 	resp, err := c.call(req)
 	if err != nil {
 		return err
@ -501,66 +448,40 @@ func (c *client) insertKey(s interface{}, comment string, constraints []byte) er
 }

 type rsaCertMsg struct {
-	Type        string `sshtype:"17|25"`
-	CertBytes   []byte
-	D           *big.Int
-	Iqmp        *big.Int // IQMP = Inverse Q Mod P
-	P           *big.Int
-	Q           *big.Int
-	Comments    string
-	Constraints []byte `ssh:"rest"`
+	Type      string `sshtype:"17"`
+	CertBytes []byte
+	D         *big.Int
+	Iqmp      *big.Int // IQMP = Inverse Q Mod P
+	P         *big.Int
+	Q         *big.Int
+	Comments  string
 }

 type dsaCertMsg struct {
-	Type        string `sshtype:"17|25"`
-	CertBytes   []byte
-	X           *big.Int
-	Comments    string
-	Constraints []byte `ssh:"rest"`
+	Type      string `sshtype:"17"`
+	CertBytes []byte
+	X         *big.Int
+	Comments  string
 }

 type ecdsaCertMsg struct {
-	Type        string `sshtype:"17|25"`
-	CertBytes   []byte
-	D           *big.Int
-	Comments    string
-	Constraints []byte `ssh:"rest"`
+	Type      string `sshtype:"17"`
+	CertBytes []byte
+	D         *big.Int
+	Comments  string
 }

-type ed25519CertMsg struct {
-	Type        string `sshtype:"17|25"`
-	CertBytes   []byte
-	Pub         []byte
-	Priv        []byte
-	Comments    string
-	Constraints []byte `ssh:"rest"`
-}
-
-// Add adds a private key to the agent. If a certificate is given,
+// Insert adds a private key to the agent. If a certificate is given,
 // that certificate is added instead as public key.
-func (c *client) Add(key AddedKey) error {
-	var constraints []byte
-
-	if secs := key.LifetimeSecs; secs != 0 {
-		constraints = append(constraints, agentConstrainLifetime)
-
-		var secsBytes [4]byte
-		binary.BigEndian.PutUint32(secsBytes[:], secs)
-		constraints = append(constraints, secsBytes[:]...)
-	}
-
-	if key.ConfirmBeforeUse {
-		constraints = append(constraints, agentConstrainConfirm)
-	}
-
-	if cert := key.Certificate; cert == nil {
-		return c.insertKey(key.PrivateKey, key.Comment, constraints)
+func (c *client) Add(s interface{}, cert *ssh.Certificate, comment string) error {
+	if cert == nil {
+		return c.insertKey(s, comment)
 	} else {
-		return c.insertCert(key.PrivateKey, cert, key.Comment, constraints)
+		return c.insertCert(s, cert, comment)
 	}
 }

-func (c *client) insertCert(s interface{}, cert *ssh.Certificate, comment string, constraints []byte) error {
+func (c *client) insertCert(s interface{}, cert *ssh.Certificate, comment string) error {
 	var req []byte
 	switch k := s.(type) {
 	case *rsa.PrivateKey:
@ -569,49 +490,32 @@ func (c *client) insertCert(s interface{}, cert *ssh.Certificate, comment string
 		}
 		k.Precompute()
 		req = ssh.Marshal(rsaCertMsg{
-			Type:        cert.Type(),
-			CertBytes:   cert.Marshal(),
-			D:           k.D,
-			Iqmp:        k.Precomputed.Qinv,
-			P:           k.Primes[0],
-			Q:           k.Primes[1],
-			Comments:    comment,
-			Constraints: constraints,
+			Type:      cert.Type(),
+			CertBytes: cert.Marshal(),
+			D:         k.D,
+			Iqmp:      k.Precomputed.Qinv,
+			P:         k.Primes[0],
+			Q:         k.Primes[1],
+			Comments:  comment,
 		})
 	case *dsa.PrivateKey:
 		req = ssh.Marshal(dsaCertMsg{
-			Type:        cert.Type(),
-			CertBytes:   cert.Marshal(),
-			X:           k.X,
-			Comments:    comment,
-			Constraints: constraints,
+			Type:      cert.Type(),
+			CertBytes: cert.Marshal(),
+			X:         k.X,
+			Comments:  comment,
 		})
 	case *ecdsa.PrivateKey:
 		req = ssh.Marshal(ecdsaCertMsg{
-			Type:        cert.Type(),
-			CertBytes:   cert.Marshal(),
-			D:           k.D,
-			Comments:    comment,
-			Constraints: constraints,
-		})
-	case *ed25519.PrivateKey:
-		req = ssh.Marshal(ed25519CertMsg{
-			Type:        cert.Type(),
-			CertBytes:   cert.Marshal(),
-			Pub:         []byte(*k)[32:],
-			Priv:        []byte(*k),
-			Comments:    comment,
-			Constraints: constraints,
+			Type:      cert.Type(),
+			CertBytes: cert.Marshal(),
+			D:         k.D,
+			Comments:  comment,
 		})
 	default:
 		return fmt.Errorf("agent: unsupported key type %T", s)
 	}

-	// if constraints are present then the message type needs to be changed.
-	if len(constraints) != 0 {
-		req[0] = agentAddIdConstrained
-	}
-
 	signer, err := ssh.NewSignerFromKey(s)
 	if err != nil {
 		return err
--- a/vendor/golang.org/x/crypto/ssh/agent/client_test.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/client_test.go
@ -14,7 +14,6 @@ import (
 	"path/filepath"
 	"strconv"
 	"testing"
-	"time"

 	"golang.org/x/crypto/ssh"
 )
@ -79,19 +78,14 @@ func startAgent(t *testing.T) (client Agent, socket string, cleanup func()) {
 	}
 }

-func testAgent(t *testing.T, key interface{}, cert *ssh.Certificate, lifetimeSecs uint32) {
+func testAgent(t *testing.T, key interface{}, cert *ssh.Certificate) {
 	agent, _, cleanup := startAgent(t)
 	defer cleanup()

-	testAgentInterface(t, agent, key, cert, lifetimeSecs)
+	testAgentInterface(t, agent, key, cert)
 }

-func testKeyring(t *testing.T, key interface{}, cert *ssh.Certificate, lifetimeSecs uint32) {
-	a := NewKeyring()
-	testAgentInterface(t, a, key, cert, lifetimeSecs)
-}
-
-func testAgentInterface(t *testing.T, agent Agent, key interface{}, cert *ssh.Certificate, lifetimeSecs uint32) {
+func testAgentInterface(t *testing.T, agent Agent, key interface{}, cert *ssh.Certificate) {
 	signer, err := ssh.NewSignerFromKey(key)
 	if err != nil {
 		t.Fatalf("NewSignerFromKey(%T): %v", key, err)
@ -106,15 +100,10 @@ func testAgentInterface(t *testing.T, agent Agent, key interface{}, cert *ssh.Ce
 	// Attempt to insert the key, with certificate if specified.
 	var pubKey ssh.PublicKey
 	if cert != nil {
-		err = agent.Add(AddedKey{
-			PrivateKey:   key,
-			Certificate:  cert,
-			Comment:      "comment",
-			LifetimeSecs: lifetimeSecs,
-		})
+		err = agent.Add(key, cert, "comment")
 		pubKey = cert
 	} else {
-		err = agent.Add(AddedKey{PrivateKey: key, Comment: "comment", LifetimeSecs: lifetimeSecs})
+		err = agent.Add(key, nil, "comment")
 		pubKey = signer.PublicKey()
 	}
 	if err != nil {
@ -142,25 +131,11 @@ func testAgentInterface(t *testing.T, agent Agent, key interface{}, cert *ssh.Ce
 	if err := pubKey.Verify(data, sig); err != nil {
 		t.Fatalf("Verify(%s): %v", pubKey.Type(), err)
 	}
-
-	// If the key has a lifetime, is it removed when it should be?
-	if lifetimeSecs > 0 {
-		time.Sleep(time.Second*time.Duration(lifetimeSecs) + 100*time.Millisecond)
-		keys, err := agent.List()
-		if err != nil {
-			t.Fatalf("List: %v", err)
-		}
-		if len(keys) > 0 {
-			t.Fatalf("key not expired")
-		}
-	}
-
 }

 func TestAgent(t *testing.T) {
-	for _, keyType := range []string{"rsa", "dsa", "ecdsa", "ed25519"} {
-		testAgent(t, testPrivateKeys[keyType], nil, 0)
-		testKeyring(t, testPrivateKeys[keyType], nil, 1)
+	for _, keyType := range []string{"rsa", "dsa", "ecdsa"} {
+		testAgent(t, testPrivateKeys[keyType], nil)
 	}
 }

@ -172,8 +147,7 @@ func TestCert(t *testing.T) {
 	}
 	cert.SignCert(rand.Reader, testSigners["ecdsa"])

-	testAgent(t, testPrivateKeys["rsa"], cert, 0)
-	testKeyring(t, testPrivateKeys["rsa"], cert, 1)
+	testAgent(t, testPrivateKeys["rsa"], cert)
 }

 // netPipe is analogous to net.Pipe, but it uses a real net.Conn, and
@ -182,10 +156,7 @@ func TestCert(t *testing.T) {
 func netPipe() (net.Conn, net.Conn, error) {
 	listener, err := net.Listen("tcp", "127.0.0.1:0")
 	if err != nil {
-		listener, err = net.Listen("tcp", "[::1]:0")
-		if err != nil {
-			return nil, nil, err
-		}
+		return nil, nil, err
 	}
 	defer listener.Close()
 	c1, err := net.Dial("tcp", listener.Addr().String())
@ -203,9 +174,6 @@ func netPipe() (net.Conn, net.Conn, error) {
 }

 func TestAuth(t *testing.T) {
-	agent, _, cleanup := startAgent(t)
-	defer cleanup()
-
 	a, b, err := netPipe()
 	if err != nil {
 		t.Fatalf("netPipe: %v", err)
@ -214,7 +182,10 @@ func TestAuth(t *testing.T) {
 	defer a.Close()
 	defer b.Close()

-	if err := agent.Add(AddedKey{PrivateKey: testPrivateKeys["rsa"], Comment: "comment"}); err != nil {
+	agent, _, cleanup := startAgent(t)
+	defer cleanup()
+
+	if err := agent.Add(testPrivateKeys["rsa"], nil, "comment"); err != nil {
 		t.Errorf("Add: %v", err)
 	}

@ -236,9 +207,7 @@ func TestAuth(t *testing.T) {
 		conn.Close()
 	}()

-	conf := ssh.ClientConfig{
-		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
-	}
+	conf := ssh.ClientConfig{}
 	conf.Auth = append(conf.Auth, ssh.PublicKeysCallback(agent.Signers))
 	conn, _, _, err := ssh.NewClientConn(b, "", &conf)
 	if err != nil {
@ -254,10 +223,10 @@ func TestLockClient(t *testing.T) {
 }

 func testLockAgent(agent Agent, t *testing.T) {
-	if err := agent.Add(AddedKey{PrivateKey: testPrivateKeys["rsa"], Comment: "comment 1"}); err != nil {
+	if err := agent.Add(testPrivateKeys["rsa"], nil, "comment 1"); err != nil {
 		t.Errorf("Add: %v", err)
 	}
-	if err := agent.Add(AddedKey{PrivateKey: testPrivateKeys["dsa"], Comment: "comment dsa"}); err != nil {
+	if err := agent.Add(testPrivateKeys["dsa"], nil, "comment dsa"); err != nil {
 		t.Errorf("Add: %v", err)
 	}
 	if keys, err := agent.List(); err != nil {
@ -307,42 +276,3 @@ func testLockAgent(agent Agent, t *testing.T) {
 		t.Errorf("Want 1 keys, got %v", keys)
 	}
 }
-
-func TestAgentLifetime(t *testing.T) {
-	agent, _, cleanup := startAgent(t)
-	defer cleanup()
-
-	for _, keyType := range []string{"rsa", "dsa", "ecdsa"} {
-		// Add private keys to the agent.
-		err := agent.Add(AddedKey{
-			PrivateKey:   testPrivateKeys[keyType],
-			Comment:      "comment",
-			LifetimeSecs: 1,
-		})
-		if err != nil {
-			t.Fatalf("add: %v", err)
-		}
-		// Add certs to the agent.
-		cert := &ssh.Certificate{
-			Key:         testPublicKeys[keyType],
-			ValidBefore: ssh.CertTimeInfinity,
-			CertType:    ssh.UserCert,
-		}
-		cert.SignCert(rand.Reader, testSigners[keyType])
-		err = agent.Add(AddedKey{
-			PrivateKey:   testPrivateKeys[keyType],
-			Certificate:  cert,
-			Comment:      "comment",
-			LifetimeSecs: 1,
-		})
-		if err != nil {
-			t.Fatalf("add: %v", err)
-		}
-	}
-	time.Sleep(1100 * time.Millisecond)
-	if keys, err := agent.List(); err != nil {
-		t.Errorf("List: %v", err)
-	} else if len(keys) != 0 {
-		t.Errorf("Want 0 keys, got %v", len(keys))
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/agent/example_test.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/example_test.go
@ -1,41 +0,0 @@
-// Copyright 2016 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package agent_test
-
-import (
-	"log"
-	"net"
-	"os"
-
-	"golang.org/x/crypto/ssh"
-	"golang.org/x/crypto/ssh/agent"
-)
-
-func ExampleClientAgent() {
-	// ssh-agent has a UNIX socket under $SSH_AUTH_SOCK
-	socket := os.Getenv("SSH_AUTH_SOCK")
-	conn, err := net.Dial("unix", socket)
-	if err != nil {
-		log.Fatalf("net.Dial: %v", err)
-	}
-	agentClient := agent.NewClient(conn)
-	config := &ssh.ClientConfig{
-		User: "username",
-		Auth: []ssh.AuthMethod{
-			// Use a callback rather than PublicKeys
-			// so we only consult the agent once the remote server
-			// wants it.
-			ssh.PublicKeysCallback(agentClient.Signers),
-		},
-		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
-	}
-
-	sshc, err := ssh.Dial("tcp", "localhost:22", config)
-	if err != nil {
-		log.Fatalf("Dial: %v", err)
-	}
-	// .. use sshc
-	sshc.Close()
-}
--- a/vendor/golang.org/x/crypto/ssh/agent/keyring.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/keyring.go
@ -11,7 +11,6 @@ import (
 	"errors"
 	"fmt"
 	"sync"
-	"time"

 	"golang.org/x/crypto/ssh"
 )
@ -19,7 +18,6 @@ import (
 type privKey struct {
 	signer  ssh.Signer
 	comment string
-	expire  *time.Time
 }

 type keyring struct {
@ -50,15 +48,21 @@ func (r *keyring) RemoveAll() error {
 	return nil
 }

-// removeLocked does the actual key removal. The caller must already be holding the
-// keyring mutex.
-func (r *keyring) removeLocked(want []byte) error {
+// Remove removes all identities with the given public key.
+func (r *keyring) Remove(key ssh.PublicKey) error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	if r.locked {
+		return errLocked
+	}
+
+	want := key.Marshal()
 	found := false
 	for i := 0; i < len(r.keys); {
 		if bytes.Equal(r.keys[i].signer.PublicKey().Marshal(), want) {
 			found = true
 			r.keys[i] = r.keys[len(r.keys)-1]
-			r.keys = r.keys[:len(r.keys)-1]
+			r.keys = r.keys[len(r.keys)-1:]
 			continue
 		} else {
 			i++
@ -71,18 +75,7 @@ func (r *keyring) removeLocked(want []byte) error {
 	return nil
 }

-// Remove removes all identities with the given public key.
-func (r *keyring) Remove(key ssh.PublicKey) error {
-	r.mu.Lock()
-	defer r.mu.Unlock()
-	if r.locked {
-		return errLocked
-	}
-
-	return r.removeLocked(key.Marshal())
-}
-
-// Lock locks the agent. Sign and Remove will fail, and List will return an empty list.
+// Lock locks the agent. Sign and Remove will fail, and List will empty an empty list.
 func (r *keyring) Lock(passphrase []byte) error {
 	r.mu.Lock()
 	defer r.mu.Unlock()
@ -111,17 +104,6 @@ func (r *keyring) Unlock(passphrase []byte) error {
 	return nil
 }

-// expireKeysLocked removes expired keys from the keyring. If a key was added
-// with a lifetimesecs contraint and seconds >= lifetimesecs seconds have
-// ellapsed, it is removed. The caller *must* be holding the keyring mutex.
-func (r *keyring) expireKeysLocked() {
-	for _, k := range r.keys {
-		if k.expire != nil && time.Now().After(*k.expire) {
-			r.removeLocked(k.signer.PublicKey().Marshal())
-		}
-	}
-}
-
 // List returns the identities known to the agent.
 func (r *keyring) List() ([]*Key, error) {
 	r.mu.Lock()
@ -131,7 +113,6 @@ func (r *keyring) List() ([]*Key, error) {
 		return nil, nil
 	}

-	r.expireKeysLocked()
 	var ids []*Key
 	for _, k := range r.keys {
 		pub := k.signer.PublicKey()
@ -144,38 +125,27 @@ func (r *keyring) List() ([]*Key, error) {
 }

 // Insert adds a private key to the keyring. If a certificate
-// is given, that certificate is added as public key. Note that
-// any constraints given are ignored.
-func (r *keyring) Add(key AddedKey) error {
+// is given, that certificate is added as public key.
+func (r *keyring) Add(priv interface{}, cert *ssh.Certificate, comment string) error {
 	r.mu.Lock()
 	defer r.mu.Unlock()
 	if r.locked {
 		return errLocked
 	}
-	signer, err := ssh.NewSignerFromKey(key.PrivateKey)
+	signer, err := ssh.NewSignerFromKey(priv)

 	if err != nil {
 		return err
 	}

-	if cert := key.Certificate; cert != nil {
+	if cert != nil {
 		signer, err = ssh.NewCertSigner(cert, signer)
 		if err != nil {
 			return err
 		}
 	}

-	p := privKey{
-		signer:  signer,
-		comment: key.Comment,
-	}
-
-	if key.LifetimeSecs > 0 {
-		t := time.Now().Add(time.Duration(key.LifetimeSecs) * time.Second)
-		p.expire = &t
-	}
-
-	r.keys = append(r.keys, p)
+	r.keys = append(r.keys, privKey{signer, comment})

 	return nil
 }
@ -188,7 +158,6 @@ func (r *keyring) Sign(key ssh.PublicKey, data []byte) (*ssh.Signature, error) {
 		return nil, errLocked
 	}

-	r.expireKeysLocked()
 	wanted := key.Marshal()
 	for _, k := range r.keys {
 		if bytes.Equal(k.signer.PublicKey().Marshal(), wanted) {
@ -206,7 +175,6 @@ func (r *keyring) Signers() ([]ssh.Signer, error) {
 		return nil, errLocked
 	}

-	r.expireKeysLocked()
 	s := make([]ssh.Signer, 0, len(r.keys))
 	for _, k := range r.keys {
 		s = append(s, k.signer)
--- a/vendor/golang.org/x/crypto/ssh/agent/keyring_test.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/keyring_test.go
@ -1,76 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package agent
-
-import "testing"
-
-func addTestKey(t *testing.T, a Agent, keyName string) {
-	err := a.Add(AddedKey{
-		PrivateKey: testPrivateKeys[keyName],
-		Comment:    keyName,
-	})
-	if err != nil {
-		t.Fatalf("failed to add key %q: %v", keyName, err)
-	}
-}
-
-func removeTestKey(t *testing.T, a Agent, keyName string) {
-	err := a.Remove(testPublicKeys[keyName])
-	if err != nil {
-		t.Fatalf("failed to remove key %q: %v", keyName, err)
-	}
-}
-
-func validateListedKeys(t *testing.T, a Agent, expectedKeys []string) {
-	listedKeys, err := a.List()
-	if err != nil {
-		t.Fatalf("failed to list keys: %v", err)
-		return
-	}
-	actualKeys := make(map[string]bool)
-	for _, key := range listedKeys {
-		actualKeys[key.Comment] = true
-	}
-
-	matchedKeys := make(map[string]bool)
-	for _, expectedKey := range expectedKeys {
-		if !actualKeys[expectedKey] {
-			t.Fatalf("expected key %q, but was not found", expectedKey)
-		} else {
-			matchedKeys[expectedKey] = true
-		}
-	}
-
-	for actualKey := range actualKeys {
-		if !matchedKeys[actualKey] {
-			t.Fatalf("key %q was found, but was not expected", actualKey)
-		}
-	}
-}
-
-func TestKeyringAddingAndRemoving(t *testing.T) {
-	keyNames := []string{"dsa", "ecdsa", "rsa", "user"}
-
-	// add all test private keys
-	k := NewKeyring()
-	for _, keyName := range keyNames {
-		addTestKey(t, k, keyName)
-	}
-	validateListedKeys(t, k, keyNames)
-
-	// remove a key in the middle
-	keyToRemove := keyNames[1]
-	keyNames = append(keyNames[:1], keyNames[2:]...)
-
-	removeTestKey(t, k, keyToRemove)
-	validateListedKeys(t, k, keyNames)
-
-	// remove all keys
-	err := k.RemoveAll()
-	if err != nil {
-		t.Fatalf("failed to remove all keys: %v", err)
-	}
-	validateListedKeys(t, k, []string{})
-}
--- a/vendor/golang.org/x/crypto/ssh/agent/server.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/server.go
@ -5,18 +5,13 @@
 package agent

 import (
-	"crypto/dsa"
-	"crypto/ecdsa"
-	"crypto/elliptic"
 	"crypto/rsa"
 	"encoding/binary"
-	"errors"
 	"fmt"
 	"io"
 	"log"
 	"math/big"

-	"golang.org/x/crypto/ed25519"
 	"golang.org/x/crypto/ssh"
 )

@ -54,9 +49,6 @@ func marshalKey(k *Key) []byte {
 	return ssh.Marshal(&record)
 }

-// See [PROTOCOL.agent], section 2.5.1.
-const agentV1IdentitiesAnswer = 2
-
 type agentV1IdentityMsg struct {
 	Numkeys uint32 `sshtype:"2"`
 }
@ -77,10 +69,6 @@ func (s *server) processRequest(data []byte) (interface{}, error) {
 	switch data[0] {
 	case agentRequestV1Identities:
 		return &agentV1IdentityMsg{0}, nil
-
-	case agentRemoveAllV1Identities:
-		return nil, nil
-
 	case agentRemoveIdentity:
 		var req agentRemoveIdentityMsg
 		if err := ssh.Unmarshal(data, &req); err != nil {
@ -133,7 +121,6 @@ func (s *server) processRequest(data []byte) (interface{}, error) {
 			return nil, err
 		}
 		return &signResponseAgentMsg{SigBlob: ssh.Marshal(sig)}, nil
-
 	case agentRequestIdentities:
 		keys, err := s.agent.List()
 		if err != nil {
@ -147,271 +134,42 @@ func (s *server) processRequest(data []byte) (interface{}, error) {
 			rep.Keys = append(rep.Keys, marshalKey(k)...)
 		}
 		return rep, nil
-
-	case agentAddIdConstrained, agentAddIdentity:
+	case agentAddIdentity:
 		return nil, s.insertIdentity(data)
 	}

 	return nil, fmt.Errorf("unknown opcode %d", data[0])
 }

-func parseRSAKey(req []byte) (*AddedKey, error) {
-	var k rsaKeyMsg
-	if err := ssh.Unmarshal(req, &k); err != nil {
-		return nil, err
-	}
-	if k.E.BitLen() > 30 {
-		return nil, errors.New("agent: RSA public exponent too large")
-	}
-	priv := &rsa.PrivateKey{
-		PublicKey: rsa.PublicKey{
-			E: int(k.E.Int64()),
-			N: k.N,
-		},
-		D:      k.D,
-		Primes: []*big.Int{k.P, k.Q},
-	}
-	priv.Precompute()
-
-	return &AddedKey{PrivateKey: priv, Comment: k.Comments}, nil
-}
-
-func parseEd25519Key(req []byte) (*AddedKey, error) {
-	var k ed25519KeyMsg
-	if err := ssh.Unmarshal(req, &k); err != nil {
-		return nil, err
-	}
-	priv := ed25519.PrivateKey(k.Priv)
-	return &AddedKey{PrivateKey: &priv, Comment: k.Comments}, nil
-}
-
-func parseDSAKey(req []byte) (*AddedKey, error) {
-	var k dsaKeyMsg
-	if err := ssh.Unmarshal(req, &k); err != nil {
-		return nil, err
-	}
-	priv := &dsa.PrivateKey{
-		PublicKey: dsa.PublicKey{
-			Parameters: dsa.Parameters{
-				P: k.P,
-				Q: k.Q,
-				G: k.G,
-			},
-			Y: k.Y,
-		},
-		X: k.X,
-	}
-
-	return &AddedKey{PrivateKey: priv, Comment: k.Comments}, nil
-}
-
-func unmarshalECDSA(curveName string, keyBytes []byte, privScalar *big.Int) (priv *ecdsa.PrivateKey, err error) {
-	priv = &ecdsa.PrivateKey{
-		D: privScalar,
-	}
-
-	switch curveName {
-	case "nistp256":
-		priv.Curve = elliptic.P256()
-	case "nistp384":
-		priv.Curve = elliptic.P384()
-	case "nistp521":
-		priv.Curve = elliptic.P521()
-	default:
-		return nil, fmt.Errorf("agent: unknown curve %q", curveName)
-	}
-
-	priv.X, priv.Y = elliptic.Unmarshal(priv.Curve, keyBytes)
-	if priv.X == nil || priv.Y == nil {
-		return nil, errors.New("agent: point not on curve")
-	}
-
-	return priv, nil
-}
-
-func parseEd25519Cert(req []byte) (*AddedKey, error) {
-	var k ed25519CertMsg
-	if err := ssh.Unmarshal(req, &k); err != nil {
-		return nil, err
-	}
-	pubKey, err := ssh.ParsePublicKey(k.CertBytes)
-	if err != nil {
-		return nil, err
-	}
-	priv := ed25519.PrivateKey(k.Priv)
-	cert, ok := pubKey.(*ssh.Certificate)
-	if !ok {
-		return nil, errors.New("agent: bad ED25519 certificate")
-	}
-	return &AddedKey{PrivateKey: &priv, Certificate: cert, Comment: k.Comments}, nil
-}
-
-func parseECDSAKey(req []byte) (*AddedKey, error) {
-	var k ecdsaKeyMsg
-	if err := ssh.Unmarshal(req, &k); err != nil {
-		return nil, err
-	}
-
-	priv, err := unmarshalECDSA(k.Curve, k.KeyBytes, k.D)
-	if err != nil {
-		return nil, err
-	}
-
-	return &AddedKey{PrivateKey: priv, Comment: k.Comments}, nil
-}
-
-func parseRSACert(req []byte) (*AddedKey, error) {
-	var k rsaCertMsg
-	if err := ssh.Unmarshal(req, &k); err != nil {
-		return nil, err
-	}
-
-	pubKey, err := ssh.ParsePublicKey(k.CertBytes)
-	if err != nil {
-		return nil, err
-	}
-
-	cert, ok := pubKey.(*ssh.Certificate)
-	if !ok {
-		return nil, errors.New("agent: bad RSA certificate")
-	}
-
-	// An RSA publickey as marshaled by rsaPublicKey.Marshal() in keys.go
-	var rsaPub struct {
-		Name string
-		E    *big.Int
-		N    *big.Int
-	}
-	if err := ssh.Unmarshal(cert.Key.Marshal(), &rsaPub); err != nil {
-		return nil, fmt.Errorf("agent: Unmarshal failed to parse public key: %v", err)
-	}
-
-	if rsaPub.E.BitLen() > 30 {
-		return nil, errors.New("agent: RSA public exponent too large")
-	}
-
-	priv := rsa.PrivateKey{
-		PublicKey: rsa.PublicKey{
-			E: int(rsaPub.E.Int64()),
-			N: rsaPub.N,
-		},
-		D:      k.D,
-		Primes: []*big.Int{k.Q, k.P},
-	}
-	priv.Precompute()
-
-	return &AddedKey{PrivateKey: &priv, Certificate: cert, Comment: k.Comments}, nil
-}
-
-func parseDSACert(req []byte) (*AddedKey, error) {
-	var k dsaCertMsg
-	if err := ssh.Unmarshal(req, &k); err != nil {
-		return nil, err
-	}
-	pubKey, err := ssh.ParsePublicKey(k.CertBytes)
-	if err != nil {
-		return nil, err
-	}
-	cert, ok := pubKey.(*ssh.Certificate)
-	if !ok {
-		return nil, errors.New("agent: bad DSA certificate")
-	}
-
-	// A DSA publickey as marshaled by dsaPublicKey.Marshal() in keys.go
-	var w struct {
-		Name       string
-		P, Q, G, Y *big.Int
-	}
-	if err := ssh.Unmarshal(cert.Key.Marshal(), &w); err != nil {
-		return nil, fmt.Errorf("agent: Unmarshal failed to parse public key: %v", err)
-	}
-
-	priv := &dsa.PrivateKey{
-		PublicKey: dsa.PublicKey{
-			Parameters: dsa.Parameters{
-				P: w.P,
-				Q: w.Q,
-				G: w.G,
-			},
-			Y: w.Y,
-		},
-		X: k.X,
-	}
-
-	return &AddedKey{PrivateKey: priv, Certificate: cert, Comment: k.Comments}, nil
-}
-
-func parseECDSACert(req []byte) (*AddedKey, error) {
-	var k ecdsaCertMsg
-	if err := ssh.Unmarshal(req, &k); err != nil {
-		return nil, err
-	}
-
-	pubKey, err := ssh.ParsePublicKey(k.CertBytes)
-	if err != nil {
-		return nil, err
-	}
-	cert, ok := pubKey.(*ssh.Certificate)
-	if !ok {
-		return nil, errors.New("agent: bad ECDSA certificate")
-	}
-
-	// An ECDSA publickey as marshaled by ecdsaPublicKey.Marshal() in keys.go
-	var ecdsaPub struct {
-		Name string
-		ID   string
-		Key  []byte
-	}
-	if err := ssh.Unmarshal(cert.Key.Marshal(), &ecdsaPub); err != nil {
-		return nil, err
-	}
-
-	priv, err := unmarshalECDSA(ecdsaPub.ID, ecdsaPub.Key, k.D)
-	if err != nil {
-		return nil, err
-	}
-
-	return &AddedKey{PrivateKey: priv, Certificate: cert, Comment: k.Comments}, nil
-}
-
 func (s *server) insertIdentity(req []byte) error {
 	var record struct {
-		Type string `sshtype:"17|25"`
+		Type string `sshtype:"17"`
 		Rest []byte `ssh:"rest"`
 	}
-
 	if err := ssh.Unmarshal(req, &record); err != nil {
 		return err
 	}

-	var addedKey *AddedKey
-	var err error
-
 	switch record.Type {
 	case ssh.KeyAlgoRSA:
-		addedKey, err = parseRSAKey(req)
-	case ssh.KeyAlgoDSA:
-		addedKey, err = parseDSAKey(req)
-	case ssh.KeyAlgoECDSA256, ssh.KeyAlgoECDSA384, ssh.KeyAlgoECDSA521:
-		addedKey, err = parseECDSAKey(req)
-	case ssh.KeyAlgoED25519:
-		addedKey, err = parseEd25519Key(req)
-	case ssh.CertAlgoRSAv01:
-		addedKey, err = parseRSACert(req)
-	case ssh.CertAlgoDSAv01:
-		addedKey, err = parseDSACert(req)
-	case ssh.CertAlgoECDSA256v01, ssh.CertAlgoECDSA384v01, ssh.CertAlgoECDSA521v01:
-		addedKey, err = parseECDSACert(req)
-	case ssh.CertAlgoED25519v01:
-		addedKey, err = parseEd25519Cert(req)
-	default:
-		return fmt.Errorf("agent: not implemented: %q", record.Type)
-	}
+		var k rsaKeyMsg
+		if err := ssh.Unmarshal(req, &k); err != nil {
+			return err
+		}

-	if err != nil {
-		return err
+		priv := rsa.PrivateKey{
+			PublicKey: rsa.PublicKey{
+				E: int(k.E.Int64()),
+				N: k.N,
+			},
+			D:      k.D,
+			Primes: []*big.Int{k.P, k.Q},
+		}
+		priv.Precompute()
+
+		return s.agent.Add(&priv, nil, k.Comments)
 	}
-	return s.agent.Add(*addedKey)
+	return fmt.Errorf("not implemented: %s", record.Type)
 }

 // ServeAgent serves the agent protocol on the given connection. It
--- a/vendor/golang.org/x/crypto/ssh/agent/server_test.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/server_test.go
@ -5,9 +5,6 @@
 package agent

 import (
-	"crypto"
-	"crypto/rand"
-	"fmt"
 	"testing"

 	"golang.org/x/crypto/ssh"
@ -24,7 +21,7 @@ func TestServer(t *testing.T) {

 	go ServeAgent(NewKeyring(), c2)

-	testAgentInterface(t, client, testPrivateKeys["rsa"], nil, 0)
+	testAgentInterface(t, client, testPrivateKeys["rsa"], nil)
 }

 func TestLockServer(t *testing.T) {
@ -56,9 +53,7 @@ func TestSetupForwardAgent(t *testing.T) {
 		incoming <- conn
 	}()

-	conf := ssh.ClientConfig{
-		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
-	}
+	conf := ssh.ClientConfig{}
 	conn, chans, reqs, err := ssh.NewClientConn(b, "", &conf)
 	if err != nil {
 		t.Fatalf("NewClientConn: %v", err)
@ -77,133 +72,6 @@ func TestSetupForwardAgent(t *testing.T) {
 	go ssh.DiscardRequests(reqs)

 	agentClient := NewClient(ch)
-	testAgentInterface(t, agentClient, testPrivateKeys["rsa"], nil, 0)
+	testAgentInterface(t, agentClient, testPrivateKeys["rsa"], nil)
 	conn.Close()
 }
-
-func TestV1ProtocolMessages(t *testing.T) {
-	c1, c2, err := netPipe()
-	if err != nil {
-		t.Fatalf("netPipe: %v", err)
-	}
-	defer c1.Close()
-	defer c2.Close()
-	c := NewClient(c1)
-
-	go ServeAgent(NewKeyring(), c2)
-
-	testV1ProtocolMessages(t, c.(*client))
-}
-
-func testV1ProtocolMessages(t *testing.T, c *client) {
-	reply, err := c.call([]byte{agentRequestV1Identities})
-	if err != nil {
-		t.Fatalf("v1 request all failed: %v", err)
-	}
-	if msg, ok := reply.(*agentV1IdentityMsg); !ok || msg.Numkeys != 0 {
-		t.Fatalf("invalid request all response: %#v", reply)
-	}
-
-	reply, err = c.call([]byte{agentRemoveAllV1Identities})
-	if err != nil {
-		t.Fatalf("v1 remove all failed: %v", err)
-	}
-	if _, ok := reply.(*successAgentMsg); !ok {
-		t.Fatalf("invalid remove all response: %#v", reply)
-	}
-}
-
-func verifyKey(sshAgent Agent) error {
-	keys, err := sshAgent.List()
-	if err != nil {
-		return fmt.Errorf("listing keys: %v", err)
-	}
-
-	if len(keys) != 1 {
-		return fmt.Errorf("bad number of keys found. expected 1, got %d", len(keys))
-	}
-
-	buf := make([]byte, 128)
-	if _, err := rand.Read(buf); err != nil {
-		return fmt.Errorf("rand: %v", err)
-	}
-
-	sig, err := sshAgent.Sign(keys[0], buf)
-	if err != nil {
-		return fmt.Errorf("sign: %v", err)
-	}
-
-	if err := keys[0].Verify(buf, sig); err != nil {
-		return fmt.Errorf("verify: %v", err)
-	}
-	return nil
-}
-
-func addKeyToAgent(key crypto.PrivateKey) error {
-	sshAgent := NewKeyring()
-	if err := sshAgent.Add(AddedKey{PrivateKey: key}); err != nil {
-		return fmt.Errorf("add: %v", err)
-	}
-	return verifyKey(sshAgent)
-}
-
-func TestKeyTypes(t *testing.T) {
-	for k, v := range testPrivateKeys {
-		if err := addKeyToAgent(v); err != nil {
-			t.Errorf("error adding key type %s, %v", k, err)
-		}
-		if err := addCertToAgentSock(v, nil); err != nil {
-			t.Errorf("error adding key type %s, %v", k, err)
-		}
-	}
-}
-
-func addCertToAgentSock(key crypto.PrivateKey, cert *ssh.Certificate) error {
-	a, b, err := netPipe()
-	if err != nil {
-		return err
-	}
-	agentServer := NewKeyring()
-	go ServeAgent(agentServer, a)
-
-	agentClient := NewClient(b)
-	if err := agentClient.Add(AddedKey{PrivateKey: key, Certificate: cert}); err != nil {
-		return fmt.Errorf("add: %v", err)
-	}
-	return verifyKey(agentClient)
-}
-
-func addCertToAgent(key crypto.PrivateKey, cert *ssh.Certificate) error {
-	sshAgent := NewKeyring()
-	if err := sshAgent.Add(AddedKey{PrivateKey: key, Certificate: cert}); err != nil {
-		return fmt.Errorf("add: %v", err)
-	}
-	return verifyKey(sshAgent)
-}
-
-func TestCertTypes(t *testing.T) {
-	for keyType, key := range testPublicKeys {
-		cert := &ssh.Certificate{
-			ValidPrincipals: []string{"gopher1"},
-			ValidAfter:      0,
-			ValidBefore:     ssh.CertTimeInfinity,
-			Key:             key,
-			Serial:          1,
-			CertType:        ssh.UserCert,
-			SignatureKey:    testPublicKeys["rsa"],
-			Permissions: ssh.Permissions{
-				CriticalOptions: map[string]string{},
-				Extensions:      map[string]string{},
-			},
-		}
-		if err := cert.SignCert(rand.Reader, testSigners["rsa"]); err != nil {
-			t.Fatalf("signcert: %v", err)
-		}
-		if err := addCertToAgent(testPrivateKeys[keyType], cert); err != nil {
-			t.Fatalf("%v", err)
-		}
-		if err := addCertToAgentSock(testPrivateKeys[keyType], cert); err != nil {
-			t.Fatalf("%v", err)
-		}
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/agent/testdata_test.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/testdata_test.go
@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

-// IMPLEMENTATION NOTE: To avoid a package loop, this file is in three places:
+// IMPLEMENTOR NOTE: To avoid a package loop, this file is in three places:
 // ssh/, ssh/agent, and ssh/test/. It should be kept in sync across all three
 // instances.

--- a/vendor/golang.org/x/crypto/ssh/certs.go
+++ b/vendor/golang.org/x/crypto/ssh/certs.go
@ -22,7 +22,6 @@ const (
 	CertAlgoECDSA256v01 = "ecdsa-sha2-nistp256-cert-v01@openssh.com"
 	CertAlgoECDSA384v01 = "ecdsa-sha2-nistp384-cert-v01@openssh.com"
 	CertAlgoECDSA521v01 = "ecdsa-sha2-nistp521-cert-v01@openssh.com"
-	CertAlgoED25519v01  = "ssh-ed25519-cert-v01@openssh.com"
 )

 // Certificate types distinguish between host and user
@ -86,73 +85,46 @@ func marshalStringList(namelist []string) []byte {
 	return to
 }

-type optionsTuple struct {
-	Key   string
-	Value []byte
-}
-
-type optionsTupleValue struct {
-	Value string
-}
-
-// serialize a map of critical options or extensions
-// issue #10569 - per [PROTOCOL.certkeys] and SSH implementation,
-// we need two length prefixes for a non-empty string value
 func marshalTuples(tups map[string]string) []byte {
 	keys := make([]string, 0, len(tups))
-	for key := range tups {
-		keys = append(keys, key)
+	for k := range tups {
+		keys = append(keys, k)
 	}
 	sort.Strings(keys)

-	var ret []byte
-	for _, key := range keys {
-		s := optionsTuple{Key: key}
-		if value := tups[key]; len(value) > 0 {
-			s.Value = Marshal(&optionsTupleValue{value})
-		}
-		ret = append(ret, Marshal(&s)...)
+	var r []byte
+	for _, k := range keys {
+		s := struct{ K, V string }{k, tups[k]}
+		r = append(r, Marshal(&s)...)
 	}
-	return ret
+	return r
 }

-// issue #10569 - per [PROTOCOL.certkeys] and SSH implementation,
-// we need two length prefixes for a non-empty option value
 func parseTuples(in []byte) (map[string]string, error) {
 	tups := map[string]string{}
 	var lastKey string
 	var haveLastKey bool

 	for len(in) > 0 {
-		var key, val, extra []byte
-		var ok bool
-
-		if key, in, ok = parseString(in); !ok {
+		nameBytes, rest, ok := parseString(in)
+		if !ok {
 			return nil, errShortRead
 		}
-		keyStr := string(key)
+		data, rest, ok := parseString(rest)
+		if !ok {
+			return nil, errShortRead
+		}
+		name := string(nameBytes)
+
 		// according to [PROTOCOL.certkeys], the names must be in
 		// lexical order.
-		if haveLastKey && keyStr <= lastKey {
+		if haveLastKey && name <= lastKey {
 			return nil, fmt.Errorf("ssh: certificate options are not in lexical order")
 		}
-		lastKey, haveLastKey = keyStr, true
-		// the next field is a data field, which if non-empty has a string embedded
-		if val, in, ok = parseString(in); !ok {
-			return nil, errShortRead
-		}
-		if len(val) > 0 {
-			val, extra, ok = parseString(val)
-			if !ok {
-				return nil, errShortRead
-			}
-			if len(extra) > 0 {
-				return nil, fmt.Errorf("ssh: unexpected trailing data after certificate option value")
-			}
-			tups[keyStr] = string(val)
-		} else {
-			tups[keyStr] = ""
-		}
+		lastKey, haveLastKey = name, true
+
+		tups[name] = string(data)
+		in = rest
 	}
 	return tups, nil
 }
@ -251,18 +223,10 @@ type CertChecker struct {
 	// for user certificates.
 	SupportedCriticalOptions []string

-	// IsUserAuthority should return true if the key is recognized as an
-	// authority for the given user certificate. This allows for
-	// certificates to be signed by other certificates. This must be set
-	// if this CertChecker will be checking user certificates.
-	IsUserAuthority func(auth PublicKey) bool
-
-	// IsHostAuthority should report whether the key is recognized as
-	// an authority for this host. This allows for certificates to be
-	// signed by other keys, and for those other keys to only be valid
-	// signers for particular hostnames. This must be set if this
-	// CertChecker will be checking host certificates.
-	IsHostAuthority func(auth PublicKey, address string) bool
+	// IsAuthority should return true if the key is recognized as
+	// an authority. This allows for certificates to be signed by other
+	// certificates.
+	IsAuthority func(auth PublicKey) bool

 	// Clock is used for verifying time stamps. If nil, time.Now
 	// is used.
@ -276,7 +240,7 @@ type CertChecker struct {
 	// HostKeyFallback is called when CertChecker.CheckHostKey encounters a
 	// public key that is not a certificate. It must implement host key
 	// validation or else, if nil, all such keys are rejected.
-	HostKeyFallback HostKeyCallback
+	HostKeyFallback func(addr string, remote net.Addr, key PublicKey) error

 	// IsRevoked is called for each certificate so that revocation checking
 	// can be implemented. It should return true if the given certificate
@ -298,17 +262,8 @@ func (c *CertChecker) CheckHostKey(addr string, remote net.Addr, key PublicKey)
 	if cert.CertType != HostCert {
 		return fmt.Errorf("ssh: certificate presented as a host key has type %d", cert.CertType)
 	}
-	if !c.IsHostAuthority(cert.SignatureKey, addr) {
-		return fmt.Errorf("ssh: no authorities for hostname: %v", addr)
-	}

-	hostname, _, err := net.SplitHostPort(addr)
-	if err != nil {
-		return err
-	}
-
-	// Pass hostname only as principal for host certificates (consistent with OpenSSH)
-	return c.CheckCert(hostname, cert)
+	return c.CheckCert(addr, cert)
 }

 // Authenticate checks a user certificate. Authenticate can be used as
@ -325,9 +280,6 @@ func (c *CertChecker) Authenticate(conn ConnMetadata, pubKey PublicKey) (*Permis
 	if cert.CertType != UserCert {
 		return nil, fmt.Errorf("ssh: cert has type %d", cert.CertType)
 	}
-	if !c.IsUserAuthority(cert.SignatureKey) {
-		return nil, fmt.Errorf("ssh: certificate signed by unrecognized authority")
-	}

 	if err := c.CheckCert(conn.User(), cert); err != nil {
 		return nil, err
@ -376,6 +328,10 @@ func (c *CertChecker) CheckCert(principal string, cert *Certificate) error {
 		}
 	}

+	if !c.IsAuthority(cert.SignatureKey) {
+		return fmt.Errorf("ssh: certificate signed by unrecognized authority")
+	}
+
 	clock := c.Clock
 	if clock == nil {
 		clock = time.Now
@ -385,7 +341,7 @@ func (c *CertChecker) CheckCert(principal string, cert *Certificate) error {
 	if after := int64(cert.ValidAfter); after < 0 || unixNow < int64(cert.ValidAfter) {
 		return fmt.Errorf("ssh: cert is not yet valid")
 	}
-	if before := int64(cert.ValidBefore); cert.ValidBefore != uint64(CertTimeInfinity) && (unixNow >= before || before < 0) {
+	if before := int64(cert.ValidBefore); cert.ValidBefore != CertTimeInfinity && (unixNow >= before || before < 0) {
 		return fmt.Errorf("ssh: cert has expired")
 	}
 	if err := cert.SignatureKey.Verify(cert.bytesForSigning(), cert.Signature); err != nil {
@ -418,7 +374,6 @@ var certAlgoNames = map[string]string{
 	KeyAlgoECDSA256: CertAlgoECDSA256v01,
 	KeyAlgoECDSA384: CertAlgoECDSA384v01,
 	KeyAlgoECDSA521: CertAlgoECDSA521v01,
-	KeyAlgoED25519:  CertAlgoED25519v01,
 }

 // certToPrivAlgo returns the underlying algorithm for a certificate algorithm.
@ -477,7 +432,7 @@ func (c *Certificate) Marshal() []byte {
 func (c *Certificate) Type() string {
 	algo, ok := certAlgoNames[c.Key.Type()]
 	if !ok {
-		panic("unknown cert key type " + c.Key.Type())
+		panic("unknown cert key type")
 	}
 	return algo
 }
--- a/vendor/golang.org/x/crypto/ssh/certs_test.go
+++ b/vendor/golang.org/x/crypto/ssh/certs_test.go
@ -7,14 +7,13 @@ package ssh
 import (
 	"bytes"
 	"crypto/rand"
-	"reflect"
 	"testing"
 	"time"
 )

 // Cert generated by ssh-keygen 6.0p1 Debian-4.
 // % ssh-keygen -s ca-key -I test user-key
-const exampleSSHCert = `ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgb1srW/W3ZDjYAO45xLYAwzHBDLsJ4Ux6ICFIkTjb1LEAAAADAQABAAAAYQCkoR51poH0wE8w72cqSB8Sszx+vAhzcMdCO0wqHTj7UNENHWEXGrU0E0UQekD7U+yhkhtoyjbPOVIP7hNa6aRk/ezdh/iUnCIt4Jt1v3Z1h1P+hA4QuYFMHNB+rmjPwAcAAAAAAAAAAAAAAAEAAAAEdGVzdAAAAAAAAAAAAAAAAP//////////AAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAAHcAAAAHc3NoLXJzYQAAAAMBAAEAAABhANFS2kaktpSGc+CcmEKPyw9mJC4nZKxHKTgLVZeaGbFZOvJTNzBspQHdy7Q1uKSfktxpgjZnksiu/tFF9ngyY2KFoc+U88ya95IZUycBGCUbBQ8+bhDtw/icdDGQD5WnUwAAAG8AAAAHc3NoLXJzYQAAAGC8Y9Z2LQKhIhxf52773XaWrXdxP0t3GBVo4A10vUWiYoAGepr6rQIoGGXFxT4B9Gp+nEBJjOwKDXPrAevow0T9ca8gZN+0ykbhSrXLE5Ao48rqr3zP4O1/9P7e6gp0gw8=`
+var exampleSSHCert = `ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgb1srW/W3ZDjYAO45xLYAwzHBDLsJ4Ux6ICFIkTjb1LEAAAADAQABAAAAYQCkoR51poH0wE8w72cqSB8Sszx+vAhzcMdCO0wqHTj7UNENHWEXGrU0E0UQekD7U+yhkhtoyjbPOVIP7hNa6aRk/ezdh/iUnCIt4Jt1v3Z1h1P+hA4QuYFMHNB+rmjPwAcAAAAAAAAAAAAAAAEAAAAEdGVzdAAAAAAAAAAAAAAAAP//////////AAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAAHcAAAAHc3NoLXJzYQAAAAMBAAEAAABhANFS2kaktpSGc+CcmEKPyw9mJC4nZKxHKTgLVZeaGbFZOvJTNzBspQHdy7Q1uKSfktxpgjZnksiu/tFF9ngyY2KFoc+U88ya95IZUycBGCUbBQ8+bhDtw/icdDGQD5WnUwAAAG8AAAAHc3NoLXJzYQAAAGC8Y9Z2LQKhIhxf52773XaWrXdxP0t3GBVo4A10vUWiYoAGepr6rQIoGGXFxT4B9Gp+nEBJjOwKDXPrAevow0T9ca8gZN+0ykbhSrXLE5Ao48rqr3zP4O1/9P7e6gp0gw8=`

 func TestParseCert(t *testing.T) {
 	authKeyBytes := []byte(exampleSSHCert)
@ -28,7 +27,7 @@ func TestParseCert(t *testing.T) {
 	}

 	if _, ok := key.(*Certificate); !ok {
-		t.Fatalf("got %v (%T), want *Certificate", key, key)
+		t.Fatalf("got %#v, want *Certificate", key)
 	}

 	marshaled := MarshalAuthorizedKey(key)
@ -40,60 +39,6 @@ func TestParseCert(t *testing.T) {
 	}
 }

-// Cert generated by ssh-keygen OpenSSH_6.8p1 OS X 10.10.3
-// % ssh-keygen -s ca -I testcert -O source-address=192.168.1.0/24 -O force-command=/bin/sleep user.pub
-// user.pub key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDACh1rt2DXfV3hk6fszSQcQ/rueMId0kVD9U7nl8cfEnFxqOCrNT92g4laQIGl2mn8lsGZfTLg8ksHq3gkvgO3oo/0wHy4v32JeBOHTsN5AL4gfHNEhWeWb50ev47hnTsRIt9P4dxogeUo/hTu7j9+s9lLpEQXCvq6xocXQt0j8MV9qZBBXFLXVT3cWIkSqOdwt/5ZBg+1GSrc7WfCXVWgTk4a20uPMuJPxU4RQwZW6X3+O8Pqo8C3cW0OzZRFP6gUYUKUsTI5WntlS+LAxgw1mZNsozFGdbiOPRnEryE3SRldh9vjDR3tin1fGpA5P7+CEB/bqaXtG3V+F2OkqaMN
-// Critical Options:
-//         force-command /bin/sleep
-//         source-address 192.168.1.0/24
-// Extensions:
-//         permit-X11-forwarding
-//         permit-agent-forwarding
-//         permit-port-forwarding
-//         permit-pty
-//         permit-user-rc
-const exampleSSHCertWithOptions = `ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgDyysCJY0XrO1n03EeRRoITnTPdjENFmWDs9X58PP3VUAAAADAQABAAABAQDACh1rt2DXfV3hk6fszSQcQ/rueMId0kVD9U7nl8cfEnFxqOCrNT92g4laQIGl2mn8lsGZfTLg8ksHq3gkvgO3oo/0wHy4v32JeBOHTsN5AL4gfHNEhWeWb50ev47hnTsRIt9P4dxogeUo/hTu7j9+s9lLpEQXCvq6xocXQt0j8MV9qZBBXFLXVT3cWIkSqOdwt/5ZBg+1GSrc7WfCXVWgTk4a20uPMuJPxU4RQwZW6X3+O8Pqo8C3cW0OzZRFP6gUYUKUsTI5WntlS+LAxgw1mZNsozFGdbiOPRnEryE3SRldh9vjDR3tin1fGpA5P7+CEB/bqaXtG3V+F2OkqaMNAAAAAAAAAAAAAAABAAAACHRlc3RjZXJ0AAAAAAAAAAAAAAAA//////////8AAABLAAAADWZvcmNlLWNvbW1hbmQAAAAOAAAACi9iaW4vc2xlZXAAAAAOc291cmNlLWFkZHJlc3MAAAASAAAADjE5Mi4xNjguMS4wLzI0AAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAABFwAAAAdzc2gtcnNhAAAAAwEAAQAAAQEAwU+c5ui5A8+J/CFpjW8wCa52bEODA808WWQDCSuTG/eMXNf59v9Y8Pk0F1E9dGCosSNyVcB/hacUrc6He+i97+HJCyKavBsE6GDxrjRyxYqAlfcOXi/IVmaUGiO8OQ39d4GHrjToInKvExSUeleQyH4Y4/e27T/pILAqPFL3fyrvMLT5qU9QyIt6zIpa7GBP5+urouNavMprV3zsfIqNBbWypinOQAw823a5wN+zwXnhZrgQiHZ/USG09Y6k98y1dTVz8YHlQVR4D3lpTAsKDKJ5hCH9WU4fdf+lU8OyNGaJ/vz0XNqxcToe1l4numLTnaoSuH89pHryjqurB7lJKwAAAQ8AAAAHc3NoLXJzYQAAAQCaHvUIoPL1zWUHIXLvu96/HU1s/i4CAW2IIEuGgxCUCiFj6vyTyYtgxQxcmbfZf6eaITlS6XJZa7Qq4iaFZh75C1DXTX8labXhRSD4E2t//AIP9MC1rtQC5xo6FmbQ+BoKcDskr+mNACcbRSxs3IL3bwCfWDnIw2WbVox9ZdcthJKk4UoCW4ix4QwdHw7zlddlz++fGEEVhmTbll1SUkycGApPFBsAYRTMupUJcYPIeReBI/m8XfkoMk99bV8ZJQTAd7OekHY2/48Ff53jLmyDjP7kNw1F8OaPtkFs6dGJXta4krmaekPy87j+35In5hFj7yoOqvSbmYUkeX70/GGQ`
-
-func TestParseCertWithOptions(t *testing.T) {
-	opts := map[string]string{
-		"source-address": "192.168.1.0/24",
-		"force-command":  "/bin/sleep",
-	}
-	exts := map[string]string{
-		"permit-X11-forwarding":   "",
-		"permit-agent-forwarding": "",
-		"permit-port-forwarding":  "",
-		"permit-pty":              "",
-		"permit-user-rc":          "",
-	}
-	authKeyBytes := []byte(exampleSSHCertWithOptions)
-
-	key, _, _, rest, err := ParseAuthorizedKey(authKeyBytes)
-	if err != nil {
-		t.Fatalf("ParseAuthorizedKey: %v", err)
-	}
-	if len(rest) > 0 {
-		t.Errorf("rest: got %q, want empty", rest)
-	}
-	cert, ok := key.(*Certificate)
-	if !ok {
-		t.Fatalf("got %v (%T), want *Certificate", key, key)
-	}
-	if !reflect.DeepEqual(cert.CriticalOptions, opts) {
-		t.Errorf("unexpected critical options - got %v, want %v", cert.CriticalOptions, opts)
-	}
-	if !reflect.DeepEqual(cert.Extensions, exts) {
-		t.Errorf("unexpected Extensions - got %v, want %v", cert.Extensions, exts)
-	}
-	marshaled := MarshalAuthorizedKey(key)
-	// Before comparison, remove the trailing newline that
-	// MarshalAuthorizedKey adds.
-	marshaled = marshaled[:len(marshaled)-1]
-	if !bytes.Equal(authKeyBytes, marshaled) {
-		t.Errorf("marshaled certificate does not match original: got %q, want %q", marshaled, authKeyBytes)
-	}
-}
-
 func TestValidateCert(t *testing.T) {
 	key, _, _, _, err := ParseAuthorizedKey([]byte(exampleSSHCert))
 	if err != nil {
@ -104,7 +49,7 @@ func TestValidateCert(t *testing.T) {
 		t.Fatalf("got %v (%T), want *Certificate", key, key)
 	}
 	checker := CertChecker{}
-	checker.IsUserAuthority = func(k PublicKey) bool {
+	checker.IsAuthority = func(k PublicKey) bool {
 		return bytes.Equal(k.Marshal(), validCert.SignatureKey.Marshal())
 	}

@ -142,7 +87,7 @@ func TestValidateCertTime(t *testing.T) {
 		checker := CertChecker{
 			Clock: func() time.Time { return time.Unix(ts, 0) },
 		}
-		checker.IsUserAuthority = func(k PublicKey) bool {
+		checker.IsAuthority = func(k PublicKey) bool {
 			return bytes.Equal(k.Marshal(),
 				testPublicKeys["ecdsa"].Marshal())
 		}
@ -160,7 +105,7 @@ func TestValidateCertTime(t *testing.T) {

 func TestHostKeyCert(t *testing.T) {
 	cert := &Certificate{
-		ValidPrincipals: []string{"hostname", "hostname.domain", "otherhost"},
+		ValidPrincipals: []string{"hostname", "hostname.domain"},
 		Key:             testPublicKeys["rsa"],
 		ValidBefore:     CertTimeInfinity,
 		CertType:        HostCert,
@ -168,8 +113,8 @@ func TestHostKeyCert(t *testing.T) {
 	cert.SignCert(rand.Reader, testSigners["ecdsa"])

 	checker := &CertChecker{
-		IsHostAuthority: func(p PublicKey, addr string) bool {
-			return addr == "hostname:22" && bytes.Equal(testPublicKeys["ecdsa"].Marshal(), p.Marshal())
+		IsAuthority: func(p PublicKey) bool {
+			return bytes.Equal(testPublicKeys["ecdsa"].Marshal(), p.Marshal())
 		},
 	}

@ -178,14 +123,7 @@ func TestHostKeyCert(t *testing.T) {
 		t.Errorf("NewCertSigner: %v", err)
 	}

-	for _, test := range []struct {
-		addr    string
-		succeed bool
-	}{
-		{addr: "hostname:22", succeed: true},
-		{addr: "otherhost:22", succeed: false}, // The certificate is valid for 'otherhost' as hostname, but we only recognize the authority of the signer for the address 'hostname:22'
-		{addr: "lasthost:22", succeed: false},
-	} {
+	for _, name := range []string{"hostname", "otherhost"} {
 		c1, c2, err := netPipe()
 		if err != nil {
 			t.Fatalf("netPipe: %v", err)
@ -193,30 +131,26 @@ func TestHostKeyCert(t *testing.T) {
 		defer c1.Close()
 		defer c2.Close()

-		errc := make(chan error)
-
 		go func() {
 			conf := ServerConfig{
 				NoClientAuth: true,
 			}
 			conf.AddHostKey(certSigner)
 			_, _, _, err := NewServerConn(c1, &conf)
-			errc <- err
+			if err != nil {
+				t.Fatalf("NewServerConn: %v", err)
+			}
 		}()

 		config := &ClientConfig{
 			User:            "user",
 			HostKeyCallback: checker.CheckHostKey,
 		}
-		_, _, _, err = NewClientConn(c2, test.addr, config)
+		_, _, _, err = NewClientConn(c2, name, config)

-		if (err == nil) != test.succeed {
-			t.Fatalf("NewClientConn(%q): %v", test.addr, err)
-		}
-
-		err = <-errc
-		if (err == nil) != test.succeed {
-			t.Fatalf("NewServerConn(%q): %v", test.addr, err)
+		succeed := name == "hostname"
+		if (err == nil) != succeed {
+			t.Fatalf("NewClientConn(%q): %v", name, err)
 		}
 	}
 }
--- a/vendor/golang.org/x/crypto/ssh/channel.go
+++ b/vendor/golang.org/x/crypto/ssh/channel.go
@ -67,8 +67,6 @@ type Channel interface {
 	// boolean, otherwise the return value will be false. Channel
 	// requests are out-of-band messages so they may be sent even
 	// if the data stream is closed or blocked by flow control.
-	// If the channel is closed before a reply is returned, io.EOF
-	// is returned.
 	SendRequest(name string, wantReply bool, payload []byte) (bool, error)

 	// Stderr returns an io.ReadWriter that writes to this channel
@ -219,7 +217,7 @@ func (c *channel) writePacket(packet []byte) error {

 func (c *channel) sendMessage(msg interface{}) error {
 	if debugMux {
-		log.Printf("send(%d): %#v", c.mux.chanList.offset, msg)
+		log.Printf("send %d: %#v", c.mux.chanList.offset, msg)
 	}

 	p := Marshal(msg)
@ -373,7 +371,7 @@ func (c *channel) close() {
 	close(c.msg)
 	close(c.incomingRequests)
 	c.writeMu.Lock()
-	// This is not necessary for a normal channel teardown, but if
+	// This is not necesary for a normal channel teardown, but if
 	// there was another error, it is.
 	c.sentClose = true
 	c.writeMu.Unlock()
@ -461,8 +459,8 @@ func (m *mux) newChannel(chanType string, direction channelDirection, extraData
 		pending:          newBuffer(),
 		extPending:       newBuffer(),
 		direction:        direction,
-		incomingRequests: make(chan *Request, chanSize),
-		msg:              make(chan interface{}, chanSize),
+		incomingRequests: make(chan *Request, 16),
+		msg:              make(chan interface{}, 16),
 		chanType:         chanType,
 		extraData:        extraData,
 		mux:              m,
--- a/vendor/golang.org/x/crypto/ssh/cipher.go
+++ b/vendor/golang.org/x/crypto/ssh/cipher.go
@ -7,7 +7,6 @@ package ssh
 import (
 	"crypto/aes"
 	"crypto/cipher"
-	"crypto/des"
 	"crypto/rc4"
 	"crypto/subtle"
 	"encoding/binary"
@ -15,7 +14,6 @@ import (
 	"fmt"
 	"hash"
 	"io"
-	"io/ioutil"
 )

 const (
@ -115,16 +113,6 @@ var cipherModes = map[string]*streamCipherMode{
 	// special case. If we add any more non-stream ciphers, we
 	// should invest a cleaner way to do this.
 	gcmCipherID: {16, 12, 0, nil},
-
-	// CBC mode is insecure and so is not included in the default config.
-	// (See http://www.isg.rhul.ac.uk/~kp/SandPfinal.pdf). If absolutely
-	// needed, it's possible to specify a custom Config to enable it.
-	// You should expect that an active attacker can recover plaintext if
-	// you do.
-	aes128cbcID: {16, aes.BlockSize, 0, nil},
-
-	// 3des-cbc is insecure and is disabled by default.
-	tripledescbcID: {24, des.BlockSize, 0, nil},
 }

 // prefixLen is the length of the packet prefix that contains the packet length
@ -135,7 +123,6 @@ const prefixLen = 5
 type streamPacketCipher struct {
 	mac    hash.Hash
 	cipher cipher.Stream
-	etm    bool

 	// The following members are to avoid per-packet allocations.
 	prefix      [prefixLen]byte
@ -151,14 +138,7 @@ func (s *streamPacketCipher) readPacket(seqNum uint32, r io.Reader) ([]byte, err
 		return nil, err
 	}

-	var encryptedPaddingLength [1]byte
-	if s.mac != nil && s.etm {
-		copy(encryptedPaddingLength[:], s.prefix[4:5])
-		s.cipher.XORKeyStream(s.prefix[4:5], s.prefix[4:5])
-	} else {
-		s.cipher.XORKeyStream(s.prefix[:], s.prefix[:])
-	}
-
+	s.cipher.XORKeyStream(s.prefix[:], s.prefix[:])
 	length := binary.BigEndian.Uint32(s.prefix[0:4])
 	paddingLength := uint32(s.prefix[4])

@ -167,12 +147,7 @@ func (s *streamPacketCipher) readPacket(seqNum uint32, r io.Reader) ([]byte, err
 		s.mac.Reset()
 		binary.BigEndian.PutUint32(s.seqNumBytes[:], seqNum)
 		s.mac.Write(s.seqNumBytes[:])
-		if s.etm {
-			s.mac.Write(s.prefix[:4])
-			s.mac.Write(encryptedPaddingLength[:])
-		} else {
-			s.mac.Write(s.prefix[:])
-		}
+		s.mac.Write(s.prefix[:])
 		macSize = uint32(s.mac.Size())
 	}

@ -197,17 +172,10 @@ func (s *streamPacketCipher) readPacket(seqNum uint32, r io.Reader) ([]byte, err
 	}
 	mac := s.packetData[length-1:]
 	data := s.packetData[:length-1]
-
-	if s.mac != nil && s.etm {
-		s.mac.Write(data)
-	}
-
 	s.cipher.XORKeyStream(data, data)

 	if s.mac != nil {
-		if !s.etm {
-			s.mac.Write(data)
-		}
+		s.mac.Write(data)
 		s.macResult = s.mac.Sum(s.macResult[:0])
 		if subtle.ConstantTimeCompare(s.macResult, mac) != 1 {
 			return nil, errors.New("ssh: MAC failure")
@ -223,13 +191,7 @@ func (s *streamPacketCipher) writePacket(seqNum uint32, w io.Writer, rand io.Rea
 		return errors.New("ssh: packet too large")
 	}

-	aadlen := 0
-	if s.mac != nil && s.etm {
-		// packet length is not encrypted for EtM modes
-		aadlen = 4
-	}
-
-	paddingLength := packetSizeMultiple - (prefixLen+len(packet)-aadlen)%packetSizeMultiple
+	paddingLength := packetSizeMultiple - (prefixLen+len(packet))%packetSizeMultiple
 	if paddingLength < 4 {
 		paddingLength += packetSizeMultiple
 	}
@ -246,37 +208,15 @@ func (s *streamPacketCipher) writePacket(seqNum uint32, w io.Writer, rand io.Rea
 		s.mac.Reset()
 		binary.BigEndian.PutUint32(s.seqNumBytes[:], seqNum)
 		s.mac.Write(s.seqNumBytes[:])
-
-		if s.etm {
-			// For EtM algorithms, the packet length must stay unencrypted,
-			// but the following data (padding length) must be encrypted
-			s.cipher.XORKeyStream(s.prefix[4:5], s.prefix[4:5])
-		}
-
 		s.mac.Write(s.prefix[:])
-
-		if !s.etm {
-			// For non-EtM algorithms, the algorithm is applied on unencrypted data
-			s.mac.Write(packet)
-			s.mac.Write(padding)
-		}
-	}
-
-	if !(s.mac != nil && s.etm) {
-		// For EtM algorithms, the padding length has already been encrypted
-		// and the packet length must remain unencrypted
-		s.cipher.XORKeyStream(s.prefix[:], s.prefix[:])
-	}
-
-	s.cipher.XORKeyStream(packet, packet)
-	s.cipher.XORKeyStream(padding, padding)
-
-	if s.mac != nil && s.etm {
-		// For EtM algorithms, packet and padding must be encrypted
 		s.mac.Write(packet)
 		s.mac.Write(padding)
 	}

+	s.cipher.XORKeyStream(s.prefix[:], s.prefix[:])
+	s.cipher.XORKeyStream(packet, packet)
+	s.cipher.XORKeyStream(padding, padding)
+
 	if _, err := w.Write(s.prefix[:]); err != nil {
 		return err
 	}
@ -402,226 +342,3 @@ func (c *gcmCipher) readPacket(seqNum uint32, r io.Reader) ([]byte, error) {
 	plain = plain[1 : length-uint32(padding)]
 	return plain, nil
 }
-
-// cbcCipher implements aes128-cbc cipher defined in RFC 4253 section 6.1
-type cbcCipher struct {
-	mac       hash.Hash
-	macSize   uint32
-	decrypter cipher.BlockMode
-	encrypter cipher.BlockMode
-
-	// The following members are to avoid per-packet allocations.
-	seqNumBytes [4]byte
-	packetData  []byte
-	macResult   []byte
-
-	// Amount of data we should still read to hide which
-	// verification error triggered.
-	oracleCamouflage uint32
-}
-
-func newCBCCipher(c cipher.Block, iv, key, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
-	cbc := &cbcCipher{
-		mac:        macModes[algs.MAC].new(macKey),
-		decrypter:  cipher.NewCBCDecrypter(c, iv),
-		encrypter:  cipher.NewCBCEncrypter(c, iv),
-		packetData: make([]byte, 1024),
-	}
-	if cbc.mac != nil {
-		cbc.macSize = uint32(cbc.mac.Size())
-	}
-
-	return cbc, nil
-}
-
-func newAESCBCCipher(iv, key, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
-	c, err := aes.NewCipher(key)
-	if err != nil {
-		return nil, err
-	}
-
-	cbc, err := newCBCCipher(c, iv, key, macKey, algs)
-	if err != nil {
-		return nil, err
-	}
-
-	return cbc, nil
-}
-
-func newTripleDESCBCCipher(iv, key, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
-	c, err := des.NewTripleDESCipher(key)
-	if err != nil {
-		return nil, err
-	}
-
-	cbc, err := newCBCCipher(c, iv, key, macKey, algs)
-	if err != nil {
-		return nil, err
-	}
-
-	return cbc, nil
-}
-
-func maxUInt32(a, b int) uint32 {
-	if a > b {
-		return uint32(a)
-	}
-	return uint32(b)
-}
-
-const (
-	cbcMinPacketSizeMultiple = 8
-	cbcMinPacketSize         = 16
-	cbcMinPaddingSize        = 4
-)
-
-// cbcError represents a verification error that may leak information.
-type cbcError string
-
-func (e cbcError) Error() string { return string(e) }
-
-func (c *cbcCipher) readPacket(seqNum uint32, r io.Reader) ([]byte, error) {
-	p, err := c.readPacketLeaky(seqNum, r)
-	if err != nil {
-		if _, ok := err.(cbcError); ok {
-			// Verification error: read a fixed amount of
-			// data, to make distinguishing between
-			// failing MAC and failing length check more
-			// difficult.
-			io.CopyN(ioutil.Discard, r, int64(c.oracleCamouflage))
-		}
-	}
-	return p, err
-}
-
-func (c *cbcCipher) readPacketLeaky(seqNum uint32, r io.Reader) ([]byte, error) {
-	blockSize := c.decrypter.BlockSize()
-
-	// Read the header, which will include some of the subsequent data in the
-	// case of block ciphers - this is copied back to the payload later.
-	// How many bytes of payload/padding will be read with this first read.
-	firstBlockLength := uint32((prefixLen + blockSize - 1) / blockSize * blockSize)
-	firstBlock := c.packetData[:firstBlockLength]
-	if _, err := io.ReadFull(r, firstBlock); err != nil {
-		return nil, err
-	}
-
-	c.oracleCamouflage = maxPacket + 4 + c.macSize - firstBlockLength
-
-	c.decrypter.CryptBlocks(firstBlock, firstBlock)
-	length := binary.BigEndian.Uint32(firstBlock[:4])
-	if length > maxPacket {
-		return nil, cbcError("ssh: packet too large")
-	}
-	if length+4 < maxUInt32(cbcMinPacketSize, blockSize) {
-		// The minimum size of a packet is 16 (or the cipher block size, whichever
-		// is larger) bytes.
-		return nil, cbcError("ssh: packet too small")
-	}
-	// The length of the packet (including the length field but not the MAC) must
-	// be a multiple of the block size or 8, whichever is larger.
-	if (length+4)%maxUInt32(cbcMinPacketSizeMultiple, blockSize) != 0 {
-		return nil, cbcError("ssh: invalid packet length multiple")
-	}
-
-	paddingLength := uint32(firstBlock[4])
-	if paddingLength < cbcMinPaddingSize || length <= paddingLength+1 {
-		return nil, cbcError("ssh: invalid packet length")
-	}
-
-	// Positions within the c.packetData buffer:
-	macStart := 4 + length
-	paddingStart := macStart - paddingLength
-
-	// Entire packet size, starting before length, ending at end of mac.
-	entirePacketSize := macStart + c.macSize
-
-	// Ensure c.packetData is large enough for the entire packet data.
-	if uint32(cap(c.packetData)) < entirePacketSize {
-		// Still need to upsize and copy, but this should be rare at runtime, only
-		// on upsizing the packetData buffer.
-		c.packetData = make([]byte, entirePacketSize)
-		copy(c.packetData, firstBlock)
-	} else {
-		c.packetData = c.packetData[:entirePacketSize]
-	}
-
-	if n, err := io.ReadFull(r, c.packetData[firstBlockLength:]); err != nil {
-		return nil, err
-	} else {
-		c.oracleCamouflage -= uint32(n)
-	}
-
-	remainingCrypted := c.packetData[firstBlockLength:macStart]
-	c.decrypter.CryptBlocks(remainingCrypted, remainingCrypted)
-
-	mac := c.packetData[macStart:]
-	if c.mac != nil {
-		c.mac.Reset()
-		binary.BigEndian.PutUint32(c.seqNumBytes[:], seqNum)
-		c.mac.Write(c.seqNumBytes[:])
-		c.mac.Write(c.packetData[:macStart])
-		c.macResult = c.mac.Sum(c.macResult[:0])
-		if subtle.ConstantTimeCompare(c.macResult, mac) != 1 {
-			return nil, cbcError("ssh: MAC failure")
-		}
-	}
-
-	return c.packetData[prefixLen:paddingStart], nil
-}
-
-func (c *cbcCipher) writePacket(seqNum uint32, w io.Writer, rand io.Reader, packet []byte) error {
-	effectiveBlockSize := maxUInt32(cbcMinPacketSizeMultiple, c.encrypter.BlockSize())
-
-	// Length of encrypted portion of the packet (header, payload, padding).
-	// Enforce minimum padding and packet size.
-	encLength := maxUInt32(prefixLen+len(packet)+cbcMinPaddingSize, cbcMinPaddingSize)
-	// Enforce block size.
-	encLength = (encLength + effectiveBlockSize - 1) / effectiveBlockSize * effectiveBlockSize
-
-	length := encLength - 4
-	paddingLength := int(length) - (1 + len(packet))
-
-	// Overall buffer contains: header, payload, padding, mac.
-	// Space for the MAC is reserved in the capacity but not the slice length.
-	bufferSize := encLength + c.macSize
-	if uint32(cap(c.packetData)) < bufferSize {
-		c.packetData = make([]byte, encLength, bufferSize)
-	} else {
-		c.packetData = c.packetData[:encLength]
-	}
-
-	p := c.packetData
-
-	// Packet header.
-	binary.BigEndian.PutUint32(p, length)
-	p = p[4:]
-	p[0] = byte(paddingLength)
-
-	// Payload.
-	p = p[1:]
-	copy(p, packet)
-
-	// Padding.
-	p = p[len(packet):]
-	if _, err := io.ReadFull(rand, p); err != nil {
-		return err
-	}
-
-	if c.mac != nil {
-		c.mac.Reset()
-		binary.BigEndian.PutUint32(c.seqNumBytes[:], seqNum)
-		c.mac.Write(c.seqNumBytes[:])
-		c.mac.Write(c.packetData)
-		// The MAC is now appended into the capacity reserved for it earlier.
-		c.packetData = c.mac.Sum(c.packetData)
-	}
-
-	c.encrypter.CryptBlocks(c.packetData[:encLength], c.packetData[:encLength])
-
-	if _, err := w.Write(c.packetData); err != nil {
-		return err
-	}
-
-	return nil
-}
--- a/vendor/golang.org/x/crypto/ssh/cipher_test.go
+++ b/vendor/golang.org/x/crypto/ssh/cipher_test.go
@ -7,7 +7,6 @@ package ssh
 import (
 	"bytes"
 	"crypto"
-	"crypto/aes"
 	"crypto/rand"
 	"testing"
 )
@ -21,109 +20,40 @@ func TestDefaultCiphersExist(t *testing.T) {
 }

 func TestPacketCiphers(t *testing.T) {
-	// Still test aes128cbc cipher although it's commented out.
-	cipherModes[aes128cbcID] = &streamCipherMode{16, aes.BlockSize, 0, nil}
-	defer delete(cipherModes, aes128cbcID)
-
 	for cipher := range cipherModes {
-		for mac := range macModes {
-			kr := &kexResult{Hash: crypto.SHA1}
-			algs := directionAlgorithms{
-				Cipher:      cipher,
-				MAC:         mac,
-				Compression: "none",
-			}
-			client, err := newPacketCipher(clientKeys, algs, kr)
-			if err != nil {
-				t.Errorf("newPacketCipher(client, %q, %q): %v", cipher, mac, err)
-				continue
-			}
-			server, err := newPacketCipher(clientKeys, algs, kr)
-			if err != nil {
-				t.Errorf("newPacketCipher(client, %q, %q): %v", cipher, mac, err)
-				continue
-			}
-
-			want := "bla bla"
-			input := []byte(want)
-			buf := &bytes.Buffer{}
-			if err := client.writePacket(0, buf, rand.Reader, input); err != nil {
-				t.Errorf("writePacket(%q, %q): %v", cipher, mac, err)
-				continue
-			}
-
-			packet, err := server.readPacket(0, buf)
-			if err != nil {
-				t.Errorf("readPacket(%q, %q): %v", cipher, mac, err)
-				continue
-			}
-
-			if string(packet) != want {
-				t.Errorf("roundtrip(%q, %q): got %q, want %q", cipher, mac, packet, want)
-			}
+		kr := &kexResult{Hash: crypto.SHA1}
+		algs := directionAlgorithms{
+			Cipher:      cipher,
+			MAC:         "hmac-sha1",
+			Compression: "none",
+		}
+		client, err := newPacketCipher(clientKeys, algs, kr)
+		if err != nil {
+			t.Errorf("newPacketCipher(client, %q): %v", cipher, err)
+			continue
 		}
-	}
-}
-
-func TestCBCOracleCounterMeasure(t *testing.T) {
-	cipherModes[aes128cbcID] = &streamCipherMode{16, aes.BlockSize, 0, nil}
-	defer delete(cipherModes, aes128cbcID)
-
-	kr := &kexResult{Hash: crypto.SHA1}
-	algs := directionAlgorithms{
-		Cipher:      aes128cbcID,
-		MAC:         "hmac-sha1",
-		Compression: "none",
-	}
-	client, err := newPacketCipher(clientKeys, algs, kr)
-	if err != nil {
-		t.Fatalf("newPacketCipher(client): %v", err)
-	}
-
-	want := "bla bla"
-	input := []byte(want)
-	buf := &bytes.Buffer{}
-	if err := client.writePacket(0, buf, rand.Reader, input); err != nil {
-		t.Errorf("writePacket: %v", err)
-	}
-
-	packetSize := buf.Len()
-	buf.Write(make([]byte, 2*maxPacket))
-
-	// We corrupt each byte, but this usually will only test the
-	// 'packet too large' or 'MAC failure' cases.
-	lastRead := -1
-	for i := 0; i < packetSize; i++ {
 		server, err := newPacketCipher(clientKeys, algs, kr)
 		if err != nil {
-			t.Fatalf("newPacketCipher(client): %v", err)
-		}
-
-		fresh := &bytes.Buffer{}
-		fresh.Write(buf.Bytes())
-		fresh.Bytes()[i] ^= 0x01
-
-		before := fresh.Len()
-		_, err = server.readPacket(0, fresh)
-		if err == nil {
-			t.Errorf("corrupt byte %d: readPacket succeeded ", i)
-			continue
-		}
-		if _, ok := err.(cbcError); !ok {
-			t.Errorf("corrupt byte %d: got %v (%T), want cbcError", i, err, err)
+			t.Errorf("newPacketCipher(client, %q): %v", cipher, err)
 			continue
 		}

-		after := fresh.Len()
-		bytesRead := before - after
-		if bytesRead < maxPacket {
-			t.Errorf("corrupt byte %d: read %d bytes, want more than %d", i, bytesRead, maxPacket)
+		want := "bla bla"
+		input := []byte(want)
+		buf := &bytes.Buffer{}
+		if err := client.writePacket(0, buf, rand.Reader, input); err != nil {
+			t.Errorf("writePacket(%q): %v", cipher, err)
 			continue
 		}

-		if i > 0 && bytesRead != lastRead {
-			t.Errorf("corrupt byte %d: read %d bytes, want %d bytes read", i, bytesRead, lastRead)
+		packet, err := server.readPacket(0, buf)
+		if err != nil {
+			t.Errorf("readPacket(%q): %v", cipher, err)
+			continue
+		}
+
+		if string(packet) != want {
+			t.Errorf("roundtrip(%q): got %q, want %q", cipher, packet, want)
 		}
-		lastRead = bytesRead
 	}
 }
--- a/vendor/golang.org/x/crypto/ssh/client.go
+++ b/vendor/golang.org/x/crypto/ssh/client.go
@ -5,16 +5,14 @@
 package ssh

 import (
-	"bytes"
 	"errors"
 	"fmt"
 	"net"
 	"sync"
-	"time"
 )

 // Client implements a traditional SSH client that supports shells,
-// subprocesses, TCP port/streamlocal forwarding and tunneled dialing.
+// subprocesses, port forwarding and tunneled dialing.
 type Client struct {
 	Conn

@ -41,7 +39,7 @@ func (c *Client) HandleChannelOpen(channelType string) <-chan NewChannel {
 		return nil
 	}

-	ch = make(chan NewChannel, chanSize)
+	ch = make(chan NewChannel, 16)
 	c.channelHandlers[channelType] = ch
 	return ch
 }
@ -60,7 +58,6 @@ func NewClient(c Conn, chans <-chan NewChannel, reqs <-chan *Request) *Client {
 		conn.forwards.closeAll()
 	}()
 	go conn.forwards.handleChannels(conn.HandleChannelOpen("forwarded-tcpip"))
-	go conn.forwards.handleChannels(conn.HandleChannelOpen("forwarded-streamlocal@openssh.com"))
 	return conn
 }

@ -70,11 +67,6 @@ func NewClient(c Conn, chans <-chan NewChannel, reqs <-chan *Request) *Client {
 func NewClientConn(c net.Conn, addr string, config *ClientConfig) (Conn, <-chan NewChannel, <-chan *Request, error) {
 	fullConf := *config
 	fullConf.SetDefaults()
-	if fullConf.HostKeyCallback == nil {
-		c.Close()
-		return nil, nil, nil, errors.New("ssh: must specify HostKeyCallback")
-	}
-
 	conn := &connection{
 		sshConn: sshConn{conn: c},
 	}
@ -104,11 +96,19 @@ func (c *connection) clientHandshake(dialAddress string, config *ClientConfig) e
 	c.transport = newClientTransport(
 		newTransport(c.sshConn.conn, config.Rand, true /* is client */),
 		c.clientVersion, c.serverVersion, config, dialAddress, c.sshConn.RemoteAddr())
-	if err := c.transport.waitSession(); err != nil {
+	if err := c.transport.requestKeyChange(); err != nil {
 		return err
 	}

+	if packet, err := c.transport.readPacket(); err != nil {
+		return err
+	} else if packet[0] != msgNewKeys {
+		return unexpectedMessageError(msgNewKeys, packet[0])
+	}
+
+	// We just did the key change, so the session ID is established.
 	c.sessionID = c.transport.getSessionID()
+
 	return c.clientAuthenticate(config)
 }

@ -169,7 +169,7 @@ func (c *Client) handleChannelOpens(in <-chan NewChannel) {
 // to incoming channels and requests, use net.Dial with NewClientConn
 // instead.
 func Dial(network, addr string, config *ClientConfig) (*Client, error) {
-	conn, err := net.DialTimeout(network, addr, config.Timeout)
+	conn, err := net.Dial(network, addr)
 	if err != nil {
 		return nil, err
 	}
@ -180,13 +180,6 @@ func Dial(network, addr string, config *ClientConfig) (*Client, error) {
 	return NewClient(c, chans, reqs), nil
 }

-// HostKeyCallback is the function type used for verifying server
-// keys.  A HostKeyCallback must return nil if the host key is OK, or
-// an error to reject it. It receives the hostname as passed to Dial
-// or NewClientConn. The remote address is the RemoteAddr of the
-// net.Conn underlying the the SSH connection.
-type HostKeyCallback func(hostname string, remote net.Addr, key PublicKey) error
-
 // A ClientConfig structure is used to configure a Client. It must not be
 // modified after having been passed to an SSH function.
 type ClientConfig struct {
@ -202,56 +195,12 @@ type ClientConfig struct {
 	// be used during authentication.
 	Auth []AuthMethod

-	// HostKeyCallback is called during the cryptographic
-	// handshake to validate the server's host key. The client
-	// configuration must supply this callback for the connection
-	// to succeed. The functions InsecureIgnoreHostKey or
-	// FixedHostKey can be used for simplistic host key checks.
-	HostKeyCallback HostKeyCallback
+	// HostKeyCallback, if not nil, is called during the cryptographic
+	// handshake to validate the server's host key. A nil HostKeyCallback
+	// implies that all host keys are accepted.
+	HostKeyCallback func(hostname string, remote net.Addr, key PublicKey) error

 	// ClientVersion contains the version identification string that will
 	// be used for the connection. If empty, a reasonable default is used.
 	ClientVersion string
-
-	// HostKeyAlgorithms lists the key types that the client will
-	// accept from the server as host key, in order of
-	// preference. If empty, a reasonable default is used. Any
-	// string returned from PublicKey.Type method may be used, or
-	// any of the CertAlgoXxxx and KeyAlgoXxxx constants.
-	HostKeyAlgorithms []string
-
-	// Timeout is the maximum amount of time for the TCP connection to establish.
-	//
-	// A Timeout of zero means no timeout.
-	Timeout time.Duration
-}
-
-// InsecureIgnoreHostKey returns a function that can be used for
-// ClientConfig.HostKeyCallback to accept any host key. It should
-// not be used for production code.
-func InsecureIgnoreHostKey() HostKeyCallback {
-	return func(hostname string, remote net.Addr, key PublicKey) error {
-		return nil
-	}
-}
-
-type fixedHostKey struct {
-	key PublicKey
-}
-
-func (f *fixedHostKey) check(hostname string, remote net.Addr, key PublicKey) error {
-	if f.key == nil {
-		return fmt.Errorf("ssh: required host key was nil")
-	}
-	if !bytes.Equal(key.Marshal(), f.key.Marshal()) {
-		return fmt.Errorf("ssh: host key mismatch")
-	}
-	return nil
-}
-
-// FixedHostKey returns a function for use in
-// ClientConfig.HostKeyCallback to accept only a specific host key.
-func FixedHostKey(key PublicKey) HostKeyCallback {
-	hk := &fixedHostKey{key}
-	return hk.check
 }
--- a/vendor/golang.org/x/crypto/ssh/client_auth.go
+++ b/vendor/golang.org/x/crypto/ssh/client_auth.go
@ -30,10 +30,8 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
 	// then any untried methods suggested by the server.
 	tried := make(map[string]bool)
 	var lastMethods []string
-
-	sessionID := c.transport.getSessionID()
 	for auth := AuthMethod(new(noneAuth)); auth != nil; {
-		ok, methods, err := auth.auth(sessionID, config.User, c.transport, config.Rand)
+		ok, methods, err := auth.auth(c.transport.getSessionID(), config.User, c.transport, config.Rand)
 		if err != nil {
 			return err
 		}
@ -179,26 +177,31 @@ func (cb publicKeyCallback) method() string {
 }

 func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand io.Reader) (bool, []string, error) {
-	// Authentication is performed by sending an enquiry to test if a key is
-	// acceptable to the remote. If the key is acceptable, the client will
-	// attempt to authenticate with the valid key.  If not the client will repeat
-	// the process with the remaining keys.
+	// Authentication is performed in two stages. The first stage sends an
+	// enquiry to test if each key is acceptable to the remote. The second
+	// stage attempts to authenticate with the valid keys obtained in the
+	// first stage.

 	signers, err := cb()
 	if err != nil {
 		return false, nil, err
 	}
-	var methods []string
+	var validKeys []Signer
 	for _, signer := range signers {
-		ok, err := validateKey(signer.PublicKey(), user, c)
-		if err != nil {
-			return false, nil, err
-		}
-		if !ok {
-			continue
+		if ok, err := validateKey(signer.PublicKey(), user, c); ok {
+			validKeys = append(validKeys, signer)
+		} else {
+			if err != nil {
+				return false, nil, err
+			}
 		}
+	}

+	// methods that may continue if this auth is not successful.
+	var methods []string
+	for _, signer := range validKeys {
 		pub := signer.PublicKey()
+
 		pubKey := pub.Marshal()
 		sign, err := signer.Sign(rand, buildDataSignedForAuth(session, userAuthRequestMsg{
 			User:    user,
@ -231,29 +234,13 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
 		if err != nil {
 			return false, nil, err
 		}
-
-		// If authentication succeeds or the list of available methods does not
-		// contain the "publickey" method, do not attempt to authenticate with any
-		// other keys.  According to RFC 4252 Section 7, the latter can occur when
-		// additional authentication methods are required.
-		if success || !containsMethod(methods, cb.method()) {
+		if success {
 			return success, methods, err
 		}
 	}
-
 	return false, methods, nil
 }

-func containsMethod(methods []string, method string) bool {
-	for _, m := range methods {
-		if m == method {
-			return true
-		}
-	}
-
-	return false
-}
-
 // validateKey validates the key provided is acceptable to the server.
 func validateKey(key PublicKey, user string, c packetConn) (bool, error) {
 	pubKey := key.Marshal()
@ -334,6 +321,8 @@ func handleAuthResponse(c packetConn) (bool, []string, error) {
 			return false, msg.Methods, nil
 		case msgUserAuthSuccess:
 			return true, nil, nil
+		case msgDisconnect:
+			return false, nil, io.EOF
 		default:
 			return false, nil, unexpectedMessageError(msgUserAuthSuccess, packet[0])
 		}
@ -450,37 +439,3 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
 		}
 	}
 }
-
-type retryableAuthMethod struct {
-	authMethod AuthMethod
-	maxTries   int
-}
-
-func (r *retryableAuthMethod) auth(session []byte, user string, c packetConn, rand io.Reader) (ok bool, methods []string, err error) {
-	for i := 0; r.maxTries <= 0 || i < r.maxTries; i++ {
-		ok, methods, err = r.authMethod.auth(session, user, c, rand)
-		if ok || err != nil { // either success or error terminate
-			return ok, methods, err
-		}
-	}
-	return ok, methods, err
-}
-
-func (r *retryableAuthMethod) method() string {
-	return r.authMethod.method()
-}
-
-// RetryableAuthMethod is a decorator for other auth methods enabling them to
-// be retried up to maxTries before considering that AuthMethod itself failed.
-// If maxTries is <= 0, will retry indefinitely
-//
-// This is useful for interactive clients using challenge/response type
-// authentication (e.g. Keyboard-Interactive, Password, etc) where the user
-// could mistype their response resulting in the server issuing a
-// SSH_MSG_USERAUTH_FAILURE (rfc4252 #8 [password] and rfc4256 #3.4
-// [keyboard-interactive]); Without this decorator, the non-retryable
-// AuthMethod would be removed from future consideration, and never tried again
-// (and so the user would never be able to retry their entry).
-func RetryableAuthMethod(auth AuthMethod, maxTries int) AuthMethod {
-	return &retryableAuthMethod{authMethod: auth, maxTries: maxTries}
-}
--- a/vendor/golang.org/x/crypto/ssh/client_auth_test.go
+++ b/vendor/golang.org/x/crypto/ssh/client_auth_test.go
@ -9,7 +9,6 @@ import (
 	"crypto/rand"
 	"errors"
 	"fmt"
-	"os"
 	"strings"
 	"testing"
 )
@ -38,7 +37,7 @@ func tryAuth(t *testing.T, config *ClientConfig) error {
 	defer c2.Close()

 	certChecker := CertChecker{
-		IsUserAuthority: func(k PublicKey) bool {
+		IsAuthority: func(k PublicKey) bool {
 			return bytes.Equal(k.Marshal(), testPublicKeys["ecdsa"].Marshal())
 		},
 		UserKeyFallback: func(conn ConnMetadata, key PublicKey) (*Permissions, error) {
@ -76,6 +75,9 @@ func tryAuth(t *testing.T, config *ClientConfig) error {
 			}
 			return nil, errors.New("keyboard-interactive failed")
 		},
+		AuthLogCallback: func(conn ConnMetadata, method string, err error) {
+			t.Logf("user %q, method %q: %v", conn.User(), method, err)
+		},
 	}
 	serverConfig.AddHostKey(testSigners["rsa"])

@ -90,7 +92,6 @@ func TestClientAuthPublicKey(t *testing.T) {
 		Auth: []AuthMethod{
 			PublicKeys(testSigners["rsa"]),
 		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
 	}
 	if err := tryAuth(t, config); err != nil {
 		t.Fatalf("unable to dial remote side: %s", err)
@ -103,7 +104,6 @@ func TestAuthMethodPassword(t *testing.T) {
 		Auth: []AuthMethod{
 			Password(clientPassword),
 		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
 	}

 	if err := tryAuth(t, config); err != nil {
@ -123,7 +123,6 @@ func TestAuthMethodFallback(t *testing.T) {
 					return "WRONG", nil
 				}),
 		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
 	}

 	if err := tryAuth(t, config); err != nil {
@ -142,7 +141,6 @@ func TestAuthMethodWrongPassword(t *testing.T) {
 			Password("wrong"),
 			PublicKeys(testSigners["rsa"]),
 		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
 	}

 	if err := tryAuth(t, config); err != nil {
@ -160,7 +158,6 @@ func TestAuthMethodKeyboardInteractive(t *testing.T) {
 		Auth: []AuthMethod{
 			KeyboardInteractive(answers.Challenge),
 		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
 	}

 	if err := tryAuth(t, config); err != nil {
@ -206,7 +203,6 @@ func TestAuthMethodRSAandDSA(t *testing.T) {
 		Auth: []AuthMethod{
 			PublicKeys(testSigners["dsa"], testSigners["rsa"]),
 		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
 	}
 	if err := tryAuth(t, config); err != nil {
 		t.Fatalf("client could not authenticate with rsa key: %v", err)
@ -223,7 +219,6 @@ func TestClientHMAC(t *testing.T) {
 			Config: Config{
 				MACs: []string{mac},
 			},
-			HostKeyCallback: InsecureIgnoreHostKey(),
 		}
 		if err := tryAuth(t, config); err != nil {
 			t.Fatalf("client could not authenticate with mac algo %s: %v", mac, err)
@ -248,9 +243,6 @@ func TestClientUnsupportedCipher(t *testing.T) {
 }

 func TestClientUnsupportedKex(t *testing.T) {
-	if os.Getenv("GO_BUILDER_NAME") != "" {
-		t.Skip("skipping known-flaky test on the Go build dashboard; see golang.org/issue/15198")
-	}
 	config := &ClientConfig{
 		User: "testuser",
 		Auth: []AuthMethod{
@ -259,10 +251,9 @@ func TestClientUnsupportedKex(t *testing.T) {
 		Config: Config{
 			KeyExchanges: []string{"diffie-hellman-group-exchange-sha256"}, // not currently supported
 		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
 	}
-	if err := tryAuth(t, config); err == nil || !strings.Contains(err.Error(), "common algorithm") {
-		t.Errorf("got %v, expected 'common algorithm'", err)
+	if err := tryAuth(t, config); err == nil || !strings.Contains(err.Error(), "no common algorithms") {
+		t.Errorf("got %v, expected 'no common algorithms'", err)
 	}
 }

@ -279,23 +270,22 @@ func TestClientLoginCert(t *testing.T) {
 	}

 	clientConfig := &ClientConfig{
-		User:            "user",
-		HostKeyCallback: InsecureIgnoreHostKey(),
+		User: "user",
 	}
 	clientConfig.Auth = append(clientConfig.Auth, PublicKeys(certSigner))

-	// should succeed
+	t.Log("should succeed")
 	if err := tryAuth(t, clientConfig); err != nil {
 		t.Errorf("cert login failed: %v", err)
 	}

-	// corrupted signature
+	t.Log("corrupted signature")
 	cert.Signature.Blob[0]++
 	if err := tryAuth(t, clientConfig); err == nil {
 		t.Errorf("cert login passed with corrupted sig")
 	}

-	// revoked
+	t.Log("revoked")
 	cert.Serial = 666
 	cert.SignCert(rand.Reader, testSigners["ecdsa"])
 	if err := tryAuth(t, clientConfig); err == nil {
@ -303,13 +293,13 @@ func TestClientLoginCert(t *testing.T) {
 	}
 	cert.Serial = 1

-	// sign with wrong key
+	t.Log("sign with wrong key")
 	cert.SignCert(rand.Reader, testSigners["dsa"])
 	if err := tryAuth(t, clientConfig); err == nil {
-		t.Errorf("cert login passed with non-authoritative key")
+		t.Errorf("cert login passed with non-authoritive key")
 	}

-	// host cert
+	t.Log("host cert")
 	cert.CertType = HostCert
 	cert.SignCert(rand.Reader, testSigners["ecdsa"])
 	if err := tryAuth(t, clientConfig); err == nil {
@ -317,14 +307,14 @@ func TestClientLoginCert(t *testing.T) {
 	}
 	cert.CertType = UserCert

-	// principal specified
+	t.Log("principal specified")
 	cert.ValidPrincipals = []string{"user"}
 	cert.SignCert(rand.Reader, testSigners["ecdsa"])
 	if err := tryAuth(t, clientConfig); err != nil {
 		t.Errorf("cert login failed: %v", err)
 	}

-	// wrong principal specified
+	t.Log("wrong principal specified")
 	cert.ValidPrincipals = []string{"fred"}
 	cert.SignCert(rand.Reader, testSigners["ecdsa"])
 	if err := tryAuth(t, clientConfig); err == nil {
@ -332,22 +322,22 @@ func TestClientLoginCert(t *testing.T) {
 	}
 	cert.ValidPrincipals = nil

-	// added critical option
+	t.Log("added critical option")
 	cert.CriticalOptions = map[string]string{"root-access": "yes"}
 	cert.SignCert(rand.Reader, testSigners["ecdsa"])
 	if err := tryAuth(t, clientConfig); err == nil {
 		t.Errorf("cert login passed with unrecognized critical option")
 	}

-	// allowed source address
-	cert.CriticalOptions = map[string]string{"source-address": "127.0.0.42/24,::42/120"}
+	t.Log("allowed source address")
+	cert.CriticalOptions = map[string]string{"source-address": "127.0.0.42/24"}
 	cert.SignCert(rand.Reader, testSigners["ecdsa"])
 	if err := tryAuth(t, clientConfig); err != nil {
 		t.Errorf("cert login with source-address failed: %v", err)
 	}

-	// disallowed source address
-	cert.CriticalOptions = map[string]string{"source-address": "127.0.0.42,::42"}
+	t.Log("disallowed source address")
+	cert.CriticalOptions = map[string]string{"source-address": "127.0.0.42"}
 	cert.SignCert(rand.Reader, testSigners["ecdsa"])
 	if err := tryAuth(t, clientConfig); err == nil {
 		t.Errorf("cert login with source-address succeeded")
@ -370,7 +360,6 @@ func testPermissionsPassing(withPermissions bool, t *testing.T) {
 		Auth: []AuthMethod{
 			PublicKeys(testSigners["rsa"]),
 		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
 	}
 	if withPermissions {
 		clientConfig.User = "permissions"
@ -402,178 +391,3 @@ func TestPermissionsPassing(t *testing.T) {
 func TestNoPermissionsPassing(t *testing.T) {
 	testPermissionsPassing(false, t)
 }
-
-func TestRetryableAuth(t *testing.T) {
-	n := 0
-	passwords := []string{"WRONG1", "WRONG2"}
-
-	config := &ClientConfig{
-		User: "testuser",
-		Auth: []AuthMethod{
-			RetryableAuthMethod(PasswordCallback(func() (string, error) {
-				p := passwords[n]
-				n++
-				return p, nil
-			}), 2),
-			PublicKeys(testSigners["rsa"]),
-		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
-	}
-
-	if err := tryAuth(t, config); err != nil {
-		t.Fatalf("unable to dial remote side: %s", err)
-	}
-	if n != 2 {
-		t.Fatalf("Did not try all passwords")
-	}
-}
-
-func ExampleRetryableAuthMethod(t *testing.T) {
-	user := "testuser"
-	NumberOfPrompts := 3
-
-	// Normally this would be a callback that prompts the user to answer the
-	// provided questions
-	Cb := func(user, instruction string, questions []string, echos []bool) (answers []string, err error) {
-		return []string{"answer1", "answer2"}, nil
-	}
-
-	config := &ClientConfig{
-		HostKeyCallback: InsecureIgnoreHostKey(),
-		User:            user,
-		Auth: []AuthMethod{
-			RetryableAuthMethod(KeyboardInteractiveChallenge(Cb), NumberOfPrompts),
-		},
-	}
-
-	if err := tryAuth(t, config); err != nil {
-		t.Fatalf("unable to dial remote side: %s", err)
-	}
-}
-
-// Test if username is received on server side when NoClientAuth is used
-func TestClientAuthNone(t *testing.T) {
-	user := "testuser"
-	serverConfig := &ServerConfig{
-		NoClientAuth: true,
-	}
-	serverConfig.AddHostKey(testSigners["rsa"])
-
-	clientConfig := &ClientConfig{
-		User:            user,
-		HostKeyCallback: InsecureIgnoreHostKey(),
-	}
-
-	c1, c2, err := netPipe()
-	if err != nil {
-		t.Fatalf("netPipe: %v", err)
-	}
-	defer c1.Close()
-	defer c2.Close()
-
-	go NewClientConn(c2, "", clientConfig)
-	serverConn, err := newServer(c1, serverConfig)
-	if err != nil {
-		t.Fatalf("newServer: %v", err)
-	}
-	if serverConn.User() != user {
-		t.Fatalf("server: got %q, want %q", serverConn.User(), user)
-	}
-}
-
-// Test if authentication attempts are limited on server when MaxAuthTries is set
-func TestClientAuthMaxAuthTries(t *testing.T) {
-	user := "testuser"
-
-	serverConfig := &ServerConfig{
-		MaxAuthTries: 2,
-		PasswordCallback: func(conn ConnMetadata, pass []byte) (*Permissions, error) {
-			if conn.User() == "testuser" && string(pass) == "right" {
-				return nil, nil
-			}
-			return nil, errors.New("password auth failed")
-		},
-	}
-	serverConfig.AddHostKey(testSigners["rsa"])
-
-	expectedErr := fmt.Errorf("ssh: handshake failed: %v", &disconnectMsg{
-		Reason:  2,
-		Message: "too many authentication failures",
-	})
-
-	for tries := 2; tries < 4; tries++ {
-		n := tries
-		clientConfig := &ClientConfig{
-			User: user,
-			Auth: []AuthMethod{
-				RetryableAuthMethod(PasswordCallback(func() (string, error) {
-					n--
-					if n == 0 {
-						return "right", nil
-					} else {
-						return "wrong", nil
-					}
-				}), tries),
-			},
-			HostKeyCallback: InsecureIgnoreHostKey(),
-		}
-
-		c1, c2, err := netPipe()
-		if err != nil {
-			t.Fatalf("netPipe: %v", err)
-		}
-		defer c1.Close()
-		defer c2.Close()
-
-		go newServer(c1, serverConfig)
-		_, _, _, err = NewClientConn(c2, "", clientConfig)
-		if tries > 2 {
-			if err == nil {
-				t.Fatalf("client: got no error, want %s", expectedErr)
-			} else if err.Error() != expectedErr.Error() {
-				t.Fatalf("client: got %s, want %s", err, expectedErr)
-			}
-		} else {
-			if err != nil {
-				t.Fatalf("client: got %s, want no error", err)
-			}
-		}
-	}
-}
-
-// Test if authentication attempts are correctly limited on server
-// when more public keys are provided then MaxAuthTries
-func TestClientAuthMaxAuthTriesPublicKey(t *testing.T) {
-	signers := []Signer{}
-	for i := 0; i < 6; i++ {
-		signers = append(signers, testSigners["dsa"])
-	}
-
-	validConfig := &ClientConfig{
-		User: "testuser",
-		Auth: []AuthMethod{
-			PublicKeys(append([]Signer{testSigners["rsa"]}, signers...)...),
-		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
-	}
-	if err := tryAuth(t, validConfig); err != nil {
-		t.Fatalf("unable to dial remote side: %s", err)
-	}
-
-	expectedErr := fmt.Errorf("ssh: handshake failed: %v", &disconnectMsg{
-		Reason:  2,
-		Message: "too many authentication failures",
-	})
-	invalidConfig := &ClientConfig{
-		User: "testuser",
-		Auth: []AuthMethod{
-			PublicKeys(append(signers, testSigners["rsa"])...),
-		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
-	}
-	if err := tryAuth(t, invalidConfig); err == nil {
-		t.Fatalf("client: got no error, want %s", expectedErr)
-	} else if err.Error() != expectedErr.Error() {
-		t.Fatalf("client: got %s, want %s", err, expectedErr)
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/client_test.go
+++ b/vendor/golang.org/x/crypto/ssh/client_test.go
@ -6,7 +6,6 @@ package ssh

 import (
 	"net"
-	"strings"
 	"testing"
 )

@ -14,7 +13,6 @@ func testClientVersion(t *testing.T, config *ClientConfig, expected string) {
 	clientConn, serverConn := net.Pipe()
 	defer clientConn.Close()
 	receivedVersion := make(chan string, 1)
-	config.HostKeyCallback = InsecureIgnoreHostKey()
 	go func() {
 		version, err := readVersion(serverConn)
 		if err != nil {
@ -39,43 +37,3 @@ func TestCustomClientVersion(t *testing.T) {
 func TestDefaultClientVersion(t *testing.T) {
 	testClientVersion(t, &ClientConfig{}, packageVersion)
 }
-
-func TestHostKeyCheck(t *testing.T) {
-	for _, tt := range []struct {
-		name      string
-		wantError string
-		key       PublicKey
-	}{
-		{"no callback", "must specify HostKeyCallback", nil},
-		{"correct key", "", testSigners["rsa"].PublicKey()},
-		{"mismatch", "mismatch", testSigners["ecdsa"].PublicKey()},
-	} {
-		c1, c2, err := netPipe()
-		if err != nil {
-			t.Fatalf("netPipe: %v", err)
-		}
-		defer c1.Close()
-		defer c2.Close()
-		serverConf := &ServerConfig{
-			NoClientAuth: true,
-		}
-		serverConf.AddHostKey(testSigners["rsa"])
-
-		go NewServerConn(c1, serverConf)
-		clientConf := ClientConfig{
-			User: "user",
-		}
-		if tt.key != nil {
-			clientConf.HostKeyCallback = FixedHostKey(tt.key)
-		}
-
-		_, _, _, err = NewClientConn(c2, "", &clientConf)
-		if err != nil {
-			if tt.wantError == "" || !strings.Contains(err.Error(), tt.wantError) {
-				t.Errorf("%s: got error %q, missing %q", tt.name, err.Error(), tt.wantError)
-			}
-		} else if tt.wantError != "" {
-			t.Errorf("%s: succeeded, but want error string %q", tt.name, tt.wantError)
-		}
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/common.go
+++ b/vendor/golang.org/x/crypto/ssh/common.go
@ -9,7 +9,6 @@ import (
 	"crypto/rand"
 	"fmt"
 	"io"
-	"math"
 	"sync"

 	_ "crypto/sha1"
@ -34,30 +33,27 @@ var supportedCiphers = []string{
 // supportedKexAlgos specifies the supported key-exchange algorithms in
 // preference order.
 var supportedKexAlgos = []string{
-	kexAlgoCurve25519SHA256,
 	// P384 and P521 are not constant-time yet, but since we don't
 	// reuse ephemeral keys, using them for ECDH should be OK.
 	kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
 	kexAlgoDH14SHA1, kexAlgoDH1SHA1,
 }

-// supportedHostKeyAlgos specifies the supported host-key algorithms (i.e. methods
+// supportedKexAlgos specifies the supported host-key algorithms (i.e. methods
 // of authenticating servers) in preference order.
 var supportedHostKeyAlgos = []string{
 	CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01,
-	CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01,
+	CertAlgoECDSA384v01, CertAlgoECDSA521v01,

 	KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521,
 	KeyAlgoRSA, KeyAlgoDSA,
-
-	KeyAlgoED25519,
 }

 // supportedMACs specifies a default set of MAC algorithms in preference order.
 // This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
 // because they have reached the end of their useful life.
 var supportedMACs = []string{
-	"hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96",
+	"hmac-sha1", "hmac-sha1-96",
 }

 var supportedCompressions = []string{compressionNone}
@ -88,15 +84,27 @@ func parseError(tag uint8) error {
 	return fmt.Errorf("ssh: parse error in message type %d", tag)
 }

-func findCommon(what string, client []string, server []string) (common string, err error) {
-	for _, c := range client {
-		for _, s := range server {
-			if c == s {
-				return c, nil
+func findCommonAlgorithm(clientAlgos []string, serverAlgos []string) (commonAlgo string, ok bool) {
+	for _, clientAlgo := range clientAlgos {
+		for _, serverAlgo := range serverAlgos {
+			if clientAlgo == serverAlgo {
+				return clientAlgo, true
 			}
 		}
 	}
-	return "", fmt.Errorf("ssh: no common algorithm for %s; client offered: %v, server offered: %v", what, client, server)
+	return
+}
+
+func findCommonCipher(clientCiphers []string, serverCiphers []string) (commonCipher string, ok bool) {
+	for _, clientCipher := range clientCiphers {
+		for _, serverCipher := range serverCiphers {
+			// reject the cipher if we have no cipherModes definition
+			if clientCipher == serverCipher && cipherModes[clientCipher] != nil {
+				return clientCipher, true
+			}
+		}
+	}
+	return
 }

 type directionAlgorithms struct {
@ -105,21 +113,6 @@ type directionAlgorithms struct {
 	Compression string
 }

-// rekeyBytes returns a rekeying intervals in bytes.
-func (a *directionAlgorithms) rekeyBytes() int64 {
-	// According to RFC4344 block ciphers should rekey after
-	// 2^(BLOCKSIZE/4) blocks. For all AES flavors BLOCKSIZE is
-	// 128.
-	switch a.Cipher {
-	case "aes128-ctr", "aes192-ctr", "aes256-ctr", gcmCipherID, aes128cbcID:
-		return 16 * (1 << 32)
-
-	}
-
-	// For others, stick with RFC4253 recommendation to rekey after 1 Gb of data.
-	return 1 << 30
-}
-
 type algorithms struct {
 	kex     string
 	hostKey string
@ -127,50 +120,50 @@ type algorithms struct {
 	r       directionAlgorithms
 }

-func findAgreedAlgorithms(clientKexInit, serverKexInit *kexInitMsg) (algs *algorithms, err error) {
+func findAgreedAlgorithms(clientKexInit, serverKexInit *kexInitMsg) (algs *algorithms) {
+	var ok bool
 	result := &algorithms{}
-
-	result.kex, err = findCommon("key exchange", clientKexInit.KexAlgos, serverKexInit.KexAlgos)
-	if err != nil {
+	result.kex, ok = findCommonAlgorithm(clientKexInit.KexAlgos, serverKexInit.KexAlgos)
+	if !ok {
 		return
 	}

-	result.hostKey, err = findCommon("host key", clientKexInit.ServerHostKeyAlgos, serverKexInit.ServerHostKeyAlgos)
-	if err != nil {
+	result.hostKey, ok = findCommonAlgorithm(clientKexInit.ServerHostKeyAlgos, serverKexInit.ServerHostKeyAlgos)
+	if !ok {
 		return
 	}

-	result.w.Cipher, err = findCommon("client to server cipher", clientKexInit.CiphersClientServer, serverKexInit.CiphersClientServer)
-	if err != nil {
+	result.w.Cipher, ok = findCommonCipher(clientKexInit.CiphersClientServer, serverKexInit.CiphersClientServer)
+	if !ok {
 		return
 	}

-	result.r.Cipher, err = findCommon("server to client cipher", clientKexInit.CiphersServerClient, serverKexInit.CiphersServerClient)
-	if err != nil {
+	result.r.Cipher, ok = findCommonCipher(clientKexInit.CiphersServerClient, serverKexInit.CiphersServerClient)
+	if !ok {
 		return
 	}

-	result.w.MAC, err = findCommon("client to server MAC", clientKexInit.MACsClientServer, serverKexInit.MACsClientServer)
-	if err != nil {
+	result.w.MAC, ok = findCommonAlgorithm(clientKexInit.MACsClientServer, serverKexInit.MACsClientServer)
+	if !ok {
 		return
 	}

-	result.r.MAC, err = findCommon("server to client MAC", clientKexInit.MACsServerClient, serverKexInit.MACsServerClient)
-	if err != nil {
+	result.r.MAC, ok = findCommonAlgorithm(clientKexInit.MACsServerClient, serverKexInit.MACsServerClient)
+	if !ok {
 		return
 	}

-	result.w.Compression, err = findCommon("client to server compression", clientKexInit.CompressionClientServer, serverKexInit.CompressionClientServer)
-	if err != nil {
+	result.w.Compression, ok = findCommonAlgorithm(clientKexInit.CompressionClientServer, serverKexInit.CompressionClientServer)
+	if !ok {
 		return
 	}

-	result.r.Compression, err = findCommon("server to client compression", clientKexInit.CompressionServerClient, serverKexInit.CompressionServerClient)
-	if err != nil {
+	result.r.Compression, ok = findCommonAlgorithm(clientKexInit.CompressionServerClient, serverKexInit.CompressionServerClient)
+	if !ok {
 		return
 	}

-	return result, nil
+	return result
 }

 // If rekeythreshold is too small, we can't make any progress sending
@ -187,7 +180,7 @@ type Config struct {

 	// The maximum number of bytes sent or received after which a
 	// new key is negotiated. It must be at least 256. If
-	// unspecified, a size suitable for the chosen cipher is used.
+	// unspecified, 1 gigabyte is used.
 	RekeyThreshold uint64

 	// The allowed key exchanges algorithms. If unspecified then a
@ -213,14 +206,6 @@ func (c *Config) SetDefaults() {
 	if c.Ciphers == nil {
 		c.Ciphers = supportedCiphers
 	}
-	var ciphers []string
-	for _, c := range c.Ciphers {
-		if cipherModes[c] != nil {
-			// reject the cipher if we have no cipherModes definition
-			ciphers = append(ciphers, c)
-		}
-	}
-	c.Ciphers = ciphers

 	if c.KeyExchanges == nil {
 		c.KeyExchanges = supportedKexAlgos
@ -231,12 +216,11 @@ func (c *Config) SetDefaults() {
 	}

 	if c.RekeyThreshold == 0 {
-		// cipher specific default
-	} else if c.RekeyThreshold < minRekeyThreshold {
+		// RFC 4253, section 9 suggests rekeying after 1G.
+		c.RekeyThreshold = 1 << 30
+	}
+	if c.RekeyThreshold < minRekeyThreshold {
 		c.RekeyThreshold = minRekeyThreshold
-	} else if c.RekeyThreshold >= math.MaxInt64 {
-		// Avoid weirdness if somebody uses -1 as a threshold.
-		c.RekeyThreshold = math.MaxInt64
 	}
 }

--- a/vendor/golang.org/x/crypto/ssh/connection.go
+++ b/vendor/golang.org/x/crypto/ssh/connection.go
@ -23,16 +23,17 @@ func (e *OpenChannelError) Error() string {
 // ConnMetadata holds metadata for the connection.
 type ConnMetadata interface {
 	// User returns the user ID for this connection.
+	// It is empty if no authentication is used.
 	User() string

-	// SessionID returns the session hash, also denoted by H.
+	// SessionID returns the sesson hash, also denoted by H.
 	SessionID() []byte

 	// ClientVersion returns the client's version string as hashed
 	// into the session ID.
 	ClientVersion() []byte

-	// ServerVersion returns the server's version string as hashed
+	// ServerVersion returns the client's version string as hashed
 	// into the session ID.
 	ServerVersion() []byte

--- a/vendor/golang.org/x/crypto/ssh/doc.go
+++ b/vendor/golang.org/x/crypto/ssh/doc.go
@ -12,10 +12,7 @@ the multiplexed nature of SSH is exposed to users that wish to support
 others.

 References:
-  [PROTOCOL.certkeys]: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?rev=HEAD
+  [PROTOCOL.certkeys]: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys
  [SSH-PARAMETERS]:    http://www.iana.org/assignments/ssh-parameters/ssh-parameters.xml#ssh-parameters-1
-
-This package does not fall under the stability promise of the Go language itself,
-so its API may be changed when pressing needs arise.
 */
 package ssh // import "golang.org/x/crypto/ssh"
--- a/vendor/golang.org/x/crypto/ssh/example_test.go
+++ b/vendor/golang.org/x/crypto/ssh/example_test.go
@ -5,45 +5,21 @@
 package ssh_test

 import (
-	"bufio"
 	"bytes"
 	"fmt"
 	"io/ioutil"
 	"log"
 	"net"
 	"net/http"
-	"os"
-	"path/filepath"
-	"strings"

 	"golang.org/x/crypto/ssh"
 	"golang.org/x/crypto/ssh/terminal"
 )

 func ExampleNewServerConn() {
-	// Public key authentication is done by comparing
-	// the public key of a received connection
-	// with the entries in the authorized_keys file.
-	authorizedKeysBytes, err := ioutil.ReadFile("authorized_keys")
-	if err != nil {
-		log.Fatalf("Failed to load authorized_keys, err: %v", err)
-	}
-
-	authorizedKeysMap := map[string]bool{}
-	for len(authorizedKeysBytes) > 0 {
-		pubKey, _, _, rest, err := ssh.ParseAuthorizedKey(authorizedKeysBytes)
-		if err != nil {
-			log.Fatal(err)
-		}
-
-		authorizedKeysMap[string(pubKey.Marshal())] = true
-		authorizedKeysBytes = rest
-	}
-
 	// An SSH server is represented by a ServerConfig, which holds
 	// certificate details and handles authentication of ServerConns.
 	config := &ssh.ServerConfig{
-		// Remove to disable password auth.
 		PasswordCallback: func(c ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) {
 			// Should use constant-time compare (or better, salt+hash) in
 			// a production setting.
@ -52,29 +28,16 @@ func ExampleNewServerConn() {
 			}
 			return nil, fmt.Errorf("password rejected for %q", c.User())
 		},
-
-		// Remove to disable public key auth.
-		PublicKeyCallback: func(c ssh.ConnMetadata, pubKey ssh.PublicKey) (*ssh.Permissions, error) {
-			if authorizedKeysMap[string(pubKey.Marshal())] {
-				return &ssh.Permissions{
-					// Record the public key used for authentication.
-					Extensions: map[string]string{
-						"pubkey-fp": ssh.FingerprintSHA256(pubKey),
-					},
-				}, nil
-			}
-			return nil, fmt.Errorf("unknown public key for %q", c.User())
-		},
 	}

 	privateBytes, err := ioutil.ReadFile("id_rsa")
 	if err != nil {
-		log.Fatal("Failed to load private key: ", err)
+		panic("Failed to load private key")
 	}

 	private, err := ssh.ParsePrivateKey(privateBytes)
 	if err != nil {
-		log.Fatal("Failed to parse private key: ", err)
+		panic("Failed to parse private key")
 	}

 	config.AddHostKey(private)
@ -83,21 +46,19 @@ func ExampleNewServerConn() {
 	// accepted.
 	listener, err := net.Listen("tcp", "0.0.0.0:2022")
 	if err != nil {
-		log.Fatal("failed to listen for connection: ", err)
+		panic("failed to listen for connection")
 	}
 	nConn, err := listener.Accept()
 	if err != nil {
-		log.Fatal("failed to accept incoming connection: ", err)
+		panic("failed to accept incoming connection")
 	}

 	// Before use, a handshake must be performed on the incoming
 	// net.Conn.
-	conn, chans, reqs, err := ssh.NewServerConn(nConn, config)
+	_, chans, reqs, err := ssh.NewServerConn(nConn, config)
 	if err != nil {
-		log.Fatal("failed to handshake: ", err)
+		panic("failed to handshake")
 	}
-	log.Printf("logged in with key %s", conn.Permissions.Extensions["pubkey-fp"])
-
 	// The incoming Request channel must be serviced.
 	go ssh.DiscardRequests(reqs)

@ -113,7 +74,7 @@ func ExampleNewServerConn() {
 		}
 		channel, requests, err := newChannel.Accept()
 		if err != nil {
-			log.Fatalf("Could not accept channel: %v", err)
+			panic("could not accept channel.")
 		}

 		// Sessions have out-of-band requests such as "shell",
@ -121,7 +82,18 @@ func ExampleNewServerConn() {
 		// "shell" request.
 		go func(in <-chan *ssh.Request) {
 			for req := range in {
-				req.Reply(req.Type == "shell", nil)
+				ok := false
+				switch req.Type {
+				case "shell":
+					ok = true
+					if len(req.Payload) > 0 {
+						// We don't accept any
+						// commands, only the
+						// default shell.
+						ok = false
+					}
+				}
+				req.Reply(ok, nil)
 			}
 		}(requests)

@ -140,70 +112,28 @@ func ExampleNewServerConn() {
 	}
 }

-func ExampleHostKeyCheck() {
-	// Every client must provide a host key check.  Here is a
-	// simple-minded parse of OpenSSH's known_hosts file
-	host := "hostname"
-	file, err := os.Open(filepath.Join(os.Getenv("HOME"), ".ssh", "known_hosts"))
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer file.Close()
-
-	scanner := bufio.NewScanner(file)
-	var hostKey ssh.PublicKey
-	for scanner.Scan() {
-		fields := strings.Split(scanner.Text(), " ")
-		if len(fields) != 3 {
-			continue
-		}
-		if strings.Contains(fields[0], host) {
-			var err error
-			hostKey, _, _, _, err = ssh.ParseAuthorizedKey(scanner.Bytes())
-			if err != nil {
-				log.Fatalf("error parsing %q: %v", fields[2], err)
-			}
-			break
-		}
-	}
-
-	if hostKey == nil {
-		log.Fatalf("no hostkey for %s", host)
-	}
-
-	config := ssh.ClientConfig{
-		User:            os.Getenv("USER"),
-		HostKeyCallback: ssh.FixedHostKey(hostKey),
-	}
-
-	_, err = ssh.Dial("tcp", host+":22", &config)
-	log.Println(err)
-}
-
 func ExampleDial() {
-	var hostKey ssh.PublicKey
-	// An SSH client is represented with a ClientConn.
+	// An SSH client is represented with a ClientConn. Currently only
+	// the "password" authentication method is supported.
 	//
 	// To authenticate with the remote server you must pass at least one
-	// implementation of AuthMethod via the Auth field in ClientConfig,
-	// and provide a HostKeyCallback.
+	// implementation of AuthMethod via the Auth field in ClientConfig.
 	config := &ssh.ClientConfig{
 		User: "username",
 		Auth: []ssh.AuthMethod{
 			ssh.Password("yourpassword"),
 		},
-		HostKeyCallback: ssh.FixedHostKey(hostKey),
 	}
 	client, err := ssh.Dial("tcp", "yourserver.com:22", config)
 	if err != nil {
-		log.Fatal("Failed to dial: ", err)
+		panic("Failed to dial: " + err.Error())
 	}

 	// Each ClientConn can support multiple interactive sessions,
 	// represented by a Session.
 	session, err := client.NewSession()
 	if err != nil {
-		log.Fatal("Failed to create session: ", err)
+		panic("Failed to create session: " + err.Error())
 	}
 	defer session.Close()

@ -212,66 +142,29 @@ func ExampleDial() {
 	var b bytes.Buffer
 	session.Stdout = &b
 	if err := session.Run("/usr/bin/whoami"); err != nil {
-		log.Fatal("Failed to run: " + err.Error())
+		panic("Failed to run: " + err.Error())
 	}
 	fmt.Println(b.String())
 }

-func ExamplePublicKeys() {
-	var hostKey ssh.PublicKey
-	// A public key may be used to authenticate against the remote
-	// server by using an unencrypted PEM-encoded private key file.
-	//
-	// If you have an encrypted private key, the crypto/x509 package
-	// can be used to decrypt it.
-	key, err := ioutil.ReadFile("/home/user/.ssh/id_rsa")
-	if err != nil {
-		log.Fatalf("unable to read private key: %v", err)
-	}
-
-	// Create the Signer for this private key.
-	signer, err := ssh.ParsePrivateKey(key)
-	if err != nil {
-		log.Fatalf("unable to parse private key: %v", err)
-	}
-
-	config := &ssh.ClientConfig{
-		User: "user",
-		Auth: []ssh.AuthMethod{
-			// Use the PublicKeys method for remote authentication.
-			ssh.PublicKeys(signer),
-		},
-		HostKeyCallback: ssh.FixedHostKey(hostKey),
-	}
-
-	// Connect to the remote server and perform the SSH handshake.
-	client, err := ssh.Dial("tcp", "host.com:22", config)
-	if err != nil {
-		log.Fatalf("unable to connect: %v", err)
-	}
-	defer client.Close()
-}
-
 func ExampleClient_Listen() {
-	var hostKey ssh.PublicKey
 	config := &ssh.ClientConfig{
 		User: "username",
 		Auth: []ssh.AuthMethod{
 			ssh.Password("password"),
 		},
-		HostKeyCallback: ssh.FixedHostKey(hostKey),
 	}
 	// Dial your ssh server.
 	conn, err := ssh.Dial("tcp", "localhost:22", config)
 	if err != nil {
-		log.Fatal("unable to connect: ", err)
+		log.Fatalf("unable to connect: %s", err)
 	}
 	defer conn.Close()

 	// Request the remote side to open port 8080 on all interfaces.
 	l, err := conn.Listen("tcp", "0.0.0.0:8080")
 	if err != nil {
-		log.Fatal("unable to register tcp forward: ", err)
+		log.Fatalf("unable to register tcp forward: %v", err)
 	}
 	defer l.Close()

@ -282,25 +175,23 @@ func ExampleClient_Listen() {
 }

 func ExampleSession_RequestPty() {
-	var hostKey ssh.PublicKey
 	// Create client config
 	config := &ssh.ClientConfig{
 		User: "username",
 		Auth: []ssh.AuthMethod{
 			ssh.Password("password"),
 		},
-		HostKeyCallback: ssh.FixedHostKey(hostKey),
 	}
 	// Connect to ssh server
 	conn, err := ssh.Dial("tcp", "localhost:22", config)
 	if err != nil {
-		log.Fatal("unable to connect: ", err)
+		log.Fatalf("unable to connect: %s", err)
 	}
 	defer conn.Close()
 	// Create a session
 	session, err := conn.NewSession()
 	if err != nil {
-		log.Fatal("unable to create session: ", err)
+		log.Fatalf("unable to create session: %s", err)
 	}
 	defer session.Close()
 	// Set up terminal modes
@ -310,11 +201,11 @@ func ExampleSession_RequestPty() {
 		ssh.TTY_OP_OSPEED: 14400, // output speed = 14.4kbaud
 	}
 	// Request pseudo terminal
-	if err := session.RequestPty("xterm", 40, 80, modes); err != nil {
-		log.Fatal("request for pseudo terminal failed: ", err)
+	if err := session.RequestPty("xterm", 80, 40, modes); err != nil {
+		log.Fatalf("request for pseudo terminal failed: %s", err)
 	}
 	// Start remote shell
 	if err := session.Shell(); err != nil {
-		log.Fatal("failed to start shell: ", err)
+		log.Fatalf("failed to start shell: %s", err)
 	}
 }
--- a/vendor/golang.org/x/crypto/ssh/handshake.go
+++ b/vendor/golang.org/x/crypto/ssh/handshake.go
@ -19,11 +19,6 @@ import (
 // messages are wrong when using ECDH.
 const debugHandshake = false

-// chanSize sets the amount of buffering SSH connections. This is
-// primarily for testing: setting chanSize=0 uncovers deadlocks more
-// quickly.
-const chanSize = 16
-
 // keyingTransport is a packet based transport that supports key
 // changes. It need not be thread-safe. It should pass through
 // msgNewKeys in both directions.
@ -34,6 +29,25 @@ type keyingTransport interface {
 	// direction will be effected if a msgNewKeys message is sent
 	// or received.
 	prepareKeyChange(*algorithms, *kexResult) error
+
+	// getSessionID returns the session ID. prepareKeyChange must
+	// have been called once.
+	getSessionID() []byte
+}
+
+// rekeyingTransport is the interface of handshakeTransport that we
+// (internally) expose to ClientConn and ServerConn.
+type rekeyingTransport interface {
+	packetConn
+
+	// requestKeyChange asks the remote side to change keys. All
+	// writes are blocked until the key change succeeds, which is
+	// signaled by reading a msgNewKeys.
+	requestKeyChange() error
+
+	// getSessionID returns the session ID. This is only valid
+	// after the first key change has completed.
+	getSessionID() []byte
 }

 // handshakeTransport implements rekeying on top of a keyingTransport
@ -45,55 +59,26 @@ type handshakeTransport struct {
 	serverVersion []byte
 	clientVersion []byte

-	// hostKeys is non-empty if we are the server. In that case,
-	// it contains all host keys that can be used to sign the
-	// connection.
-	hostKeys []Signer
-
-	// hostKeyAlgorithms is non-empty if we are the client. In that case,
-	// we accept these key types from the server as host key.
-	hostKeyAlgorithms []string
+	hostKeys []Signer // If hostKeys are given, we are the server.

 	// On read error, incoming is closed, and readError is set.
 	incoming  chan []byte
 	readError error

-	mu             sync.Mutex
-	writeError     error
-	sentInitPacket []byte
-	sentInitMsg    *kexInitMsg
-	pendingPackets [][]byte // Used when a key exchange is in progress.
-
-	// If the read loop wants to schedule a kex, it pings this
-	// channel, and the write loop will send out a kex
-	// message.
-	requestKex chan struct{}
-
-	// If the other side requests or confirms a kex, its kexInit
-	// packet is sent here for the write loop to find it.
-	startKex chan *pendingKex
-
 	// data for host key checking
-	hostKeyCallback HostKeyCallback
+	hostKeyCallback func(hostname string, remote net.Addr, key PublicKey) error
 	dialAddress     string
 	remoteAddr      net.Addr

-	// Algorithms agreed in the last key exchange.
-	algorithms *algorithms
+	readSinceKex uint64

-	readPacketsLeft uint32
-	readBytesLeft   int64
-
-	writePacketsLeft uint32
-	writeBytesLeft   int64
-
-	// The session ID or nil if first kex did not complete yet.
-	sessionID []byte
-}
-
-type pendingKex struct {
-	otherInit []byte
-	done      chan error
+	// Protects the writing side of the connection
+	mu              sync.Mutex
+	cond            *sync.Cond
+	sentInitPacket  []byte
+	sentInitMsg     *kexInitMsg
+	writtenSinceKex uint64
+	writeError      error
 }

 func newHandshakeTransport(conn keyingTransport, config *Config, clientVersion, serverVersion []byte) *handshakeTransport {
@ -101,17 +86,10 @@ func newHandshakeTransport(conn keyingTransport, config *Config, clientVersion,
 		conn:          conn,
 		serverVersion: serverVersion,
 		clientVersion: clientVersion,
-		incoming:      make(chan []byte, chanSize),
-		requestKex:    make(chan struct{}, 1),
-		startKex:      make(chan *pendingKex, 1),
-
-		config: config,
+		incoming:      make(chan []byte, 16),
+		config:        config,
 	}
-	t.resetReadThresholds()
-	t.resetWriteThresholds()
-
-	// We always start with a mandatory key exchange.
-	t.requestKex <- struct{}{}
+	t.cond = sync.NewCond(&t.mu)
 	return t
 }

@ -120,13 +98,7 @@ func newClientTransport(conn keyingTransport, clientVersion, serverVersion []byt
 	t.dialAddress = dialAddr
 	t.remoteAddr = addr
 	t.hostKeyCallback = config.HostKeyCallback
-	if config.HostKeyAlgorithms != nil {
-		t.hostKeyAlgorithms = config.HostKeyAlgorithms
-	} else {
-		t.hostKeyAlgorithms = supportedHostKeyAlgos
-	}
 	go t.readLoop()
-	go t.kexLoop()
 	return t
 }

@ -134,26 +106,11 @@ func newServerTransport(conn keyingTransport, clientVersion, serverVersion []byt
 	t := newHandshakeTransport(conn, &config.Config, clientVersion, serverVersion)
 	t.hostKeys = config.hostKeys
 	go t.readLoop()
-	go t.kexLoop()
 	return t
 }

 func (t *handshakeTransport) getSessionID() []byte {
-	return t.sessionID
-}
-
-// waitSession waits for the session to be established. This should be
-// the first thing to call after instantiating handshakeTransport.
-func (t *handshakeTransport) waitSession() error {
-	p, err := t.readPacket()
-	if err != nil {
-		return err
-	}
-	if p[0] != msgNewKeys {
-		return fmt.Errorf("ssh: first packet should be msgNewKeys")
-	}
-
-	return nil
+	return t.conn.getSessionID()
 }

 func (t *handshakeTransport) id() string {
@ -163,20 +120,6 @@ func (t *handshakeTransport) id() string {
 	return "client"
 }

-func (t *handshakeTransport) printPacket(p []byte, write bool) {
-	action := "got"
-	if write {
-		action = "sent"
-	}
-
-	if p[0] == msgChannelData || p[0] == msgChannelExtendedData {
-		log.Printf("%s %s data (packet %d bytes)", t.id(), action, len(p))
-	} else {
-		msg, err := decode(p)
-		log.Printf("%s %s %T %v (%v)", t.id(), action, msg, msg, err)
-	}
-}
-
 func (t *handshakeTransport) readPacket() ([]byte, error) {
 	p, ok := <-t.incoming
 	if !ok {
@ -186,10 +129,8 @@ func (t *handshakeTransport) readPacket() ([]byte, error) {
 }

 func (t *handshakeTransport) readLoop() {
-	first := true
 	for {
-		p, err := t.readOnePacket(first)
-		first = false
+		p, err := t.readOnePacket()
 		if err != nil {
 			t.readError = err
 			close(t.incoming)
@ -200,244 +141,82 @@ func (t *handshakeTransport) readLoop() {
 		}
 		t.incoming <- p
 	}
-
-	// Stop writers too.
-	t.recordWriteError(t.readError)
-
-	// Unblock the writer should it wait for this.
-	close(t.startKex)
-
-	// Don't close t.requestKex; it's also written to from writePacket.
 }

-func (t *handshakeTransport) pushPacket(p []byte) error {
-	if debugHandshake {
-		t.printPacket(p, true)
-	}
-	return t.conn.writePacket(p)
-}
-
-func (t *handshakeTransport) getWriteError() error {
-	t.mu.Lock()
-	defer t.mu.Unlock()
-	return t.writeError
-}
-
-func (t *handshakeTransport) recordWriteError(err error) {
-	t.mu.Lock()
-	defer t.mu.Unlock()
-	if t.writeError == nil && err != nil {
-		t.writeError = err
-	}
-}
-
-func (t *handshakeTransport) requestKeyExchange() {
-	select {
-	case t.requestKex <- struct{}{}:
-	default:
-		// something already requested a kex, so do nothing.
-	}
-}
-
-func (t *handshakeTransport) resetWriteThresholds() {
-	t.writePacketsLeft = packetRekeyThreshold
-	if t.config.RekeyThreshold > 0 {
-		t.writeBytesLeft = int64(t.config.RekeyThreshold)
-	} else if t.algorithms != nil {
-		t.writeBytesLeft = t.algorithms.w.rekeyBytes()
-	} else {
-		t.writeBytesLeft = 1 << 30
-	}
-}
-
-func (t *handshakeTransport) kexLoop() {
-
-write:
-	for t.getWriteError() == nil {
-		var request *pendingKex
-		var sent bool
-
-		for request == nil || !sent {
-			var ok bool
-			select {
-			case request, ok = <-t.startKex:
-				if !ok {
-					break write
-				}
-			case <-t.requestKex:
-				break
-			}
-
-			if !sent {
-				if err := t.sendKexInit(); err != nil {
-					t.recordWriteError(err)
-					break
-				}
-				sent = true
-			}
+func (t *handshakeTransport) readOnePacket() ([]byte, error) {
+	if t.readSinceKex > t.config.RekeyThreshold {
+		if err := t.requestKeyChange(); err != nil {
+			return nil, err
 		}
-
-		if err := t.getWriteError(); err != nil {
-			if request != nil {
-				request.done <- err
-			}
-			break
-		}
-
-		// We're not servicing t.requestKex, but that is OK:
-		// we never block on sending to t.requestKex.
-
-		// We're not servicing t.startKex, but the remote end
-		// has just sent us a kexInitMsg, so it can't send
-		// another key change request, until we close the done
-		// channel on the pendingKex request.
-
-		err := t.enterKeyExchange(request.otherInit)
-
-		t.mu.Lock()
-		t.writeError = err
-		t.sentInitPacket = nil
-		t.sentInitMsg = nil
-
-		t.resetWriteThresholds()
-
-		// we have completed the key exchange. Since the
-		// reader is still blocked, it is safe to clear out
-		// the requestKex channel. This avoids the situation
-		// where: 1) we consumed our own request for the
-		// initial kex, and 2) the kex from the remote side
-		// caused another send on the requestKex channel,
-	clear:
-		for {
-			select {
-			case <-t.requestKex:
-				//
-			default:
-				break clear
-			}
-		}
-
-		request.done <- t.writeError
-
-		// kex finished. Push packets that we received while
-		// the kex was in progress. Don't look at t.startKex
-		// and don't increment writtenSinceKex: if we trigger
-		// another kex while we are still busy with the last
-		// one, things will become very confusing.
-		for _, p := range t.pendingPackets {
-			t.writeError = t.pushPacket(p)
-			if t.writeError != nil {
-				break
-			}
-		}
-		t.pendingPackets = t.pendingPackets[:0]
-		t.mu.Unlock()
 	}

-	// drain startKex channel. We don't service t.requestKex
-	// because nobody does blocking sends there.
-	go func() {
-		for init := range t.startKex {
-			init.done <- t.writeError
-		}
-	}()
-
-	// Unblock reader.
-	t.conn.Close()
-}
-
-// The protocol uses uint32 for packet counters, so we can't let them
-// reach 1<<32.  We will actually read and write more packets than
-// this, though: the other side may send more packets, and after we
-// hit this limit on writing we will send a few more packets for the
-// key exchange itself.
-const packetRekeyThreshold = (1 << 31)
-
-func (t *handshakeTransport) resetReadThresholds() {
-	t.readPacketsLeft = packetRekeyThreshold
-	if t.config.RekeyThreshold > 0 {
-		t.readBytesLeft = int64(t.config.RekeyThreshold)
-	} else if t.algorithms != nil {
-		t.readBytesLeft = t.algorithms.r.rekeyBytes()
-	} else {
-		t.readBytesLeft = 1 << 30
-	}
-}
-
-func (t *handshakeTransport) readOnePacket(first bool) ([]byte, error) {
 	p, err := t.conn.readPacket()
 	if err != nil {
 		return nil, err
 	}

-	if t.readPacketsLeft > 0 {
-		t.readPacketsLeft--
-	} else {
-		t.requestKeyExchange()
-	}
-
-	if t.readBytesLeft > 0 {
-		t.readBytesLeft -= int64(len(p))
-	} else {
-		t.requestKeyExchange()
-	}
-
+	t.readSinceKex += uint64(len(p))
 	if debugHandshake {
-		t.printPacket(p, false)
+		msg, err := decode(p)
+		log.Printf("%s got %T %v (%v)", t.id(), msg, msg, err)
 	}
-
-	if first && p[0] != msgKexInit {
-		return nil, fmt.Errorf("ssh: first packet should be msgKexInit")
-	}
-
 	if p[0] != msgKexInit {
 		return p, nil
 	}
+	err = t.enterKeyExchange(p)

-	firstKex := t.sessionID == nil
-
-	kex := pendingKex{
-		done:      make(chan error, 1),
-		otherInit: p,
+	t.mu.Lock()
+	if err != nil {
+		// drop connection
+		t.conn.Close()
+		t.writeError = err
 	}
-	t.startKex <- &kex
-	err = <-kex.done

 	if debugHandshake {
-		log.Printf("%s exited key exchange (first %v), err %v", t.id(), firstKex, err)
+		log.Printf("%s exited key exchange, err %v", t.id(), err)
 	}

+	// Unblock writers.
+	t.sentInitMsg = nil
+	t.sentInitPacket = nil
+	t.cond.Broadcast()
+	t.writtenSinceKex = 0
+	t.mu.Unlock()
+
 	if err != nil {
 		return nil, err
 	}

-	t.resetReadThresholds()
-
-	// By default, a key exchange is hidden from higher layers by
-	// translating it into msgIgnore.
-	successPacket := []byte{msgIgnore}
-	if firstKex {
-		// sendKexInit() for the first kex waits for
-		// msgNewKeys so the authentication process is
-		// guaranteed to happen over an encrypted transport.
-		successPacket = []byte{msgNewKeys}
-	}
-
-	return successPacket, nil
+	t.readSinceKex = 0
+	return []byte{msgNewKeys}, nil
 }

-// sendKexInit sends a key change message.
-func (t *handshakeTransport) sendKexInit() error {
+// sendKexInit sends a key change message, and returns the message
+// that was sent. After initiating the key change, all writes will be
+// blocked until the change is done, and a failed key change will
+// close the underlying transport. This function is safe for
+// concurrent use by multiple goroutines.
+func (t *handshakeTransport) sendKexInit() (*kexInitMsg, []byte, error) {
 	t.mu.Lock()
 	defer t.mu.Unlock()
-	if t.sentInitMsg != nil {
-		// kexInits may be sent either in response to the other side,
-		// or because our side wants to initiate a key change, so we
-		// may have already sent a kexInit. In that case, don't send a
-		// second kexInit.
-		return nil
-	}
+	return t.sendKexInitLocked()
+}

+func (t *handshakeTransport) requestKeyChange() error {
+	_, _, err := t.sendKexInit()
+	return err
+}
+
+// sendKexInitLocked sends a key change message. t.mu must be locked
+// while this happens.
+func (t *handshakeTransport) sendKexInitLocked() (*kexInitMsg, []byte, error) {
+	// kexInits may be sent either in response to the other side,
+	// or because our side wants to initiate a key change, so we
+	// may have already sent a kexInit. In that case, don't send a
+	// second kexInit.
+	if t.sentInitMsg != nil {
+		return t.sentInitMsg, t.sentInitPacket, nil
+	}
 	msg := &kexInitMsg{
 		KexAlgos:                t.config.KeyExchanges,
 		CiphersClientServer:     t.config.Ciphers,
@ -455,7 +234,7 @@ func (t *handshakeTransport) sendKexInit() error {
 				msg.ServerHostKeyAlgos, k.PublicKey().Type())
 		}
 	} else {
-		msg.ServerHostKeyAlgos = t.hostKeyAlgorithms
+		msg.ServerHostKeyAlgos = supportedHostKeyAlgos
 	}
 	packet := Marshal(msg)

@ -463,65 +242,54 @@ func (t *handshakeTransport) sendKexInit() error {
 	packetCopy := make([]byte, len(packet))
 	copy(packetCopy, packet)

-	if err := t.pushPacket(packetCopy); err != nil {
-		return err
+	if err := t.conn.writePacket(packetCopy); err != nil {
+		return nil, nil, err
 	}

 	t.sentInitMsg = msg
 	t.sentInitPacket = packet
-
-	return nil
+	return msg, packet, nil
 }

 func (t *handshakeTransport) writePacket(p []byte) error {
-	switch p[0] {
-	case msgKexInit:
-		return errors.New("ssh: only handshakeTransport can send kexInit")
-	case msgNewKeys:
-		return errors.New("ssh: only handshakeTransport can send newKeys")
-	}
-
 	t.mu.Lock()
-	defer t.mu.Unlock()
+	if t.writtenSinceKex > t.config.RekeyThreshold {
+		t.sendKexInitLocked()
+	}
+	for t.sentInitMsg != nil {
+		t.cond.Wait()
+	}
 	if t.writeError != nil {
 		return t.writeError
 	}
+	t.writtenSinceKex += uint64(len(p))

-	if t.sentInitMsg != nil {
-		// Copy the packet so the writer can reuse the buffer.
-		cp := make([]byte, len(p))
-		copy(cp, p)
-		t.pendingPackets = append(t.pendingPackets, cp)
-		return nil
+	var err error
+	switch p[0] {
+	case msgKexInit:
+		err = errors.New("ssh: only handshakeTransport can send kexInit")
+	case msgNewKeys:
+		err = errors.New("ssh: only handshakeTransport can send newKeys")
+	default:
+		err = t.conn.writePacket(p)
 	}
-
-	if t.writeBytesLeft > 0 {
-		t.writeBytesLeft -= int64(len(p))
-	} else {
-		t.requestKeyExchange()
-	}
-
-	if t.writePacketsLeft > 0 {
-		t.writePacketsLeft--
-	} else {
-		t.requestKeyExchange()
-	}
-
-	if err := t.pushPacket(p); err != nil {
-		t.writeError = err
-	}
-
-	return nil
+	t.mu.Unlock()
+	return err
 }

 func (t *handshakeTransport) Close() error {
 	return t.conn.Close()
 }

+// enterKeyExchange runs the key exchange.
 func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 	if debugHandshake {
 		log.Printf("%s entered key exchange", t.id())
 	}
+	myInit, myInitPacket, err := t.sendKexInit()
+	if err != nil {
+		return err
+	}

 	otherInit := &kexInitMsg{}
 	if err := Unmarshal(otherInitPacket, otherInit); err != nil {
@ -532,35 +300,26 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 		clientVersion: t.clientVersion,
 		serverVersion: t.serverVersion,
 		clientKexInit: otherInitPacket,
-		serverKexInit: t.sentInitPacket,
+		serverKexInit: myInitPacket,
 	}

 	clientInit := otherInit
-	serverInit := t.sentInitMsg
+	serverInit := myInit
 	if len(t.hostKeys) == 0 {
-		clientInit, serverInit = serverInit, clientInit
+		clientInit = myInit
+		serverInit = otherInit

-		magics.clientKexInit = t.sentInitPacket
+		magics.clientKexInit = myInitPacket
 		magics.serverKexInit = otherInitPacket
 	}

-	var err error
-	t.algorithms, err = findAgreedAlgorithms(clientInit, serverInit)
-	if err != nil {
-		return err
+	algs := findAgreedAlgorithms(clientInit, serverInit)
+	if algs == nil {
+		return errors.New("ssh: no common algorithms")
 	}

 	// We don't send FirstKexFollows, but we handle receiving it.
-	//
-	// RFC 4253 section 7 defines the kex and the agreement method for
-	// first_kex_packet_follows. It states that the guessed packet
-	// should be ignored if the "kex algorithm and/or the host
-	// key algorithm is guessed wrong (server and client have
-	// different preferred algorithm), or if any of the other
-	// algorithms cannot be agreed upon". The other algorithms have
-	// already been checked above so the kex algorithm and host key
-	// algorithm are checked here.
-	if otherInit.FirstKexFollows && (clientInit.KexAlgos[0] != serverInit.KexAlgos[0] || clientInit.ServerHostKeyAlgos[0] != serverInit.ServerHostKeyAlgos[0]) {
+	if otherInit.FirstKexFollows && algs.kex != otherInit.KexAlgos[0] {
 		// other side sent a kex message for the wrong algorithm,
 		// which we have to ignore.
 		if _, err := t.conn.readPacket(); err != nil {
@ -568,30 +327,23 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 		}
 	}

-	kex, ok := kexAlgoMap[t.algorithms.kex]
+	kex, ok := kexAlgoMap[algs.kex]
 	if !ok {
-		return fmt.Errorf("ssh: unexpected key exchange algorithm %v", t.algorithms.kex)
+		return fmt.Errorf("ssh: unexpected key exchange algorithm %v", algs.kex)
 	}

 	var result *kexResult
 	if len(t.hostKeys) > 0 {
-		result, err = t.server(kex, t.algorithms, &magics)
+		result, err = t.server(kex, algs, &magics)
 	} else {
-		result, err = t.client(kex, t.algorithms, &magics)
+		result, err = t.client(kex, algs, &magics)
 	}

 	if err != nil {
 		return err
 	}

-	if t.sessionID == nil {
-		t.sessionID = result.H
-	}
-	result.SessionID = t.sessionID
-
-	if err := t.conn.prepareKeyChange(t.algorithms, result); err != nil {
-		return err
-	}
+	t.conn.prepareKeyChange(algs, result)
 	if err = t.conn.writePacket([]byte{msgNewKeys}); err != nil {
 		return err
 	}
@ -600,7 +352,6 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 	} else if packet[0] != msgNewKeys {
 		return unexpectedMessageError(msgNewKeys, packet[0])
 	}
-
 	return nil
 }

@ -631,9 +382,11 @@ func (t *handshakeTransport) client(kex kexAlgorithm, algs *algorithms, magics *
 		return nil, err
 	}

-	err = t.hostKeyCallback(t.dialAddress, t.remoteAddr, hostKey)
-	if err != nil {
-		return nil, err
+	if t.hostKeyCallback != nil {
+		err = t.hostKeyCallback(t.dialAddress, t.remoteAddr, hostKey)
+		if err != nil {
+			return nil, err
+		}
 	}

 	return result, nil
--- a/vendor/golang.org/x/crypto/ssh/handshake_test.go
+++ b/vendor/golang.org/x/crypto/ssh/handshake_test.go
@ -7,14 +7,8 @@ package ssh
 import (
 	"bytes"
 	"crypto/rand"
-	"errors"
 	"fmt"
-	"io"
 	"net"
-	"reflect"
-	"runtime"
-	"strings"
-	"sync"
 	"testing"
 )

@ -42,10 +36,7 @@ func (t *testChecker) Check(dialAddr string, addr net.Addr, key PublicKey) error
 func netPipe() (net.Conn, net.Conn, error) {
 	listener, err := net.Listen("tcp", "127.0.0.1:0")
 	if err != nil {
-		listener, err = net.Listen("tcp", "[::1]:0")
-		if err != nil {
-			return nil, nil, err
-		}
+		return nil, nil, err
 	}
 	defer listener.Close()
 	c1, err := net.Dial("tcp", listener.Addr().String())
@ -62,46 +53,14 @@ func netPipe() (net.Conn, net.Conn, error) {
 	return c1, c2, nil
 }

-// noiseTransport inserts ignore messages to check that the read loop
-// and the key exchange filters out these messages.
-type noiseTransport struct {
-	keyingTransport
-}
-
-func (t *noiseTransport) writePacket(p []byte) error {
-	ignore := []byte{msgIgnore}
-	if err := t.keyingTransport.writePacket(ignore); err != nil {
-		return err
-	}
-	debug := []byte{msgDebug, 1, 2, 3}
-	if err := t.keyingTransport.writePacket(debug); err != nil {
-		return err
-	}
-
-	return t.keyingTransport.writePacket(p)
-}
-
-func addNoiseTransport(t keyingTransport) keyingTransport {
-	return &noiseTransport{t}
-}
-
-// handshakePair creates two handshakeTransports connected with each
-// other. If the noise argument is true, both transports will try to
-// confuse the other side by sending ignore and debug messages.
-func handshakePair(clientConf *ClientConfig, addr string, noise bool) (client *handshakeTransport, server *handshakeTransport, err error) {
+func handshakePair(clientConf *ClientConfig, addr string) (client *handshakeTransport, server *handshakeTransport, err error) {
 	a, b, err := netPipe()
 	if err != nil {
 		return nil, nil, err
 	}

-	var trC, trS keyingTransport
-
-	trC = newTransport(a, rand.Reader, true)
-	trS = newTransport(b, rand.Reader, false)
-	if noise {
-		trC = addNoiseTransport(trC)
-		trS = addNoiseTransport(trS)
-	}
+	trC := newTransport(a, rand.Reader, true)
+	trS := newTransport(b, rand.Reader, false)
 	clientConf.SetDefaults()

 	v := []byte("version")
@ -109,32 +68,15 @@ func handshakePair(clientConf *ClientConfig, addr string, noise bool) (client *h

 	serverConf := &ServerConfig{}
 	serverConf.AddHostKey(testSigners["ecdsa"])
-	serverConf.AddHostKey(testSigners["rsa"])
 	serverConf.SetDefaults()
 	server = newServerTransport(trS, v, v, serverConf)

-	if err := server.waitSession(); err != nil {
-		return nil, nil, fmt.Errorf("server.waitSession: %v", err)
-	}
-	if err := client.waitSession(); err != nil {
-		return nil, nil, fmt.Errorf("client.waitSession: %v", err)
-	}
-
 	return client, server, nil
 }

 func TestHandshakeBasic(t *testing.T) {
-	if runtime.GOOS == "plan9" {
-		t.Skip("see golang.org/issue/7237")
-	}
-
-	checker := &syncChecker{
-		waitCall: make(chan int, 10),
-		called:   make(chan int, 10),
-	}
-
-	checker.waitCall <- 1
-	trC, trS, err := handshakePair(&ClientConfig{HostKeyCallback: checker.Check}, "addr", false)
+	checker := &testChecker{}
+	trC, trS, err := handshakePair(&ClientConfig{HostKeyCallback: checker.Check}, "addr")
 	if err != nil {
 		t.Fatalf("handshakePair: %v", err)
 	}
@ -142,195 +84,212 @@ func TestHandshakeBasic(t *testing.T) {
 	defer trC.Close()
 	defer trS.Close()

-	// Let first kex complete normally.
-	<-checker.called
-
-	clientDone := make(chan int, 0)
-	gotHalf := make(chan int, 0)
-	const N = 20
-
 	go func() {
-		defer close(clientDone)
 		// Client writes a bunch of stuff, and does a key
 		// change in the middle. This should not confuse the
-		// handshake in progress. We do this twice, so we test
-		// that the packet buffer is reset correctly.
-		for i := 0; i < N; i++ {
+		// handshake in progress
+		for i := 0; i < 10; i++ {
 			p := []byte{msgRequestSuccess, byte(i)}
 			if err := trC.writePacket(p); err != nil {
 				t.Fatalf("sendPacket: %v", err)
 			}
-			if (i % 10) == 5 {
-				<-gotHalf
+			if i == 5 {
 				// halfway through, we request a key change.
-				trC.requestKeyExchange()
-
-				// Wait until we can be sure the key
-				// change has really started before we
-				// write more.
-				<-checker.called
-			}
-			if (i % 10) == 7 {
-				// write some packets until the kex
-				// completes, to test buffering of
-				// packets.
-				checker.waitCall <- 1
+				_, _, err := trC.sendKexInit()
+				if err != nil {
+					t.Fatalf("sendKexInit: %v", err)
+				}
 			}
 		}
+		trC.Close()
 	}()

 	// Server checks that client messages come in cleanly
 	i := 0
-	err = nil
-	for ; i < N; i++ {
-		var p []byte
-		p, err = trS.readPacket()
+	for {
+		p, err := trS.readPacket()
 		if err != nil {
 			break
 		}
-		if (i % 10) == 5 {
-			gotHalf <- 1
+		if p[0] == msgNewKeys {
+			continue
 		}
-
 		want := []byte{msgRequestSuccess, byte(i)}
 		if bytes.Compare(p, want) != 0 {
-			t.Errorf("message %d: got %v, want %v", i, p, want)
+			t.Errorf("message %d: got %q, want %q", i, p, want)
 		}
+		i++
 	}
-	<-clientDone
-	if err != nil && err != io.EOF {
-		t.Fatalf("server error: %v", err)
-	}
-	if i != N {
+	if i != 10 {
 		t.Errorf("received %d messages, want 10.", i)
 	}

-	close(checker.called)
-	if _, ok := <-checker.called; ok {
-		// If all went well, we registered exactly 2 key changes: one
-		// that establishes the session, and one that we requested
-		// additionally.
-		t.Fatalf("got another host key checks after 2 handshakes")
+	// If all went well, we registered exactly 1 key change.
+	if len(checker.calls) != 1 {
+		t.Fatalf("got %d host key checks, want 1", len(checker.calls))
+	}
+
+	pub := testSigners["ecdsa"].PublicKey()
+	want := fmt.Sprintf("%s %v %s %x", "addr", trC.remoteAddr, pub.Type(), pub.Marshal())
+	if want != checker.calls[0] {
+		t.Errorf("got %q want %q for host key check", checker.calls[0], want)
 	}
 }

-func TestForceFirstKex(t *testing.T) {
-	// like handshakePair, but must access the keyingTransport.
+func TestHandshakeError(t *testing.T) {
 	checker := &testChecker{}
-	clientConf := &ClientConfig{HostKeyCallback: checker.Check}
-	a, b, err := netPipe()
-	if err != nil {
-		t.Fatalf("netPipe: %v", err)
-	}
-
-	var trC, trS keyingTransport
-
-	trC = newTransport(a, rand.Reader, true)
-
-	// This is the disallowed packet:
-	trC.writePacket(Marshal(&serviceRequestMsg{serviceUserAuth}))
-
-	// Rest of the setup.
-	trS = newTransport(b, rand.Reader, false)
-	clientConf.SetDefaults()
-
-	v := []byte("version")
-	client := newClientTransport(trC, v, v, clientConf, "addr", a.RemoteAddr())
-
-	serverConf := &ServerConfig{}
-	serverConf.AddHostKey(testSigners["ecdsa"])
-	serverConf.AddHostKey(testSigners["rsa"])
-	serverConf.SetDefaults()
-	server := newServerTransport(trS, v, v, serverConf)
-
-	defer client.Close()
-	defer server.Close()
-
-	// We setup the initial key exchange, but the remote side
-	// tries to send serviceRequestMsg in cleartext, which is
-	// disallowed.
-
-	if err := server.waitSession(); err == nil {
-		t.Errorf("server first kex init should reject unexpected packet")
-	}
-}
-
-func TestHandshakeAutoRekeyWrite(t *testing.T) {
-	checker := &syncChecker{
-		called:   make(chan int, 10),
-		waitCall: nil,
-	}
-	clientConf := &ClientConfig{HostKeyCallback: checker.Check}
-	clientConf.RekeyThreshold = 500
-	trC, trS, err := handshakePair(clientConf, "addr", false)
+	trC, trS, err := handshakePair(&ClientConfig{HostKeyCallback: checker.Check}, "bad")
 	if err != nil {
 		t.Fatalf("handshakePair: %v", err)
 	}
 	defer trC.Close()
 	defer trS.Close()

-	input := make([]byte, 251)
-	input[0] = msgRequestSuccess
+	// send a packet
+	packet := []byte{msgRequestSuccess, 42}
+	if err := trC.writePacket(packet); err != nil {
+		t.Errorf("writePacket: %v", err)
+	}

-	done := make(chan int, 1)
-	const numPacket = 5
-	go func() {
-		defer close(done)
-		j := 0
-		for ; j < numPacket; j++ {
-			if p, err := trS.readPacket(); err != nil {
-				break
-			} else if !bytes.Equal(input, p) {
-				t.Errorf("got packet type %d, want %d", p[0], input[0])
-			}
+	// Now request a key change.
+	_, _, err = trC.sendKexInit()
+	if err != nil {
+		t.Errorf("sendKexInit: %v", err)
+	}
+
+	// the key change will fail, and afterwards we can't write.
+	if err := trC.writePacket([]byte{msgRequestSuccess, 43}); err == nil {
+		t.Errorf("writePacket after botched rekey succeeded.")
+	}
+
+	readback, err := trS.readPacket()
+	if err != nil {
+		t.Fatalf("server closed too soon: %v", err)
+	}
+	if bytes.Compare(readback, packet) != 0 {
+		t.Errorf("got %q want %q", readback, packet)
+	}
+	readback, err = trS.readPacket()
+	if err == nil {
+		t.Errorf("got a message %q after failed key change", readback)
+	}
+}
+
+func TestHandshakeTwice(t *testing.T) {
+	checker := &testChecker{}
+	trC, trS, err := handshakePair(&ClientConfig{HostKeyCallback: checker.Check}, "addr")
+	if err != nil {
+		t.Fatalf("handshakePair: %v", err)
+	}
+
+	defer trC.Close()
+	defer trS.Close()
+
+	// send a packet
+	packet := make([]byte, 5)
+	packet[0] = msgRequestSuccess
+	if err := trC.writePacket(packet); err != nil {
+		t.Errorf("writePacket: %v", err)
+	}
+
+	// Now request a key change.
+	_, _, err = trC.sendKexInit()
+	if err != nil {
+		t.Errorf("sendKexInit: %v", err)
+	}
+
+	// Send another packet. Use a fresh one, since writePacket destroys.
+	packet = make([]byte, 5)
+	packet[0] = msgRequestSuccess
+	if err := trC.writePacket(packet); err != nil {
+		t.Errorf("writePacket: %v", err)
+	}
+
+	// 2nd key change.
+	_, _, err = trC.sendKexInit()
+	if err != nil {
+		t.Errorf("sendKexInit: %v", err)
+	}
+
+	packet = make([]byte, 5)
+	packet[0] = msgRequestSuccess
+	if err := trC.writePacket(packet); err != nil {
+		t.Errorf("writePacket: %v", err)
+	}
+
+	packet = make([]byte, 5)
+	packet[0] = msgRequestSuccess
+	for i := 0; i < 5; i++ {
+		msg, err := trS.readPacket()
+		if err != nil {
+			t.Fatalf("server closed too soon: %v", err)
+		}
+		if msg[0] == msgNewKeys {
+			continue
 		}

-		if j != numPacket {
-			t.Errorf("got %d, want 5 messages", j)
+		if bytes.Compare(msg, packet) != 0 {
+			t.Errorf("packet %d: got %q want %q", i, msg, packet)
 		}
-	}()
+	}
+	if len(checker.calls) != 2 {
+		t.Errorf("got %d key changes, want 2", len(checker.calls))
+	}
+}

-	<-checker.called
+func TestHandshakeAutoRekeyWrite(t *testing.T) {
+	checker := &testChecker{}
+	clientConf := &ClientConfig{HostKeyCallback: checker.Check}
+	clientConf.RekeyThreshold = 500
+	trC, trS, err := handshakePair(clientConf, "addr")
+	if err != nil {
+		t.Fatalf("handshakePair: %v", err)
+	}
+	defer trC.Close()
+	defer trS.Close()

-	for i := 0; i < numPacket; i++ {
-		p := make([]byte, len(input))
-		copy(p, input)
-		if err := trC.writePacket(p); err != nil {
+	for i := 0; i < 5; i++ {
+		packet := make([]byte, 251)
+		packet[0] = msgRequestSuccess
+		if err := trC.writePacket(packet); err != nil {
 			t.Errorf("writePacket: %v", err)
 		}
-		if i == 2 {
-			// Make sure the kex is in progress.
-			<-checker.called
-		}
-
 	}
-	<-done
+
+	j := 0
+	for ; j < 5; j++ {
+		_, err := trS.readPacket()
+		if err != nil {
+			break
+		}
+	}
+
+	if j != 5 {
+		t.Errorf("got %d, want 5 messages", j)
+	}
+
+	if len(checker.calls) != 2 {
+		t.Errorf("got %d key changes, wanted 2", len(checker.calls))
+	}
 }

 type syncChecker struct {
-	waitCall chan int
-	called   chan int
+	called chan int
 }

-func (c *syncChecker) Check(dialAddr string, addr net.Addr, key PublicKey) error {
-	c.called <- 1
-	if c.waitCall != nil {
-		<-c.waitCall
-	}
+func (t *syncChecker) Check(dialAddr string, addr net.Addr, key PublicKey) error {
+	t.called <- 1
 	return nil
 }

 func TestHandshakeAutoRekeyRead(t *testing.T) {
-	sync := &syncChecker{
-		called:   make(chan int, 2),
-		waitCall: nil,
-	}
+	sync := &syncChecker{make(chan int, 2)}
 	clientConf := &ClientConfig{
 		HostKeyCallback: sync.Check,
 	}
 	clientConf.RekeyThreshold = 500

-	trC, trS, err := handshakePair(clientConf, "addr", false)
+	trC, trS, err := handshakePair(clientConf, "addr")
 	if err != nil {
 		t.Fatalf("handshakePair: %v", err)
 	}
@ -342,218 +301,11 @@ func TestHandshakeAutoRekeyRead(t *testing.T) {
 	if err := trS.writePacket(packet); err != nil {
 		t.Fatalf("writePacket: %v", err)
 	}
-
 	// While we read out the packet, a key change will be
 	// initiated.
-	done := make(chan int, 1)
-	go func() {
-		defer close(done)
-		if _, err := trC.readPacket(); err != nil {
-			t.Fatalf("readPacket(client): %v", err)
-		}
+	if _, err := trC.readPacket(); err != nil {
+		t.Fatalf("readPacket(client): %v", err)
+	}

-	}()
-
-	<-done
 	<-sync.called
 }
-
-// errorKeyingTransport generates errors after a given number of
-// read/write operations.
-type errorKeyingTransport struct {
-	packetConn
-	readLeft, writeLeft int
-}
-
-func (n *errorKeyingTransport) prepareKeyChange(*algorithms, *kexResult) error {
-	return nil
-}
-
-func (n *errorKeyingTransport) getSessionID() []byte {
-	return nil
-}
-
-func (n *errorKeyingTransport) writePacket(packet []byte) error {
-	if n.writeLeft == 0 {
-		n.Close()
-		return errors.New("barf")
-	}
-
-	n.writeLeft--
-	return n.packetConn.writePacket(packet)
-}
-
-func (n *errorKeyingTransport) readPacket() ([]byte, error) {
-	if n.readLeft == 0 {
-		n.Close()
-		return nil, errors.New("barf")
-	}
-
-	n.readLeft--
-	return n.packetConn.readPacket()
-}
-
-func TestHandshakeErrorHandlingRead(t *testing.T) {
-	for i := 0; i < 20; i++ {
-		testHandshakeErrorHandlingN(t, i, -1, false)
-	}
-}
-
-func TestHandshakeErrorHandlingWrite(t *testing.T) {
-	for i := 0; i < 20; i++ {
-		testHandshakeErrorHandlingN(t, -1, i, false)
-	}
-}
-
-func TestHandshakeErrorHandlingReadCoupled(t *testing.T) {
-	for i := 0; i < 20; i++ {
-		testHandshakeErrorHandlingN(t, i, -1, true)
-	}
-}
-
-func TestHandshakeErrorHandlingWriteCoupled(t *testing.T) {
-	for i := 0; i < 20; i++ {
-		testHandshakeErrorHandlingN(t, -1, i, true)
-	}
-}
-
-// testHandshakeErrorHandlingN runs handshakes, injecting errors. If
-// handshakeTransport deadlocks, the go runtime will detect it and
-// panic.
-func testHandshakeErrorHandlingN(t *testing.T, readLimit, writeLimit int, coupled bool) {
-	msg := Marshal(&serviceRequestMsg{strings.Repeat("x", int(minRekeyThreshold)/4)})
-
-	a, b := memPipe()
-	defer a.Close()
-	defer b.Close()
-
-	key := testSigners["ecdsa"]
-	serverConf := Config{RekeyThreshold: minRekeyThreshold}
-	serverConf.SetDefaults()
-	serverConn := newHandshakeTransport(&errorKeyingTransport{a, readLimit, writeLimit}, &serverConf, []byte{'a'}, []byte{'b'})
-	serverConn.hostKeys = []Signer{key}
-	go serverConn.readLoop()
-	go serverConn.kexLoop()
-
-	clientConf := Config{RekeyThreshold: 10 * minRekeyThreshold}
-	clientConf.SetDefaults()
-	clientConn := newHandshakeTransport(&errorKeyingTransport{b, -1, -1}, &clientConf, []byte{'a'}, []byte{'b'})
-	clientConn.hostKeyAlgorithms = []string{key.PublicKey().Type()}
-	clientConn.hostKeyCallback = InsecureIgnoreHostKey()
-	go clientConn.readLoop()
-	go clientConn.kexLoop()
-
-	var wg sync.WaitGroup
-
-	for _, hs := range []packetConn{serverConn, clientConn} {
-		if !coupled {
-			wg.Add(2)
-			go func(c packetConn) {
-				for i := 0; ; i++ {
-					str := fmt.Sprintf("%08x", i) + strings.Repeat("x", int(minRekeyThreshold)/4-8)
-					err := c.writePacket(Marshal(&serviceRequestMsg{str}))
-					if err != nil {
-						break
-					}
-				}
-				wg.Done()
-				c.Close()
-			}(hs)
-			go func(c packetConn) {
-				for {
-					_, err := c.readPacket()
-					if err != nil {
-						break
-					}
-				}
-				wg.Done()
-			}(hs)
-		} else {
-			wg.Add(1)
-			go func(c packetConn) {
-				for {
-					_, err := c.readPacket()
-					if err != nil {
-						break
-					}
-					if err := c.writePacket(msg); err != nil {
-						break
-					}
-
-				}
-				wg.Done()
-			}(hs)
-		}
-	}
-	wg.Wait()
-}
-
-func TestDisconnect(t *testing.T) {
-	if runtime.GOOS == "plan9" {
-		t.Skip("see golang.org/issue/7237")
-	}
-	checker := &testChecker{}
-	trC, trS, err := handshakePair(&ClientConfig{HostKeyCallback: checker.Check}, "addr", false)
-	if err != nil {
-		t.Fatalf("handshakePair: %v", err)
-	}
-
-	defer trC.Close()
-	defer trS.Close()
-
-	trC.writePacket([]byte{msgRequestSuccess, 0, 0})
-	errMsg := &disconnectMsg{
-		Reason:  42,
-		Message: "such is life",
-	}
-	trC.writePacket(Marshal(errMsg))
-	trC.writePacket([]byte{msgRequestSuccess, 0, 0})
-
-	packet, err := trS.readPacket()
-	if err != nil {
-		t.Fatalf("readPacket 1: %v", err)
-	}
-	if packet[0] != msgRequestSuccess {
-		t.Errorf("got packet %v, want packet type %d", packet, msgRequestSuccess)
-	}
-
-	_, err = trS.readPacket()
-	if err == nil {
-		t.Errorf("readPacket 2 succeeded")
-	} else if !reflect.DeepEqual(err, errMsg) {
-		t.Errorf("got error %#v, want %#v", err, errMsg)
-	}
-
-	_, err = trS.readPacket()
-	if err == nil {
-		t.Errorf("readPacket 3 succeeded")
-	}
-}
-
-func TestHandshakeRekeyDefault(t *testing.T) {
-	clientConf := &ClientConfig{
-		Config: Config{
-			Ciphers: []string{"aes128-ctr"},
-		},
-		HostKeyCallback: InsecureIgnoreHostKey(),
-	}
-	trC, trS, err := handshakePair(clientConf, "addr", false)
-	if err != nil {
-		t.Fatalf("handshakePair: %v", err)
-	}
-	defer trC.Close()
-	defer trS.Close()
-
-	trC.writePacket([]byte{msgRequestSuccess, 0, 0})
-	trC.Close()
-
-	rgb := (1024 + trC.readBytesLeft) >> 30
-	wgb := (1024 + trC.writeBytesLeft) >> 30
-
-	if rgb != 64 {
-		t.Errorf("got rekey after %dG read, want 64G", rgb)
-	}
-	if wgb != 64 {
-		t.Errorf("got rekey after %dG write, want 64G", wgb)
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/kex.go
+++ b/vendor/golang.org/x/crypto/ssh/kex.go
@ -9,21 +9,17 @@ import (
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
-	"crypto/subtle"
 	"errors"
 	"io"
 	"math/big"
-
-	"golang.org/x/crypto/curve25519"
 )

 const (
-	kexAlgoDH1SHA1          = "diffie-hellman-group1-sha1"
-	kexAlgoDH14SHA1         = "diffie-hellman-group14-sha1"
-	kexAlgoECDH256          = "ecdh-sha2-nistp256"
-	kexAlgoECDH384          = "ecdh-sha2-nistp384"
-	kexAlgoECDH521          = "ecdh-sha2-nistp521"
-	kexAlgoCurve25519SHA256 = "curve25519-sha256@libssh.org"
+	kexAlgoDH1SHA1  = "diffie-hellman-group1-sha1"
+	kexAlgoDH14SHA1 = "diffie-hellman-group14-sha1"
+	kexAlgoECDH256  = "ecdh-sha2-nistp256"
+	kexAlgoECDH384  = "ecdh-sha2-nistp384"
+	kexAlgoECDH521  = "ecdh-sha2-nistp521"
 )

 // kexResult captures the outcome of a key exchange.
@ -46,7 +42,7 @@ type kexResult struct {
 	Hash crypto.Hash

 	// The session ID, which is the first H computed. This is used
-	// to derive key material inside the transport.
+	// to signal data inside transport.
 	SessionID []byte
 }

@ -77,11 +73,11 @@ type kexAlgorithm interface {

 // dhGroup is a multiplicative group suitable for implementing Diffie-Hellman key agreement.
 type dhGroup struct {
-	g, p, pMinus1 *big.Int
+	g, p *big.Int
 }

 func (group *dhGroup) diffieHellman(theirPublic, myPrivate *big.Int) (*big.Int, error) {
-	if theirPublic.Cmp(bigOne) <= 0 || theirPublic.Cmp(group.pMinus1) >= 0 {
+	if theirPublic.Sign() <= 0 || theirPublic.Cmp(group.p) >= 0 {
 		return nil, errors.New("ssh: DH parameter out of bounds")
 	}
 	return new(big.Int).Exp(theirPublic, myPrivate, group.p), nil
@ -90,17 +86,10 @@ func (group *dhGroup) diffieHellman(theirPublic, myPrivate *big.Int) (*big.Int,
 func (group *dhGroup) Client(c packetConn, randSource io.Reader, magics *handshakeMagics) (*kexResult, error) {
 	hashFunc := crypto.SHA1

-	var x *big.Int
-	for {
-		var err error
-		if x, err = rand.Int(randSource, group.pMinus1); err != nil {
-			return nil, err
-		}
-		if x.Sign() > 0 {
-			break
-		}
+	x, err := rand.Int(randSource, group.p)
+	if err != nil {
+		return nil, err
 	}
-
 	X := new(big.Int).Exp(group.g, x, group.p)
 	kexDHInit := kexDHInitMsg{
 		X: X,
@ -153,14 +142,9 @@ func (group *dhGroup) Server(c packetConn, randSource io.Reader, magics *handsha
 		return
 	}

-	var y *big.Int
-	for {
-		if y, err = rand.Int(randSource, group.pMinus1); err != nil {
-			return
-		}
-		if y.Sign() > 0 {
-			break
-		}
+	y, err := rand.Int(randSource, group.p)
+	if err != nil {
+		return
 	}

 	Y := new(big.Int).Exp(group.g, y, group.p)
@ -383,9 +367,8 @@ func init() {
 	// 4253 and Oakley Group 2 in RFC 2409.
 	p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF", 16)
 	kexAlgoMap[kexAlgoDH1SHA1] = &dhGroup{
-		g:       new(big.Int).SetInt64(2),
-		p:       p,
-		pMinus1: new(big.Int).Sub(p, bigOne),
+		g: new(big.Int).SetInt64(2),
+		p: p,
 	}

 	// This is the group called diffie-hellman-group14-sha1 in RFC
@ -393,148 +376,11 @@ func init() {
 	p, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16)

 	kexAlgoMap[kexAlgoDH14SHA1] = &dhGroup{
-		g:       new(big.Int).SetInt64(2),
-		p:       p,
-		pMinus1: new(big.Int).Sub(p, bigOne),
+		g: new(big.Int).SetInt64(2),
+		p: p,
 	}

 	kexAlgoMap[kexAlgoECDH521] = &ecdh{elliptic.P521()}
 	kexAlgoMap[kexAlgoECDH384] = &ecdh{elliptic.P384()}
 	kexAlgoMap[kexAlgoECDH256] = &ecdh{elliptic.P256()}
-	kexAlgoMap[kexAlgoCurve25519SHA256] = &curve25519sha256{}
-}
-
-// curve25519sha256 implements the curve25519-sha256@libssh.org key
-// agreement protocol, as described in
-// https://git.libssh.org/projects/libssh.git/tree/doc/curve25519-sha256@libssh.org.txt
-type curve25519sha256 struct{}
-
-type curve25519KeyPair struct {
-	priv [32]byte
-	pub  [32]byte
-}
-
-func (kp *curve25519KeyPair) generate(rand io.Reader) error {
-	if _, err := io.ReadFull(rand, kp.priv[:]); err != nil {
-		return err
-	}
-	curve25519.ScalarBaseMult(&kp.pub, &kp.priv)
-	return nil
-}
-
-// curve25519Zeros is just an array of 32 zero bytes so that we have something
-// convenient to compare against in order to reject curve25519 points with the
-// wrong order.
-var curve25519Zeros [32]byte
-
-func (kex *curve25519sha256) Client(c packetConn, rand io.Reader, magics *handshakeMagics) (*kexResult, error) {
-	var kp curve25519KeyPair
-	if err := kp.generate(rand); err != nil {
-		return nil, err
-	}
-	if err := c.writePacket(Marshal(&kexECDHInitMsg{kp.pub[:]})); err != nil {
-		return nil, err
-	}
-
-	packet, err := c.readPacket()
-	if err != nil {
-		return nil, err
-	}
-
-	var reply kexECDHReplyMsg
-	if err = Unmarshal(packet, &reply); err != nil {
-		return nil, err
-	}
-	if len(reply.EphemeralPubKey) != 32 {
-		return nil, errors.New("ssh: peer's curve25519 public value has wrong length")
-	}
-
-	var servPub, secret [32]byte
-	copy(servPub[:], reply.EphemeralPubKey)
-	curve25519.ScalarMult(&secret, &kp.priv, &servPub)
-	if subtle.ConstantTimeCompare(secret[:], curve25519Zeros[:]) == 1 {
-		return nil, errors.New("ssh: peer's curve25519 public value has wrong order")
-	}
-
-	h := crypto.SHA256.New()
-	magics.write(h)
-	writeString(h, reply.HostKey)
-	writeString(h, kp.pub[:])
-	writeString(h, reply.EphemeralPubKey)
-
-	kInt := new(big.Int).SetBytes(secret[:])
-	K := make([]byte, intLength(kInt))
-	marshalInt(K, kInt)
-	h.Write(K)
-
-	return &kexResult{
-		H:         h.Sum(nil),
-		K:         K,
-		HostKey:   reply.HostKey,
-		Signature: reply.Signature,
-		Hash:      crypto.SHA256,
-	}, nil
-}
-
-func (kex *curve25519sha256) Server(c packetConn, rand io.Reader, magics *handshakeMagics, priv Signer) (result *kexResult, err error) {
-	packet, err := c.readPacket()
-	if err != nil {
-		return
-	}
-	var kexInit kexECDHInitMsg
-	if err = Unmarshal(packet, &kexInit); err != nil {
-		return
-	}
-
-	if len(kexInit.ClientPubKey) != 32 {
-		return nil, errors.New("ssh: peer's curve25519 public value has wrong length")
-	}
-
-	var kp curve25519KeyPair
-	if err := kp.generate(rand); err != nil {
-		return nil, err
-	}
-
-	var clientPub, secret [32]byte
-	copy(clientPub[:], kexInit.ClientPubKey)
-	curve25519.ScalarMult(&secret, &kp.priv, &clientPub)
-	if subtle.ConstantTimeCompare(secret[:], curve25519Zeros[:]) == 1 {
-		return nil, errors.New("ssh: peer's curve25519 public value has wrong order")
-	}
-
-	hostKeyBytes := priv.PublicKey().Marshal()
-
-	h := crypto.SHA256.New()
-	magics.write(h)
-	writeString(h, hostKeyBytes)
-	writeString(h, kexInit.ClientPubKey)
-	writeString(h, kp.pub[:])
-
-	kInt := new(big.Int).SetBytes(secret[:])
-	K := make([]byte, intLength(kInt))
-	marshalInt(K, kInt)
-	h.Write(K)
-
-	H := h.Sum(nil)
-
-	sig, err := signAndMarshal(priv, rand, H)
-	if err != nil {
-		return nil, err
-	}
-
-	reply := kexECDHReplyMsg{
-		EphemeralPubKey: kp.pub[:],
-		HostKey:         hostKeyBytes,
-		Signature:       sig,
-	}
-	if err := c.writePacket(Marshal(&reply)); err != nil {
-		return nil, err
-	}
-	return &kexResult{
-		H:         H,
-		K:         K,
-		HostKey:   hostKeyBytes,
-		Signature: sig,
-		Hash:      crypto.SHA256,
-	}, nil
 }
--- a/vendor/golang.org/x/crypto/ssh/kex_test.go
+++ b/vendor/golang.org/x/crypto/ssh/kex_test.go
@ -26,12 +26,10 @@ func TestKexes(t *testing.T) {
 		var magics handshakeMagics
 		go func() {
 			r, e := kex.Client(a, rand.Reader, &magics)
-			a.Close()
 			c <- kexResultErr{r, e}
 		}()
 		go func() {
 			r, e := kex.Server(b, rand.Reader, &magics, testSigners["ecdsa"])
-			b.Close()
 			s <- kexResultErr{r, e}
 		}()

--- a/vendor/golang.org/x/crypto/ssh/keys.go
+++ b/vendor/golang.org/x/crypto/ssh/keys.go
@ -10,21 +10,15 @@ import (
 	"crypto/dsa"
 	"crypto/ecdsa"
 	"crypto/elliptic"
-	"crypto/md5"
 	"crypto/rsa"
-	"crypto/sha256"
 	"crypto/x509"
 	"encoding/asn1"
 	"encoding/base64"
-	"encoding/hex"
 	"encoding/pem"
 	"errors"
 	"fmt"
 	"io"
 	"math/big"
-	"strings"
-
-	"golang.org/x/crypto/ed25519"
 )

 // These constants represent the algorithm names for key types supported by this
@ -35,7 +29,6 @@ const (
 	KeyAlgoECDSA256 = "ecdsa-sha2-nistp256"
 	KeyAlgoECDSA384 = "ecdsa-sha2-nistp384"
 	KeyAlgoECDSA521 = "ecdsa-sha2-nistp521"
-	KeyAlgoED25519  = "ssh-ed25519"
 )

 // parsePubKey parses a public key of the given algorithm.
@ -48,16 +41,14 @@ func parsePubKey(in []byte, algo string) (pubKey PublicKey, rest []byte, err err
 		return parseDSA(in)
 	case KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521:
 		return parseECDSA(in)
-	case KeyAlgoED25519:
-		return parseED25519(in)
-	case CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01:
+	case CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01:
 		cert, err := parseCert(in, certToPrivAlgo(algo))
 		if err != nil {
 			return nil, nil, err
 		}
 		return cert, nil, nil
 	}
-	return nil, nil, fmt.Errorf("ssh: unknown key algorithm: %v", algo)
+	return nil, nil, fmt.Errorf("ssh: unknown key algorithm: %v", err)
 }

 // parseAuthorizedKey parses a public key in OpenSSH authorized_keys format
@ -86,79 +77,6 @@ func parseAuthorizedKey(in []byte) (out PublicKey, comment string, err error) {
 	return out, comment, nil
 }

-// ParseKnownHosts parses an entry in the format of the known_hosts file.
-//
-// The known_hosts format is documented in the sshd(8) manual page. This
-// function will parse a single entry from in. On successful return, marker
-// will contain the optional marker value (i.e. "cert-authority" or "revoked")
-// or else be empty, hosts will contain the hosts that this entry matches,
-// pubKey will contain the public key and comment will contain any trailing
-// comment at the end of the line. See the sshd(8) manual page for the various
-// forms that a host string can take.
-//
-// The unparsed remainder of the input will be returned in rest. This function
-// can be called repeatedly to parse multiple entries.
-//
-// If no entries were found in the input then err will be io.EOF. Otherwise a
-// non-nil err value indicates a parse error.
-func ParseKnownHosts(in []byte) (marker string, hosts []string, pubKey PublicKey, comment string, rest []byte, err error) {
-	for len(in) > 0 {
-		end := bytes.IndexByte(in, '\n')
-		if end != -1 {
-			rest = in[end+1:]
-			in = in[:end]
-		} else {
-			rest = nil
-		}
-
-		end = bytes.IndexByte(in, '\r')
-		if end != -1 {
-			in = in[:end]
-		}
-
-		in = bytes.TrimSpace(in)
-		if len(in) == 0 || in[0] == '#' {
-			in = rest
-			continue
-		}
-
-		i := bytes.IndexAny(in, " \t")
-		if i == -1 {
-			in = rest
-			continue
-		}
-
-		// Strip out the beginning of the known_host key.
-		// This is either an optional marker or a (set of) hostname(s).
-		keyFields := bytes.Fields(in)
-		if len(keyFields) < 3 || len(keyFields) > 5 {
-			return "", nil, nil, "", nil, errors.New("ssh: invalid entry in known_hosts data")
-		}
-
-		// keyFields[0] is either "@cert-authority", "@revoked" or a comma separated
-		// list of hosts
-		marker := ""
-		if keyFields[0][0] == '@' {
-			marker = string(keyFields[0][1:])
-			keyFields = keyFields[1:]
-		}
-
-		hosts := string(keyFields[0])
-		// keyFields[1] contains the key type (e.g. “ssh-rsa”).
-		// However, that information is duplicated inside the
-		// base64-encoded key and so is ignored here.
-
-		key := bytes.Join(keyFields[2:], []byte(" "))
-		if pubKey, comment, err = parseAuthorizedKey(key); err != nil {
-			return "", nil, nil, "", nil, err
-		}
-
-		return marker, strings.Split(hosts, ","), pubKey, comment, rest, nil
-	}
-
-	return "", nil, nil, "", nil, io.EOF
-}
-
 // ParseAuthorizedKeys parses a public key from an authorized_keys
 // file used in OpenSSH according to the sshd(8) manual page.
 func ParseAuthorizedKey(in []byte) (out PublicKey, comment string, options []string, rest []byte, err error) {
@ -284,12 +202,6 @@ type PublicKey interface {
 	Verify(data []byte, sig *Signature) error
 }

-// CryptoPublicKey, if implemented by a PublicKey,
-// returns the underlying crypto.PublicKey form of the key.
-type CryptoPublicKey interface {
-	CryptoPublicKey() crypto.PublicKey
-}
-
 // A Signer can create signatures that verify against a public key.
 type Signer interface {
 	// PublicKey returns an associated PublicKey instance.
@ -333,8 +245,6 @@ func parseRSA(in []byte) (out PublicKey, rest []byte, err error) {

 func (r *rsaPublicKey) Marshal() []byte {
 	e := new(big.Int).SetInt64(int64(r.E))
-	// RSA publickey struct layout should match the struct used by
-	// parseRSACert in the x/crypto/ssh/agent package.
 	wirekey := struct {
 		Name string
 		E    *big.Int
@ -357,8 +267,26 @@ func (r *rsaPublicKey) Verify(data []byte, sig *Signature) error {
 	return rsa.VerifyPKCS1v15((*rsa.PublicKey)(r), crypto.SHA1, digest, sig.Blob)
 }

-func (r *rsaPublicKey) CryptoPublicKey() crypto.PublicKey {
-	return (*rsa.PublicKey)(r)
+type rsaPrivateKey struct {
+	*rsa.PrivateKey
+}
+
+func (r *rsaPrivateKey) PublicKey() PublicKey {
+	return (*rsaPublicKey)(&r.PrivateKey.PublicKey)
+}
+
+func (r *rsaPrivateKey) Sign(rand io.Reader, data []byte) (*Signature, error) {
+	h := crypto.SHA1.New()
+	h.Write(data)
+	digest := h.Sum(nil)
+	blob, err := rsa.SignPKCS1v15(rand, r.PrivateKey, crypto.SHA1, digest)
+	if err != nil {
+		return nil, err
+	}
+	return &Signature{
+		Format: r.PublicKey().Type(),
+		Blob:   blob,
+	}, nil
 }

 type dsaPublicKey dsa.PublicKey
@ -389,8 +317,6 @@ func parseDSA(in []byte) (out PublicKey, rest []byte, err error) {
 }

 func (k *dsaPublicKey) Marshal() []byte {
-	// DSA publickey struct layout should match the struct used by
-	// parseDSACert in the x/crypto/ssh/agent package.
 	w := struct {
 		Name       string
 		P, Q, G, Y *big.Int
@ -429,10 +355,6 @@ func (k *dsaPublicKey) Verify(data []byte, sig *Signature) error {
 	return errors.New("ssh: signature did not verify")
 }

-func (k *dsaPublicKey) CryptoPublicKey() crypto.PublicKey {
-	return (*dsa.PublicKey)(k)
-}
-
 type dsaPrivateKey struct {
 	*dsa.PrivateKey
 }
@ -481,55 +403,6 @@ func (key *ecdsaPublicKey) nistID() string {
 	panic("ssh: unsupported ecdsa key size")
 }

-type ed25519PublicKey ed25519.PublicKey
-
-func (key ed25519PublicKey) Type() string {
-	return KeyAlgoED25519
-}
-
-func parseED25519(in []byte) (out PublicKey, rest []byte, err error) {
-	var w struct {
-		KeyBytes []byte
-		Rest     []byte `ssh:"rest"`
-	}
-
-	if err := Unmarshal(in, &w); err != nil {
-		return nil, nil, err
-	}
-
-	key := ed25519.PublicKey(w.KeyBytes)
-
-	return (ed25519PublicKey)(key), w.Rest, nil
-}
-
-func (key ed25519PublicKey) Marshal() []byte {
-	w := struct {
-		Name     string
-		KeyBytes []byte
-	}{
-		KeyAlgoED25519,
-		[]byte(key),
-	}
-	return Marshal(&w)
-}
-
-func (key ed25519PublicKey) Verify(b []byte, sig *Signature) error {
-	if sig.Format != key.Type() {
-		return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, key.Type())
-	}
-
-	edKey := (ed25519.PublicKey)(key)
-	if ok := ed25519.Verify(edKey, b, sig.Blob); !ok {
-		return errors.New("ssh: signature did not verify")
-	}
-
-	return nil
-}
-
-func (k ed25519PublicKey) CryptoPublicKey() crypto.PublicKey {
-	return ed25519.PublicKey(k)
-}
-
 func supportedEllipticCurve(curve elliptic.Curve) bool {
 	return curve == elliptic.P256() || curve == elliptic.P384() || curve == elliptic.P521()
 }
@ -549,19 +422,14 @@ func ecHash(curve elliptic.Curve) crypto.Hash {

 // parseECDSA parses an ECDSA key according to RFC 5656, section 3.1.
 func parseECDSA(in []byte) (out PublicKey, rest []byte, err error) {
-	var w struct {
-		Curve    string
-		KeyBytes []byte
-		Rest     []byte `ssh:"rest"`
-	}
-
-	if err := Unmarshal(in, &w); err != nil {
-		return nil, nil, err
+	identifier, in, ok := parseString(in)
+	if !ok {
+		return nil, nil, errShortRead
 	}

 	key := new(ecdsa.PublicKey)

-	switch w.Curve {
+	switch string(identifier) {
 	case "nistp256":
 		key.Curve = elliptic.P256()
 	case "nistp384":
@ -572,18 +440,21 @@ func parseECDSA(in []byte) (out PublicKey, rest []byte, err error) {
 		return nil, nil, errors.New("ssh: unsupported curve")
 	}

-	key.X, key.Y = elliptic.Unmarshal(key.Curve, w.KeyBytes)
+	var keyBytes []byte
+	if keyBytes, in, ok = parseString(in); !ok {
+		return nil, nil, errShortRead
+	}
+
+	key.X, key.Y = elliptic.Unmarshal(key.Curve, keyBytes)
 	if key.X == nil || key.Y == nil {
 		return nil, nil, errors.New("ssh: invalid curve point")
 	}
-	return (*ecdsaPublicKey)(key), w.Rest, nil
+	return (*ecdsaPublicKey)(key), in, nil
 }

 func (key *ecdsaPublicKey) Marshal() []byte {
 	// See RFC 5656, section 3.1.
 	keyBytes := elliptic.Marshal(key.Curve, key.X, key.Y)
-	// ECDSA publickey struct layout should match the struct used by
-	// parseECDSACert in the x/crypto/ssh/agent package.
 	w := struct {
 		Name string
 		ID   string
@ -625,124 +496,72 @@ func (key *ecdsaPublicKey) Verify(data []byte, sig *Signature) error {
 	return errors.New("ssh: signature did not verify")
 }

-func (k *ecdsaPublicKey) CryptoPublicKey() crypto.PublicKey {
-	return (*ecdsa.PublicKey)(k)
+type ecdsaPrivateKey struct {
+	*ecdsa.PrivateKey
 }

-// NewSignerFromKey takes an *rsa.PrivateKey, *dsa.PrivateKey,
-// *ecdsa.PrivateKey or any other crypto.Signer and returns a corresponding
-// Signer instance. ECDSA keys must use P-256, P-384 or P-521.
-func NewSignerFromKey(key interface{}) (Signer, error) {
-	switch key := key.(type) {
-	case crypto.Signer:
-		return NewSignerFromSigner(key)
-	case *dsa.PrivateKey:
-		return &dsaPrivateKey{key}, nil
-	default:
-		return nil, fmt.Errorf("ssh: unsupported key type %T", key)
-	}
+func (k *ecdsaPrivateKey) PublicKey() PublicKey {
+	return (*ecdsaPublicKey)(&k.PrivateKey.PublicKey)
 }

-type wrappedSigner struct {
-	signer crypto.Signer
-	pubKey PublicKey
-}
-
-// NewSignerFromSigner takes any crypto.Signer implementation and
-// returns a corresponding Signer interface. This can be used, for
-// example, with keys kept in hardware modules.
-func NewSignerFromSigner(signer crypto.Signer) (Signer, error) {
-	pubKey, err := NewPublicKey(signer.Public())
+func (k *ecdsaPrivateKey) Sign(rand io.Reader, data []byte) (*Signature, error) {
+	h := ecHash(k.PrivateKey.PublicKey.Curve).New()
+	h.Write(data)
+	digest := h.Sum(nil)
+	r, s, err := ecdsa.Sign(rand, k.PrivateKey, digest)
 	if err != nil {
 		return nil, err
 	}

-	return &wrappedSigner{signer, pubKey}, nil
-}
-
-func (s *wrappedSigner) PublicKey() PublicKey {
-	return s.pubKey
-}
-
-func (s *wrappedSigner) Sign(rand io.Reader, data []byte) (*Signature, error) {
-	var hashFunc crypto.Hash
-
-	switch key := s.pubKey.(type) {
-	case *rsaPublicKey, *dsaPublicKey:
-		hashFunc = crypto.SHA1
-	case *ecdsaPublicKey:
-		hashFunc = ecHash(key.Curve)
-	case ed25519PublicKey:
-	default:
-		return nil, fmt.Errorf("ssh: unsupported key type %T", key)
-	}
-
-	var digest []byte
-	if hashFunc != 0 {
-		h := hashFunc.New()
-		h.Write(data)
-		digest = h.Sum(nil)
-	} else {
-		digest = data
-	}
-
-	signature, err := s.signer.Sign(rand, digest, hashFunc)
-	if err != nil {
-		return nil, err
-	}
-
-	// crypto.Signer.Sign is expected to return an ASN.1-encoded signature
-	// for ECDSA and DSA, but that's not the encoding expected by SSH, so
-	// re-encode.
-	switch s.pubKey.(type) {
-	case *ecdsaPublicKey, *dsaPublicKey:
-		type asn1Signature struct {
-			R, S *big.Int
-		}
-		asn1Sig := new(asn1Signature)
-		_, err := asn1.Unmarshal(signature, asn1Sig)
-		if err != nil {
-			return nil, err
-		}
-
-		switch s.pubKey.(type) {
-		case *ecdsaPublicKey:
-			signature = Marshal(asn1Sig)
-
-		case *dsaPublicKey:
-			signature = make([]byte, 40)
-			r := asn1Sig.R.Bytes()
-			s := asn1Sig.S.Bytes()
-			copy(signature[20-len(r):20], r)
-			copy(signature[40-len(s):40], s)
-		}
-	}
-
+	sig := make([]byte, intLength(r)+intLength(s))
+	rest := marshalInt(sig, r)
+	marshalInt(rest, s)
 	return &Signature{
-		Format: s.pubKey.Type(),
-		Blob:   signature,
+		Format: k.PublicKey().Type(),
+		Blob:   sig,
 	}, nil
 }

-// NewPublicKey takes an *rsa.PublicKey, *dsa.PublicKey, *ecdsa.PublicKey,
-// or ed25519.PublicKey returns a corresponding PublicKey instance.
-// ECDSA keys must use P-256, P-384 or P-521.
-func NewPublicKey(key interface{}) (PublicKey, error) {
-	switch key := key.(type) {
-	case *rsa.PublicKey:
-		return (*rsaPublicKey)(key), nil
-	case *ecdsa.PublicKey:
-		if !supportedEllipticCurve(key.Curve) {
-			return nil, errors.New("ssh: only P-256, P-384 and P-521 EC keys are supported.")
+// NewSignerFromKey takes a pointer to rsa, dsa or ecdsa PrivateKey
+// returns a corresponding Signer instance. EC keys should use P256,
+// P384 or P521.
+func NewSignerFromKey(k interface{}) (Signer, error) {
+	var sshKey Signer
+	switch t := k.(type) {
+	case *rsa.PrivateKey:
+		sshKey = &rsaPrivateKey{t}
+	case *dsa.PrivateKey:
+		sshKey = &dsaPrivateKey{t}
+	case *ecdsa.PrivateKey:
+		if !supportedEllipticCurve(t.Curve) {
+			return nil, errors.New("ssh: only P256, P384 and P521 EC keys are supported.")
 		}
-		return (*ecdsaPublicKey)(key), nil
-	case *dsa.PublicKey:
-		return (*dsaPublicKey)(key), nil
-	case ed25519.PublicKey:
-		return (ed25519PublicKey)(key), nil
+
+		sshKey = &ecdsaPrivateKey{t}
 	default:
-		return nil, fmt.Errorf("ssh: unsupported key type %T", key)
+		return nil, fmt.Errorf("ssh: unsupported key type %T", k)
 	}
+	return sshKey, nil
+}
+
+// NewPublicKey takes a pointer to rsa, dsa or ecdsa PublicKey
+// and returns a corresponding ssh PublicKey instance. EC keys should use P256, P384 or P521.
+func NewPublicKey(k interface{}) (PublicKey, error) {
+	var sshKey PublicKey
+	switch t := k.(type) {
+	case *rsa.PublicKey:
+		sshKey = (*rsaPublicKey)(t)
+	case *ecdsa.PublicKey:
+		if !supportedEllipticCurve(t.Curve) {
+			return nil, errors.New("ssh: only P256, P384 and P521 EC keys are supported.")
+		}
+		sshKey = (*ecdsaPublicKey)(t)
+	case *dsa.PublicKey:
+		sshKey = (*dsaPublicKey)(t)
+	default:
+		return nil, fmt.Errorf("ssh: unsupported key type %T", k)
+	}
+	return sshKey, nil
 }

 // ParsePrivateKey returns a Signer from a PEM encoded private key. It supports
@ -756,26 +575,6 @@ func ParsePrivateKey(pemBytes []byte) (Signer, error) {
 	return NewSignerFromKey(key)
 }

-// ParsePrivateKeyWithPassphrase returns a Signer from a PEM encoded private
-// key and passphrase. It supports the same keys as
-// ParseRawPrivateKeyWithPassphrase.
-func ParsePrivateKeyWithPassphrase(pemBytes, passPhrase []byte) (Signer, error) {
-	key, err := ParseRawPrivateKeyWithPassphrase(pemBytes, passPhrase)
-	if err != nil {
-		return nil, err
-	}
-
-	return NewSignerFromKey(key)
-}
-
-// encryptedBlock tells whether a private key is
-// encrypted by examining its Proc-Type header
-// for a mention of ENCRYPTED
-// according to RFC 1421 Section 4.6.1.1.
-func encryptedBlock(block *pem.Block) bool {
-	return strings.Contains(block.Headers["Proc-Type"], "ENCRYPTED")
-}
-
 // ParseRawPrivateKey returns a private key from a PEM encoded private key. It
 // supports RSA (PKCS#1), DSA (OpenSSL), and ECDSA private keys.
 func ParseRawPrivateKey(pemBytes []byte) (interface{}, error) {
@ -784,10 +583,6 @@ func ParseRawPrivateKey(pemBytes []byte) (interface{}, error) {
 		return nil, errors.New("ssh: no key found")
 	}

-	if encryptedBlock(block) {
-		return nil, errors.New("ssh: cannot decode encrypted private keys")
-	}
-
 	switch block.Type {
 	case "RSA PRIVATE KEY":
 		return x509.ParsePKCS1PrivateKey(block.Bytes)
@ -795,39 +590,6 @@ func ParseRawPrivateKey(pemBytes []byte) (interface{}, error) {
 		return x509.ParseECPrivateKey(block.Bytes)
 	case "DSA PRIVATE KEY":
 		return ParseDSAPrivateKey(block.Bytes)
-	case "OPENSSH PRIVATE KEY":
-		return parseOpenSSHPrivateKey(block.Bytes)
-	default:
-		return nil, fmt.Errorf("ssh: unsupported key type %q", block.Type)
-	}
-}
-
-func ParseRawPrivateKeyWithPassphrase(pemBytes, passPhrase []byte) (interface{}, error) {
-	block, _ := pem.Decode(pemBytes)
-	if block == nil {
-		return nil, errors.New("ssh: no key found")
-	}
-	buf := block.Bytes
-
-	if encryptedBlock(block) {
-		if x509.IsEncryptedPEMBlock(block) {
-			var err error
-			buf, err = x509.DecryptPEMBlock(block, passPhrase)
-			if err != nil {
-				return nil, fmt.Errorf("ssh: cannot decode encrypted private keys: %v", err)
-			}
-		}
-	}
-
-	switch block.Type {
-	case "RSA PRIVATE KEY":
-		return x509.ParsePKCS1PrivateKey(buf)
-	case "EC PRIVATE KEY":
-		return x509.ParseECPrivateKey(buf)
-	case "DSA PRIVATE KEY":
-		return ParseDSAPrivateKey(buf)
-	case "OPENSSH PRIVATE KEY":
-		return parseOpenSSHPrivateKey(buf)
 	default:
 		return nil, fmt.Errorf("ssh: unsupported key type %q", block.Type)
 	}
@ -841,8 +603,8 @@ func ParseDSAPrivateKey(der []byte) (*dsa.PrivateKey, error) {
 		P       *big.Int
 		Q       *big.Int
 		G       *big.Int
-		Pub     *big.Int
 		Priv    *big.Int
+		Pub     *big.Int
 	}
 	rest, err := asn1.Unmarshal(der, &k)
 	if err != nil {
@ -859,142 +621,8 @@ func ParseDSAPrivateKey(der []byte) (*dsa.PrivateKey, error) {
 				Q: k.Q,
 				G: k.G,
 			},
-			Y: k.Pub,
+			Y: k.Priv,
 		},
-		X: k.Priv,
+		X: k.Pub,
 	}, nil
 }
-
-// Implemented based on the documentation at
-// https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key
-func parseOpenSSHPrivateKey(key []byte) (crypto.PrivateKey, error) {
-	magic := append([]byte("openssh-key-v1"), 0)
-	if !bytes.Equal(magic, key[0:len(magic)]) {
-		return nil, errors.New("ssh: invalid openssh private key format")
-	}
-	remaining := key[len(magic):]
-
-	var w struct {
-		CipherName   string
-		KdfName      string
-		KdfOpts      string
-		NumKeys      uint32
-		PubKey       []byte
-		PrivKeyBlock []byte
-	}
-
-	if err := Unmarshal(remaining, &w); err != nil {
-		return nil, err
-	}
-
-	if w.KdfName != "none" || w.CipherName != "none" {
-		return nil, errors.New("ssh: cannot decode encrypted private keys")
-	}
-
-	pk1 := struct {
-		Check1  uint32
-		Check2  uint32
-		Keytype string
-		Rest    []byte `ssh:"rest"`
-	}{}
-
-	if err := Unmarshal(w.PrivKeyBlock, &pk1); err != nil {
-		return nil, err
-	}
-
-	if pk1.Check1 != pk1.Check2 {
-		return nil, errors.New("ssh: checkint mismatch")
-	}
-
-	// we only handle ed25519 and rsa keys currently
-	switch pk1.Keytype {
-	case KeyAlgoRSA:
-		// https://github.com/openssh/openssh-portable/blob/master/sshkey.c#L2760-L2773
-		key := struct {
-			N       *big.Int
-			E       *big.Int
-			D       *big.Int
-			Iqmp    *big.Int
-			P       *big.Int
-			Q       *big.Int
-			Comment string
-			Pad     []byte `ssh:"rest"`
-		}{}
-
-		if err := Unmarshal(pk1.Rest, &key); err != nil {
-			return nil, err
-		}
-
-		for i, b := range key.Pad {
-			if int(b) != i+1 {
-				return nil, errors.New("ssh: padding not as expected")
-			}
-		}
-
-		pk := &rsa.PrivateKey{
-			PublicKey: rsa.PublicKey{
-				N: key.N,
-				E: int(key.E.Int64()),
-			},
-			D:      key.D,
-			Primes: []*big.Int{key.P, key.Q},
-		}
-
-		if err := pk.Validate(); err != nil {
-			return nil, err
-		}
-
-		pk.Precompute()
-
-		return pk, nil
-	case KeyAlgoED25519:
-		key := struct {
-			Pub     []byte
-			Priv    []byte
-			Comment string
-			Pad     []byte `ssh:"rest"`
-		}{}
-
-		if err := Unmarshal(pk1.Rest, &key); err != nil {
-			return nil, err
-		}
-
-		if len(key.Priv) != ed25519.PrivateKeySize {
-			return nil, errors.New("ssh: private key unexpected length")
-		}
-
-		for i, b := range key.Pad {
-			if int(b) != i+1 {
-				return nil, errors.New("ssh: padding not as expected")
-			}
-		}
-
-		pk := ed25519.PrivateKey(make([]byte, ed25519.PrivateKeySize))
-		copy(pk, key.Priv)
-		return &pk, nil
-	default:
-		return nil, errors.New("ssh: unhandled key type")
-	}
-}
-
-// FingerprintLegacyMD5 returns the user presentation of the key's
-// fingerprint as described by RFC 4716 section 4.
-func FingerprintLegacyMD5(pubKey PublicKey) string {
-	md5sum := md5.Sum(pubKey.Marshal())
-	hexarray := make([]string, len(md5sum))
-	for i, c := range md5sum {
-		hexarray[i] = hex.EncodeToString([]byte{c})
-	}
-	return strings.Join(hexarray, ":")
-}
-
-// FingerprintSHA256 returns the user presentation of the key's
-// fingerprint as unpadded base64 encoded sha256 hash.
-// This format was introduced from OpenSSH 6.8.
-// https://www.openssh.com/txt/release-6.8
-// https://tools.ietf.org/html/rfc4648#section-3.2 (unpadded base64 encoding)
-func FingerprintSHA256(pubKey PublicKey) string {
-	sha256sum := sha256.Sum256(pubKey.Marshal())
-	hash := base64.RawStdEncoding.EncodeToString(sha256sum[:])
-	return "SHA256:" + hash
-}
--- a/vendor/golang.org/x/crypto/ssh/keys_test.go
+++ b/vendor/golang.org/x/crypto/ssh/keys_test.go
@ -17,7 +17,6 @@ import (
 	"strings"
 	"testing"

-	"golang.org/x/crypto/ed25519"
 	"golang.org/x/crypto/ssh/testdata"
 )

@ -29,8 +28,6 @@ func rawKey(pub PublicKey) interface{} {
 		return (*dsa.PublicKey)(k)
 	case *ecdsaPublicKey:
 		return (*ecdsa.PublicKey)(k)
-	case ed25519PublicKey:
-		return (ed25519.PublicKey)(k)
 	case *Certificate:
 		return k
 	}
@ -60,12 +57,12 @@ func TestUnsupportedCurves(t *testing.T) {
 		t.Fatalf("GenerateKey: %v", err)
 	}

-	if _, err = NewSignerFromKey(raw); err == nil || !strings.Contains(err.Error(), "only P-256") {
-		t.Fatalf("NewPrivateKey should not succeed with P-224, got: %v", err)
+	if _, err = NewSignerFromKey(raw); err == nil || !strings.Contains(err.Error(), "only P256") {
+		t.Fatalf("NewPrivateKey should not succeed with P224, got: %v", err)
 	}

-	if _, err = NewPublicKey(&raw.PublicKey); err == nil || !strings.Contains(err.Error(), "only P-256") {
-		t.Fatalf("NewPublicKey should not succeed with P-224, got: %v", err)
+	if _, err = NewPublicKey(&raw.PublicKey); err == nil || !strings.Contains(err.Error(), "only P256") {
+		t.Fatalf("NewPublicKey should not succeed with P224, got: %v", err)
 	}
 }

@ -132,41 +129,6 @@ func TestParseECPrivateKey(t *testing.T) {
 	}
 }

-// See Issue https://github.com/golang/go/issues/6650.
-func TestParseEncryptedPrivateKeysFails(t *testing.T) {
-	const wantSubstring = "encrypted"
-	for i, tt := range testdata.PEMEncryptedKeys {
-		_, err := ParsePrivateKey(tt.PEMBytes)
-		if err == nil {
-			t.Errorf("#%d key %s: ParsePrivateKey successfully parsed, expected an error", i, tt.Name)
-			continue
-		}
-
-		if !strings.Contains(err.Error(), wantSubstring) {
-			t.Errorf("#%d key %s: got error %q, want substring %q", i, tt.Name, err, wantSubstring)
-		}
-	}
-}
-
-// Parse encrypted private keys with passphrase
-func TestParseEncryptedPrivateKeysWithPassphrase(t *testing.T) {
-	data := []byte("sign me")
-	for _, tt := range testdata.PEMEncryptedKeys {
-		s, err := ParsePrivateKeyWithPassphrase(tt.PEMBytes, []byte(tt.EncryptionKey))
-		if err != nil {
-			t.Fatalf("ParsePrivateKeyWithPassphrase returned error: %s", err)
-			continue
-		}
-		sig, err := s.Sign(rand.Reader, data)
-		if err != nil {
-			t.Fatalf("dsa.Sign: %v", err)
-		}
-		if err := s.PublicKey().Verify(data, sig); err != nil {
-			t.Errorf("Verify failed: %v", err)
-		}
-	}
-}
-
 func TestParseDSA(t *testing.T) {
 	// We actually exercise the ParsePrivateKey codepath here, as opposed to
 	// using the ParseRawPrivateKey+NewSignerFromKey path that testdata_test.go
@ -342,152 +304,3 @@ func TestInvalidEntry(t *testing.T) {
 		t.Errorf("got valid entry for %q", authInvalid)
 	}
 }
-
-var knownHostsParseTests = []struct {
-	input string
-	err   string
-
-	marker  string
-	comment string
-	hosts   []string
-	rest    string
-}{
-	{
-		"",
-		"EOF",
-
-		"", "", nil, "",
-	},
-	{
-		"# Just a comment",
-		"EOF",
-
-		"", "", nil, "",
-	},
-	{
-		"   \t   ",
-		"EOF",
-
-		"", "", nil, "",
-	},
-	{
-		"localhost ssh-rsa {RSAPUB}",
-		"",
-
-		"", "", []string{"localhost"}, "",
-	},
-	{
-		"localhost\tssh-rsa {RSAPUB}",
-		"",
-
-		"", "", []string{"localhost"}, "",
-	},
-	{
-		"localhost\tssh-rsa {RSAPUB}\tcomment comment",
-		"",
-
-		"", "comment comment", []string{"localhost"}, "",
-	},
-	{
-		"localhost\tssh-rsa {RSAPUB}\tcomment comment\n",
-		"",
-
-		"", "comment comment", []string{"localhost"}, "",
-	},
-	{
-		"localhost\tssh-rsa {RSAPUB}\tcomment comment\r\n",
-		"",
-
-		"", "comment comment", []string{"localhost"}, "",
-	},
-	{
-		"localhost\tssh-rsa {RSAPUB}\tcomment comment\r\nnext line",
-		"",
-
-		"", "comment comment", []string{"localhost"}, "next line",
-	},
-	{
-		"localhost,[host2:123]\tssh-rsa {RSAPUB}\tcomment comment",
-		"",
-
-		"", "comment comment", []string{"localhost", "[host2:123]"}, "",
-	},
-	{
-		"@marker \tlocalhost,[host2:123]\tssh-rsa {RSAPUB}",
-		"",
-
-		"marker", "", []string{"localhost", "[host2:123]"}, "",
-	},
-	{
-		"@marker \tlocalhost,[host2:123]\tssh-rsa aabbccdd",
-		"short read",
-
-		"", "", nil, "",
-	},
-}
-
-func TestKnownHostsParsing(t *testing.T) {
-	rsaPub, rsaPubSerialized := getTestKey()
-
-	for i, test := range knownHostsParseTests {
-		var expectedKey PublicKey
-		const rsaKeyToken = "{RSAPUB}"
-
-		input := test.input
-		if strings.Contains(input, rsaKeyToken) {
-			expectedKey = rsaPub
-			input = strings.Replace(test.input, rsaKeyToken, rsaPubSerialized, -1)
-		}
-
-		marker, hosts, pubKey, comment, rest, err := ParseKnownHosts([]byte(input))
-		if err != nil {
-			if len(test.err) == 0 {
-				t.Errorf("#%d: unexpectedly failed with %q", i, err)
-			} else if !strings.Contains(err.Error(), test.err) {
-				t.Errorf("#%d: expected error containing %q, but got %q", i, test.err, err)
-			}
-			continue
-		} else if len(test.err) != 0 {
-			t.Errorf("#%d: succeeded but expected error including %q", i, test.err)
-			continue
-		}
-
-		if !reflect.DeepEqual(expectedKey, pubKey) {
-			t.Errorf("#%d: expected key %#v, but got %#v", i, expectedKey, pubKey)
-		}
-
-		if marker != test.marker {
-			t.Errorf("#%d: expected marker %q, but got %q", i, test.marker, marker)
-		}
-
-		if comment != test.comment {
-			t.Errorf("#%d: expected comment %q, but got %q", i, test.comment, comment)
-		}
-
-		if !reflect.DeepEqual(test.hosts, hosts) {
-			t.Errorf("#%d: expected hosts %#v, but got %#v", i, test.hosts, hosts)
-		}
-
-		if rest := string(rest); rest != test.rest {
-			t.Errorf("#%d: expected remaining input to be %q, but got %q", i, test.rest, rest)
-		}
-	}
-}
-
-func TestFingerprintLegacyMD5(t *testing.T) {
-	pub, _ := getTestKey()
-	fingerprint := FingerprintLegacyMD5(pub)
-	want := "fb:61:6d:1a:e3:f0:95:45:3c:a0:79:be:4a:93:63:66" // ssh-keygen -lf -E md5 rsa
-	if fingerprint != want {
-		t.Errorf("got fingerprint %q want %q", fingerprint, want)
-	}
-}
-
-func TestFingerprintSHA256(t *testing.T) {
-	pub, _ := getTestKey()
-	fingerprint := FingerprintSHA256(pub)
-	want := "SHA256:Anr3LjZK8YVpjrxu79myrW9Hrb/wpcMNpVvTq/RcBm8" // ssh-keygen -lf rsa
-	if fingerprint != want {
-		t.Errorf("got fingerprint %q want %q", fingerprint, want)
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/knownhosts/knownhosts.go
+++ b/vendor/golang.org/x/crypto/ssh/knownhosts/knownhosts.go
@ -1,546 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package knownhosts implements a parser for the OpenSSH
-// known_hosts host key database.
-package knownhosts
-
-import (
-	"bufio"
-	"bytes"
-	"crypto/hmac"
-	"crypto/rand"
-	"crypto/sha1"
-	"encoding/base64"
-	"errors"
-	"fmt"
-	"io"
-	"net"
-	"os"
-	"strings"
-
-	"golang.org/x/crypto/ssh"
-)
-
-// See the sshd manpage
-// (http://man.openbsd.org/sshd#SSH_KNOWN_HOSTS_FILE_FORMAT) for
-// background.
-
-type addr struct{ host, port string }
-
-func (a *addr) String() string {
-	h := a.host
-	if strings.Contains(h, ":") {
-		h = "[" + h + "]"
-	}
-	return h + ":" + a.port
-}
-
-type matcher interface {
-	match([]addr) bool
-}
-
-type hostPattern struct {
-	negate bool
-	addr   addr
-}
-
-func (p *hostPattern) String() string {
-	n := ""
-	if p.negate {
-		n = "!"
-	}
-
-	return n + p.addr.String()
-}
-
-type hostPatterns []hostPattern
-
-func (ps hostPatterns) match(addrs []addr) bool {
-	matched := false
-	for _, p := range ps {
-		for _, a := range addrs {
-			m := p.match(a)
-			if !m {
-				continue
-			}
-			if p.negate {
-				return false
-			}
-			matched = true
-		}
-	}
-	return matched
-}
-
-// See
-// https://android.googlesource.com/platform/external/openssh/+/ab28f5495c85297e7a597c1ba62e996416da7c7e/addrmatch.c
-// The matching of * has no regard for separators, unlike filesystem globs
-func wildcardMatch(pat []byte, str []byte) bool {
-	for {
-		if len(pat) == 0 {
-			return len(str) == 0
-		}
-		if len(str) == 0 {
-			return false
-		}
-
-		if pat[0] == '*' {
-			if len(pat) == 1 {
-				return true
-			}
-
-			for j := range str {
-				if wildcardMatch(pat[1:], str[j:]) {
-					return true
-				}
-			}
-			return false
-		}
-
-		if pat[0] == '?' || pat[0] == str[0] {
-			pat = pat[1:]
-			str = str[1:]
-		} else {
-			return false
-		}
-	}
-}
-
-func (l *hostPattern) match(a addr) bool {
-	return wildcardMatch([]byte(l.addr.host), []byte(a.host)) && l.addr.port == a.port
-}
-
-type keyDBLine struct {
-	cert     bool
-	matcher  matcher
-	knownKey KnownKey
-}
-
-func serialize(k ssh.PublicKey) string {
-	return k.Type() + " " + base64.StdEncoding.EncodeToString(k.Marshal())
-}
-
-func (l *keyDBLine) match(addrs []addr) bool {
-	return l.matcher.match(addrs)
-}
-
-type hostKeyDB struct {
-	// Serialized version of revoked keys
-	revoked map[string]*KnownKey
-	lines   []keyDBLine
-}
-
-func newHostKeyDB() *hostKeyDB {
-	db := &hostKeyDB{
-		revoked: make(map[string]*KnownKey),
-	}
-
-	return db
-}
-
-func keyEq(a, b ssh.PublicKey) bool {
-	return bytes.Equal(a.Marshal(), b.Marshal())
-}
-
-// IsAuthorityForHost can be used as a callback in ssh.CertChecker
-func (db *hostKeyDB) IsHostAuthority(remote ssh.PublicKey, address string) bool {
-	h, p, err := net.SplitHostPort(address)
-	if err != nil {
-		return false
-	}
-	a := addr{host: h, port: p}
-
-	for _, l := range db.lines {
-		if l.cert && keyEq(l.knownKey.Key, remote) && l.match([]addr{a}) {
-			return true
-		}
-	}
-	return false
-}
-
-// IsRevoked can be used as a callback in ssh.CertChecker
-func (db *hostKeyDB) IsRevoked(key *ssh.Certificate) bool {
-	_, ok := db.revoked[string(key.Marshal())]
-	return ok
-}
-
-const markerCert = "@cert-authority"
-const markerRevoked = "@revoked"
-
-func nextWord(line []byte) (string, []byte) {
-	i := bytes.IndexAny(line, "\t ")
-	if i == -1 {
-		return string(line), nil
-	}
-
-	return string(line[:i]), bytes.TrimSpace(line[i:])
-}
-
-func parseLine(line []byte) (marker, host string, key ssh.PublicKey, err error) {
-	if w, next := nextWord(line); w == markerCert || w == markerRevoked {
-		marker = w
-		line = next
-	}
-
-	host, line = nextWord(line)
-	if len(line) == 0 {
-		return "", "", nil, errors.New("knownhosts: missing host pattern")
-	}
-
-	// ignore the keytype as it's in the key blob anyway.
-	_, line = nextWord(line)
-	if len(line) == 0 {
-		return "", "", nil, errors.New("knownhosts: missing key type pattern")
-	}
-
-	keyBlob, _ := nextWord(line)
-
-	keyBytes, err := base64.StdEncoding.DecodeString(keyBlob)
-	if err != nil {
-		return "", "", nil, err
-	}
-	key, err = ssh.ParsePublicKey(keyBytes)
-	if err != nil {
-		return "", "", nil, err
-	}
-
-	return marker, host, key, nil
-}
-
-func (db *hostKeyDB) parseLine(line []byte, filename string, linenum int) error {
-	marker, pattern, key, err := parseLine(line)
-	if err != nil {
-		return err
-	}
-
-	if marker == markerRevoked {
-		db.revoked[string(key.Marshal())] = &KnownKey{
-			Key:      key,
-			Filename: filename,
-			Line:     linenum,
-		}
-
-		return nil
-	}
-
-	entry := keyDBLine{
-		cert: marker == markerCert,
-		knownKey: KnownKey{
-			Filename: filename,
-			Line:     linenum,
-			Key:      key,
-		},
-	}
-
-	if pattern[0] == '|' {
-		entry.matcher, err = newHashedHost(pattern)
-	} else {
-		entry.matcher, err = newHostnameMatcher(pattern)
-	}
-
-	if err != nil {
-		return err
-	}
-
-	db.lines = append(db.lines, entry)
-	return nil
-}
-
-func newHostnameMatcher(pattern string) (matcher, error) {
-	var hps hostPatterns
-	for _, p := range strings.Split(pattern, ",") {
-		if len(p) == 0 {
-			continue
-		}
-
-		var a addr
-		var negate bool
-		if p[0] == '!' {
-			negate = true
-			p = p[1:]
-		}
-
-		if len(p) == 0 {
-			return nil, errors.New("knownhosts: negation without following hostname")
-		}
-
-		var err error
-		if p[0] == '[' {
-			a.host, a.port, err = net.SplitHostPort(p)
-			if err != nil {
-				return nil, err
-			}
-		} else {
-			a.host, a.port, err = net.SplitHostPort(p)
-			if err != nil {
-				a.host = p
-				a.port = "22"
-			}
-		}
-		hps = append(hps, hostPattern{
-			negate: negate,
-			addr:   a,
-		})
-	}
-	return hps, nil
-}
-
-// KnownKey represents a key declared in a known_hosts file.
-type KnownKey struct {
-	Key      ssh.PublicKey
-	Filename string
-	Line     int
-}
-
-func (k *KnownKey) String() string {
-	return fmt.Sprintf("%s:%d: %s", k.Filename, k.Line, serialize(k.Key))
-}
-
-// KeyError is returned if we did not find the key in the host key
-// database, or there was a mismatch.  Typically, in batch
-// applications, this should be interpreted as failure. Interactive
-// applications can offer an interactive prompt to the user.
-type KeyError struct {
-	// Want holds the accepted host keys. For each key algorithm,
-	// there can be one hostkey.  If Want is empty, the host is
-	// unknown. If Want is non-empty, there was a mismatch, which
-	// can signify a MITM attack.
-	Want []KnownKey
-}
-
-func (u *KeyError) Error() string {
-	if len(u.Want) == 0 {
-		return "knownhosts: key is unknown"
-	}
-	return "knownhosts: key mismatch"
-}
-
-// RevokedError is returned if we found a key that was revoked.
-type RevokedError struct {
-	Revoked KnownKey
-}
-
-func (r *RevokedError) Error() string {
-	return "knownhosts: key is revoked"
-}
-
-// check checks a key against the host database. This should not be
-// used for verifying certificates.
-func (db *hostKeyDB) check(address string, remote net.Addr, remoteKey ssh.PublicKey) error {
-	if revoked := db.revoked[string(remoteKey.Marshal())]; revoked != nil {
-		return &RevokedError{Revoked: *revoked}
-	}
-
-	host, port, err := net.SplitHostPort(remote.String())
-	if err != nil {
-		return fmt.Errorf("knownhosts: SplitHostPort(%s): %v", remote, err)
-	}
-
-	addrs := []addr{
-		{host, port},
-	}
-
-	if address != "" {
-		host, port, err := net.SplitHostPort(address)
-		if err != nil {
-			return fmt.Errorf("knownhosts: SplitHostPort(%s): %v", address, err)
-		}
-
-		addrs = append(addrs, addr{host, port})
-	}
-
-	return db.checkAddrs(addrs, remoteKey)
-}
-
-// checkAddrs checks if we can find the given public key for any of
-// the given addresses.  If we only find an entry for the IP address,
-// or only the hostname, then this still succeeds.
-func (db *hostKeyDB) checkAddrs(addrs []addr, remoteKey ssh.PublicKey) error {
-	// TODO(hanwen): are these the right semantics? What if there
-	// is just a key for the IP address, but not for the
-	// hostname?
-
-	// Algorithm => key.
-	knownKeys := map[string]KnownKey{}
-	for _, l := range db.lines {
-		if l.match(addrs) {
-			typ := l.knownKey.Key.Type()
-			if _, ok := knownKeys[typ]; !ok {
-				knownKeys[typ] = l.knownKey
-			}
-		}
-	}
-
-	keyErr := &KeyError{}
-	for _, v := range knownKeys {
-		keyErr.Want = append(keyErr.Want, v)
-	}
-
-	// Unknown remote host.
-	if len(knownKeys) == 0 {
-		return keyErr
-	}
-
-	// If the remote host starts using a different, unknown key type, we
-	// also interpret that as a mismatch.
-	if known, ok := knownKeys[remoteKey.Type()]; !ok || !keyEq(known.Key, remoteKey) {
-		return keyErr
-	}
-
-	return nil
-}
-
-// The Read function parses file contents.
-func (db *hostKeyDB) Read(r io.Reader, filename string) error {
-	scanner := bufio.NewScanner(r)
-
-	lineNum := 0
-	for scanner.Scan() {
-		lineNum++
-		line := scanner.Bytes()
-		line = bytes.TrimSpace(line)
-		if len(line) == 0 || line[0] == '#' {
-			continue
-		}
-
-		if err := db.parseLine(line, filename, lineNum); err != nil {
-			return fmt.Errorf("knownhosts: %s:%d: %v", filename, lineNum, err)
-		}
-	}
-	return scanner.Err()
-}
-
-// New creates a host key callback from the given OpenSSH host key
-// files. The returned callback is for use in
-// ssh.ClientConfig.HostKeyCallback. Hashed hostnames are not supported.
-func New(files ...string) (ssh.HostKeyCallback, error) {
-	db := newHostKeyDB()
-	for _, fn := range files {
-		f, err := os.Open(fn)
-		if err != nil {
-			return nil, err
-		}
-		defer f.Close()
-		if err := db.Read(f, fn); err != nil {
-			return nil, err
-		}
-	}
-
-	var certChecker ssh.CertChecker
-	certChecker.IsHostAuthority = db.IsHostAuthority
-	certChecker.IsRevoked = db.IsRevoked
-	certChecker.HostKeyFallback = db.check
-
-	return certChecker.CheckHostKey, nil
-}
-
-// Normalize normalizes an address into the form used in known_hosts
-func Normalize(address string) string {
-	host, port, err := net.SplitHostPort(address)
-	if err != nil {
-		host = address
-		port = "22"
-	}
-	entry := host
-	if port != "22" {
-		entry = "[" + entry + "]:" + port
-	} else if strings.Contains(host, ":") && !strings.HasPrefix(host, "[") {
-		entry = "[" + entry + "]"
-	}
-	return entry
-}
-
-// Line returns a line to add append to the known_hosts files.
-func Line(addresses []string, key ssh.PublicKey) string {
-	var trimmed []string
-	for _, a := range addresses {
-		trimmed = append(trimmed, Normalize(a))
-	}
-
-	return strings.Join(trimmed, ",") + " " + serialize(key)
-}
-
-// HashHostname hashes the given hostname. The hostname is not
-// normalized before hashing.
-func HashHostname(hostname string) string {
-	// TODO(hanwen): check if we can safely normalize this always.
-	salt := make([]byte, sha1.Size)
-
-	_, err := rand.Read(salt)
-	if err != nil {
-		panic(fmt.Sprintf("crypto/rand failure %v", err))
-	}
-
-	hash := hashHost(hostname, salt)
-	return encodeHash(sha1HashType, salt, hash)
-}
-
-func decodeHash(encoded string) (hashType string, salt, hash []byte, err error) {
-	if len(encoded) == 0 || encoded[0] != '|' {
-		err = errors.New("knownhosts: hashed host must start with '|'")
-		return
-	}
-	components := strings.Split(encoded, "|")
-	if len(components) != 4 {
-		err = fmt.Errorf("knownhosts: got %d components, want 3", len(components))
-		return
-	}
-
-	hashType = components[1]
-	if salt, err = base64.StdEncoding.DecodeString(components[2]); err != nil {
-		return
-	}
-	if hash, err = base64.StdEncoding.DecodeString(components[3]); err != nil {
-		return
-	}
-	return
-}
-
-func encodeHash(typ string, salt []byte, hash []byte) string {
-	return strings.Join([]string{"",
-		typ,
-		base64.StdEncoding.EncodeToString(salt),
-		base64.StdEncoding.EncodeToString(hash),
-	}, "|")
-}
-
-// See https://android.googlesource.com/platform/external/openssh/+/ab28f5495c85297e7a597c1ba62e996416da7c7e/hostfile.c#120
-func hashHost(hostname string, salt []byte) []byte {
-	mac := hmac.New(sha1.New, salt)
-	mac.Write([]byte(hostname))
-	return mac.Sum(nil)
-}
-
-type hashedHost struct {
-	salt []byte
-	hash []byte
-}
-
-const sha1HashType = "1"
-
-func newHashedHost(encoded string) (*hashedHost, error) {
-	typ, salt, hash, err := decodeHash(encoded)
-	if err != nil {
-		return nil, err
-	}
-
-	// The type field seems for future algorithm agility, but it's
-	// actually hardcoded in openssh currently, see
-	// https://android.googlesource.com/platform/external/openssh/+/ab28f5495c85297e7a597c1ba62e996416da7c7e/hostfile.c#120
-	if typ != sha1HashType {
-		return nil, fmt.Errorf("knownhosts: got hash type %s, must be '1'", typ)
-	}
-
-	return &hashedHost{salt: salt, hash: hash}, nil
-}
-
-func (h *hashedHost) match(addrs []addr) bool {
-	for _, a := range addrs {
-		if bytes.Equal(hashHost(Normalize(a.String()), h.salt), h.hash) {
-			return true
-		}
-	}
-	return false
-}
--- a/vendor/golang.org/x/crypto/ssh/knownhosts/knownhosts_test.go
+++ b/vendor/golang.org/x/crypto/ssh/knownhosts/knownhosts_test.go
@ -1,329 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package knownhosts
-
-import (
-	"bytes"
-	"fmt"
-	"net"
-	"reflect"
-	"testing"
-
-	"golang.org/x/crypto/ssh"
-)
-
-const edKeyStr = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGBAarftlLeoyf+v+nVchEZII/vna2PCV8FaX4vsF5BX"
-const alternateEdKeyStr = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIXffBYeYL+WVzVru8npl5JHt2cjlr4ornFTWzoij9sx"
-const ecKeyStr = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNLCu01+wpXe3xB5olXCN4SqU2rQu0qjSRKJO4Bg+JRCPU+ENcgdA5srTU8xYDz/GEa4dzK5ldPw4J/gZgSXCMs="
-
-var ecKey, alternateEdKey, edKey ssh.PublicKey
-var testAddr = &net.TCPAddr{
-	IP:   net.IP{198, 41, 30, 196},
-	Port: 22,
-}
-
-var testAddr6 = &net.TCPAddr{
-	IP: net.IP{198, 41, 30, 196,
-		1, 2, 3, 4,
-		1, 2, 3, 4,
-		1, 2, 3, 4,
-	},
-	Port: 22,
-}
-
-func init() {
-	var err error
-	ecKey, _, _, _, err = ssh.ParseAuthorizedKey([]byte(ecKeyStr))
-	if err != nil {
-		panic(err)
-	}
-	edKey, _, _, _, err = ssh.ParseAuthorizedKey([]byte(edKeyStr))
-	if err != nil {
-		panic(err)
-	}
-	alternateEdKey, _, _, _, err = ssh.ParseAuthorizedKey([]byte(alternateEdKeyStr))
-	if err != nil {
-		panic(err)
-	}
-}
-
-func testDB(t *testing.T, s string) *hostKeyDB {
-	db := newHostKeyDB()
-	if err := db.Read(bytes.NewBufferString(s), "testdb"); err != nil {
-		t.Fatalf("Read: %v", err)
-	}
-
-	return db
-}
-
-func TestRevoked(t *testing.T) {
-	db := testDB(t, "\n\n@revoked * "+edKeyStr+"\n")
-	want := &RevokedError{
-		Revoked: KnownKey{
-			Key:      edKey,
-			Filename: "testdb",
-			Line:     3,
-		},
-	}
-	if err := db.check("", &net.TCPAddr{
-		Port: 42,
-	}, edKey); err == nil {
-		t.Fatal("no error for revoked key")
-	} else if !reflect.DeepEqual(want, err) {
-		t.Fatalf("got %#v, want %#v", want, err)
-	}
-}
-
-func TestHostAuthority(t *testing.T) {
-	for _, m := range []struct {
-		authorityFor string
-		address      string
-
-		good bool
-	}{
-		{authorityFor: "localhost", address: "localhost:22", good: true},
-		{authorityFor: "localhost", address: "localhost", good: false},
-		{authorityFor: "localhost", address: "localhost:1234", good: false},
-		{authorityFor: "[localhost]:1234", address: "localhost:1234", good: true},
-		{authorityFor: "[localhost]:1234", address: "localhost:22", good: false},
-		{authorityFor: "[localhost]:1234", address: "localhost", good: false},
-	} {
-		db := testDB(t, `@cert-authority `+m.authorityFor+` `+edKeyStr)
-		if ok := db.IsHostAuthority(db.lines[0].knownKey.Key, m.address); ok != m.good {
-			t.Errorf("IsHostAuthority: authority %s, address %s, wanted good = %v, got good = %v",
-				m.authorityFor, m.address, m.good, ok)
-		}
-	}
-}
-
-func TestBracket(t *testing.T) {
-	db := testDB(t, `[git.eclipse.org]:29418,[198.41.30.196]:29418 `+edKeyStr)
-
-	if err := db.check("git.eclipse.org:29418", &net.TCPAddr{
-		IP:   net.IP{198, 41, 30, 196},
-		Port: 29418,
-	}, edKey); err != nil {
-		t.Errorf("got error %v, want none", err)
-	}
-
-	if err := db.check("git.eclipse.org:29419", &net.TCPAddr{
-		Port: 42,
-	}, edKey); err == nil {
-		t.Fatalf("no error for unknown address")
-	} else if ke, ok := err.(*KeyError); !ok {
-		t.Fatalf("got type %T, want *KeyError", err)
-	} else if len(ke.Want) > 0 {
-		t.Fatalf("got Want %v, want []", ke.Want)
-	}
-}
-
-func TestNewKeyType(t *testing.T) {
-	str := fmt.Sprintf("%s %s", testAddr, edKeyStr)
-	db := testDB(t, str)
-	if err := db.check("", testAddr, ecKey); err == nil {
-		t.Fatalf("no error for unknown address")
-	} else if ke, ok := err.(*KeyError); !ok {
-		t.Fatalf("got type %T, want *KeyError", err)
-	} else if len(ke.Want) == 0 {
-		t.Fatalf("got empty KeyError.Want")
-	}
-}
-
-func TestSameKeyType(t *testing.T) {
-	str := fmt.Sprintf("%s %s", testAddr, edKeyStr)
-	db := testDB(t, str)
-	if err := db.check("", testAddr, alternateEdKey); err == nil {
-		t.Fatalf("no error for unknown address")
-	} else if ke, ok := err.(*KeyError); !ok {
-		t.Fatalf("got type %T, want *KeyError", err)
-	} else if len(ke.Want) == 0 {
-		t.Fatalf("got empty KeyError.Want")
-	} else if got, want := ke.Want[0].Key.Marshal(), edKey.Marshal(); !bytes.Equal(got, want) {
-		t.Fatalf("got key %q, want %q", got, want)
-	}
-}
-
-func TestIPAddress(t *testing.T) {
-	str := fmt.Sprintf("%s %s", testAddr, edKeyStr)
-	db := testDB(t, str)
-	if err := db.check("", testAddr, edKey); err != nil {
-		t.Errorf("got error %q, want none", err)
-	}
-}
-
-func TestIPv6Address(t *testing.T) {
-	str := fmt.Sprintf("%s %s", testAddr6, edKeyStr)
-	db := testDB(t, str)
-
-	if err := db.check("", testAddr6, edKey); err != nil {
-		t.Errorf("got error %q, want none", err)
-	}
-}
-
-func TestBasic(t *testing.T) {
-	str := fmt.Sprintf("#comment\n\nserver.org,%s %s\notherhost %s", testAddr, edKeyStr, ecKeyStr)
-	db := testDB(t, str)
-	if err := db.check("server.org:22", testAddr, edKey); err != nil {
-		t.Errorf("got error %q, want none", err)
-	}
-
-	want := KnownKey{
-		Key:      edKey,
-		Filename: "testdb",
-		Line:     3,
-	}
-	if err := db.check("server.org:22", testAddr, ecKey); err == nil {
-		t.Errorf("succeeded, want KeyError")
-	} else if ke, ok := err.(*KeyError); !ok {
-		t.Errorf("got %T, want *KeyError", err)
-	} else if len(ke.Want) != 1 {
-		t.Errorf("got %v, want 1 entry", ke)
-	} else if !reflect.DeepEqual(ke.Want[0], want) {
-		t.Errorf("got %v, want %v", ke.Want[0], want)
-	}
-}
-
-func TestNegate(t *testing.T) {
-	str := fmt.Sprintf("%s,!server.org %s", testAddr, edKeyStr)
-	db := testDB(t, str)
-	if err := db.check("server.org:22", testAddr, ecKey); err == nil {
-		t.Errorf("succeeded")
-	} else if ke, ok := err.(*KeyError); !ok {
-		t.Errorf("got error type %T, want *KeyError", err)
-	} else if len(ke.Want) != 0 {
-		t.Errorf("got expected keys %d (first of type %s), want []", len(ke.Want), ke.Want[0].Key.Type())
-	}
-}
-
-func TestWildcard(t *testing.T) {
-	str := fmt.Sprintf("server*.domain %s", edKeyStr)
-	db := testDB(t, str)
-
-	want := &KeyError{
-		Want: []KnownKey{{
-			Filename: "testdb",
-			Line:     1,
-			Key:      edKey,
-		}},
-	}
-
-	got := db.check("server.domain:22", &net.TCPAddr{}, ecKey)
-	if !reflect.DeepEqual(got, want) {
-		t.Errorf("got %s, want %s", got, want)
-	}
-}
-
-func TestLine(t *testing.T) {
-	for in, want := range map[string]string{
-		"server.org":                             "server.org " + edKeyStr,
-		"server.org:22":                          "server.org " + edKeyStr,
-		"server.org:23":                          "[server.org]:23 " + edKeyStr,
-		"[c629:1ec4:102:304:102:304:102:304]:22": "[c629:1ec4:102:304:102:304:102:304] " + edKeyStr,
-		"[c629:1ec4:102:304:102:304:102:304]:23": "[c629:1ec4:102:304:102:304:102:304]:23 " + edKeyStr,
-	} {
-		if got := Line([]string{in}, edKey); got != want {
-			t.Errorf("Line(%q) = %q, want %q", in, got, want)
-		}
-	}
-}
-
-func TestWildcardMatch(t *testing.T) {
-	for _, c := range []struct {
-		pat, str string
-		want     bool
-	}{
-		{"a?b", "abb", true},
-		{"ab", "abc", false},
-		{"abc", "ab", false},
-		{"a*b", "axxxb", true},
-		{"a*b", "axbxb", true},
-		{"a*b", "axbxbc", false},
-		{"a*?", "axbxc", true},
-		{"a*b*", "axxbxxxxxx", true},
-		{"a*b*c", "axxbxxxxxxc", true},
-		{"a*b*?", "axxbxxxxxxc", true},
-		{"a*b*z", "axxbxxbxxxz", true},
-		{"a*b*z", "axxbxxzxxxz", true},
-		{"a*b*z", "axxbxxzxxx", false},
-	} {
-		got := wildcardMatch([]byte(c.pat), []byte(c.str))
-		if got != c.want {
-			t.Errorf("wildcardMatch(%q, %q) = %v, want %v", c.pat, c.str, got, c.want)
-		}
-
-	}
-}
-
-// TODO(hanwen): test coverage for certificates.
-
-const testHostname = "hostname"
-
-// generated with keygen -H -f
-const encodedTestHostnameHash = "|1|IHXZvQMvTcZTUU29+2vXFgx8Frs=|UGccIWfRVDwilMBnA3WJoRAC75Y="
-
-func TestHostHash(t *testing.T) {
-	testHostHash(t, testHostname, encodedTestHostnameHash)
-}
-
-func TestHashList(t *testing.T) {
-	encoded := HashHostname(testHostname)
-	testHostHash(t, testHostname, encoded)
-}
-
-func testHostHash(t *testing.T, hostname, encoded string) {
-	typ, salt, hash, err := decodeHash(encoded)
-	if err != nil {
-		t.Fatalf("decodeHash: %v", err)
-	}
-
-	if got := encodeHash(typ, salt, hash); got != encoded {
-		t.Errorf("got encoding %s want %s", got, encoded)
-	}
-
-	if typ != sha1HashType {
-		t.Fatalf("got hash type %q, want %q", typ, sha1HashType)
-	}
-
-	got := hashHost(hostname, salt)
-	if !bytes.Equal(got, hash) {
-		t.Errorf("got hash %x want %x", got, hash)
-	}
-}
-
-func TestNormalize(t *testing.T) {
-	for in, want := range map[string]string{
-		"127.0.0.1:22":             "127.0.0.1",
-		"[127.0.0.1]:22":           "127.0.0.1",
-		"[127.0.0.1]:23":           "[127.0.0.1]:23",
-		"127.0.0.1:23":             "[127.0.0.1]:23",
-		"[a.b.c]:22":               "a.b.c",
-		"[abcd:abcd:abcd:abcd]":    "[abcd:abcd:abcd:abcd]",
-		"[abcd:abcd:abcd:abcd]:22": "[abcd:abcd:abcd:abcd]",
-		"[abcd:abcd:abcd:abcd]:23": "[abcd:abcd:abcd:abcd]:23",
-	} {
-		got := Normalize(in)
-		if got != want {
-			t.Errorf("Normalize(%q) = %q, want %q", in, got, want)
-		}
-	}
-}
-
-func TestHashedHostkeyCheck(t *testing.T) {
-	str := fmt.Sprintf("%s %s", HashHostname(testHostname), edKeyStr)
-	db := testDB(t, str)
-	if err := db.check(testHostname+":22", testAddr, edKey); err != nil {
-		t.Errorf("check(%s): %v", testHostname, err)
-	}
-	want := &KeyError{
-		Want: []KnownKey{{
-			Filename: "testdb",
-			Line:     1,
-			Key:      edKey,
-		}},
-	}
-	if got := db.check(testHostname+":22", testAddr, alternateEdKey); !reflect.DeepEqual(got, want) {
-		t.Errorf("got error %v, want %v", got, want)
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/mac.go
+++ b/vendor/golang.org/x/crypto/ssh/mac.go
@ -9,13 +9,11 @@ package ssh
 import (
 	"crypto/hmac"
 	"crypto/sha1"
-	"crypto/sha256"
 	"hash"
 )

 type macMode struct {
 	keySize int
-	etm     bool
 	new     func(key []byte) hash.Hash
 }

@ -46,16 +44,10 @@ func (t truncatingMAC) Size() int {
 func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() }

 var macModes = map[string]*macMode{
-	"hmac-sha2-256-etm@openssh.com": {32, true, func(key []byte) hash.Hash {
-		return hmac.New(sha256.New, key)
-	}},
-	"hmac-sha2-256": {32, false, func(key []byte) hash.Hash {
-		return hmac.New(sha256.New, key)
-	}},
-	"hmac-sha1": {20, false, func(key []byte) hash.Hash {
+	"hmac-sha1": {20, func(key []byte) hash.Hash {
 		return hmac.New(sha1.New, key)
 	}},
-	"hmac-sha1-96": {20, false, func(key []byte) hash.Hash {
+	"hmac-sha1-96": {20, func(key []byte) hash.Hash {
 		return truncatingMAC{12, hmac.New(sha1.New, key)}
 	}},
 }
--- a/vendor/golang.org/x/crypto/ssh/mempipe_test.go
+++ b/vendor/golang.org/x/crypto/ssh/mempipe_test.go
@ -76,7 +76,7 @@ func memPipe() (a, b packetConn) {
 	return &t1, &t2
 }

-func TestMemPipe(t *testing.T) {
+func TestmemPipe(t *testing.T) {
 	a, b := memPipe()
 	if err := a.writePacket([]byte{42}); err != nil {
 		t.Fatalf("writePacket: %v", err)
--- a/vendor/golang.org/x/crypto/ssh/messages.go
+++ b/vendor/golang.org/x/crypto/ssh/messages.go
@ -13,7 +13,6 @@ import (
 	"math/big"
 	"reflect"
 	"strconv"
-	"strings"
 )

 // These are SSH message type numbers. They are scattered around several
@ -48,7 +47,7 @@ type disconnectMsg struct {
 }

 func (d *disconnectMsg) Error() string {
-	return fmt.Sprintf("ssh: disconnect, reason %d: %s", d.Reason, d.Message)
+	return fmt.Sprintf("ssh: disconnect reason %d: %s", d.Reason, d.Message)
 }

 // See RFC 4253, section 7.1.
@ -125,10 +124,6 @@ type userAuthRequestMsg struct {
 	Payload []byte `ssh:"rest"`
 }

-// Used for debug printouts of packets.
-type userAuthSuccessMsg struct {
-}
-
 // See RFC 4252, section 5.1
 const msgUserAuthFailure = 51

@ -163,13 +158,6 @@ type channelOpenMsg struct {
 const msgChannelExtendedData = 95
 const msgChannelData = 94

-// Used for debug print outs of packets.
-type channelDataMsg struct {
-	PeersId uint32 `sshtype:"94"`
-	Length  uint32
-	Rest    []byte `ssh:"rest"`
-}
-
 // See RFC 4254, section 5.1.
 const msgChannelOpenConfirm = 91

@ -267,19 +255,17 @@ type userAuthPubKeyOkMsg struct {
 	PubKey []byte
 }

-// typeTags returns the possible type bytes for the given reflect.Type, which
-// should be a struct. The possible values are separated by a '|' character.
-func typeTags(structType reflect.Type) (tags []byte) {
-	tagStr := structType.Field(0).Tag.Get("sshtype")
-
-	for _, tag := range strings.Split(tagStr, "|") {
-		i, err := strconv.Atoi(tag)
-		if err == nil {
-			tags = append(tags, byte(i))
-		}
+// typeTag returns the type byte for the given type. The type should
+// be struct.
+func typeTag(structType reflect.Type) byte {
+	var tag byte
+	var tagStr string
+	tagStr = structType.Field(0).Tag.Get("sshtype")
+	i, err := strconv.Atoi(tagStr)
+	if err == nil {
+		tag = byte(i)
 	}
-
-	return tags
+	return tag
 }

 func fieldError(t reflect.Type, field int, problem string) error {
@ -293,34 +279,19 @@ var errShortRead = errors.New("ssh: short read")

 // Unmarshal parses data in SSH wire format into a structure. The out
 // argument should be a pointer to struct. If the first member of the
-// struct has the "sshtype" tag set to a '|'-separated set of numbers
-// in decimal, the packet must start with one of those numbers. In
-// case of error, Unmarshal returns a ParseError or
-// UnexpectedMessageError.
+// struct has the "sshtype" tag set to a number in decimal, the packet
+// must start that number.  In case of error, Unmarshal returns a
+// ParseError or UnexpectedMessageError.
 func Unmarshal(data []byte, out interface{}) error {
 	v := reflect.ValueOf(out).Elem()
 	structType := v.Type()
-	expectedTypes := typeTags(structType)
-
-	var expectedType byte
-	if len(expectedTypes) > 0 {
-		expectedType = expectedTypes[0]
-	}
-
+	expectedType := typeTag(structType)
 	if len(data) == 0 {
 		return parseError(expectedType)
 	}
-
-	if len(expectedTypes) > 0 {
-		goodType := false
-		for _, e := range expectedTypes {
-			if e > 0 && data[0] == e {
-				goodType = true
-				break
-			}
-		}
-		if !goodType {
-			return fmt.Errorf("ssh: unexpected message type %d (expected one of %v)", data[0], expectedTypes)
+	if expectedType > 0 {
+		if data[0] != expectedType {
+			return unexpectedMessageError(expectedType, data[0])
 		}
 		data = data[1:]
 	}
@ -404,7 +375,7 @@ func Unmarshal(data []byte, out interface{}) error {
 				return fieldError(structType, i, "pointer to unsupported type")
 			}
 		default:
-			return fieldError(structType, i, fmt.Sprintf("unsupported type: %v", t))
+			return fieldError(structType, i, "unsupported type")
 		}
 	}

@ -427,9 +398,9 @@ func Marshal(msg interface{}) []byte {

 func marshalStruct(out []byte, msg interface{}) []byte {
 	v := reflect.Indirect(reflect.ValueOf(msg))
-	msgTypes := typeTags(v.Type())
-	if len(msgTypes) > 0 {
-		out = append(out, msgTypes[0])
+	msgType := typeTag(v.Type())
+	if msgType > 0 {
+		out = append(out, msgType)
 	}

 	for i, n := 0, v.NumField(); i < n; i++ {
@ -513,12 +484,11 @@ func parseString(in []byte) (out, rest []byte, ok bool) {
 		return
 	}
 	length := binary.BigEndian.Uint32(in)
-	in = in[4:]
-	if uint32(len(in)) < length {
+	if uint32(len(in)) < 4+length {
 		return
 	}
-	out = in[:length]
-	rest = in[length:]
+	out = in[4 : 4+length]
+	rest = in[4+length:]
 	ok = true
 	return
 }
@ -716,8 +686,6 @@ func decode(packet []byte) (interface{}, error) {
 		msg = new(kexDHReplyMsg)
 	case msgUserAuthRequest:
 		msg = new(userAuthRequestMsg)
-	case msgUserAuthSuccess:
-		return new(userAuthSuccessMsg), nil
 	case msgUserAuthFailure:
 		msg = new(userAuthFailureMsg)
 	case msgUserAuthPubKeyOk:
@ -730,8 +698,6 @@ func decode(packet []byte) (interface{}, error) {
 		msg = new(globalRequestFailureMsg)
 	case msgChannelOpen:
 		msg = new(channelOpenMsg)
-	case msgChannelData:
-		msg = new(channelDataMsg)
 	case msgChannelOpenConfirm:
 		msg = new(channelOpenConfirmMsg)
 	case msgChannelOpenFailure:
--- a/vendor/golang.org/x/crypto/ssh/messages_test.go
+++ b/vendor/golang.org/x/crypto/ssh/messages_test.go
@ -162,50 +162,6 @@ func TestBareMarshal(t *testing.T) {
 	}
 }

-func TestUnmarshalShortKexInitPacket(t *testing.T) {
-	// This used to panic.
-	// Issue 11348
-	packet := []byte{0x14, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0xff, 0xff, 0xff, 0xff}
-	kim := &kexInitMsg{}
-	if err := Unmarshal(packet, kim); err == nil {
-		t.Error("truncated packet unmarshaled without error")
-	}
-}
-
-func TestMarshalMultiTag(t *testing.T) {
-	var res struct {
-		A uint32 `sshtype:"1|2"`
-	}
-
-	good1 := struct {
-		A uint32 `sshtype:"1"`
-	}{
-		1,
-	}
-	good2 := struct {
-		A uint32 `sshtype:"2"`
-	}{
-		1,
-	}
-
-	if e := Unmarshal(Marshal(good1), &res); e != nil {
-		t.Errorf("error unmarshaling multipart tag: %v", e)
-	}
-
-	if e := Unmarshal(Marshal(good2), &res); e != nil {
-		t.Errorf("error unmarshaling multipart tag: %v", e)
-	}
-
-	bad1 := struct {
-		A uint32 `sshtype:"3"`
-	}{
-		1,
-	}
-	if e := Unmarshal(Marshal(bad1), &res); e == nil {
-		t.Errorf("bad struct unmarshaled without error")
-	}
-}
-
 func randomBytes(out []byte, rand *rand.Rand) {
 	for i := 0; i < len(out); i++ {
 		out[i] = byte(rand.Int31())
--- a/vendor/golang.org/x/crypto/ssh/mux.go
+++ b/vendor/golang.org/x/crypto/ssh/mux.go
@ -116,9 +116,9 @@ func (m *mux) Wait() error {
 func newMux(p packetConn) *mux {
 	m := &mux{
 		conn:             p,
-		incomingChannels: make(chan NewChannel, chanSize),
+		incomingChannels: make(chan NewChannel, 16),
 		globalResponses:  make(chan interface{}, 1),
-		incomingRequests: make(chan *Request, chanSize),
+		incomingRequests: make(chan *Request, 16),
 		errCond:          newCond(),
 	}
 	if debugMux {
@ -131,9 +131,6 @@ func newMux(p packetConn) *mux {

 func (m *mux) sendMessage(msg interface{}) error {
 	p := Marshal(msg)
-	if debugMux {
-		log.Printf("send global(%d): %#v", m.chanList.offset, msg)
-	}
 	return m.conn.writePacket(p)
 }

@ -178,6 +175,18 @@ func (m *mux) ackRequest(ok bool, data []byte) error {
 	return m.sendMessage(globalRequestFailureMsg{Data: data})
 }

+// TODO(hanwen): Disconnect is a transport layer message. We should
+// probably send and receive Disconnect somewhere in the transport
+// code.
+
+// Disconnect sends a disconnect message.
+func (m *mux) Disconnect(reason uint32, message string) error {
+	return m.sendMessage(disconnectMsg{
+		Reason:  reason,
+		Message: message,
+	})
+}
+
 func (m *mux) Close() error {
 	return m.conn.Close()
 }
@ -227,6 +236,11 @@ func (m *mux) onePacket() error {
 	}

 	switch packet[0] {
+	case msgNewKeys:
+		// Ignore notification of key change.
+		return nil
+	case msgDisconnect:
+		return m.handleDisconnect(packet)
 	case msgChannelOpen:
 		return m.handleChannelOpen(packet)
 	case msgGlobalRequest, msgRequestSuccess, msgRequestFailure:
@ -246,6 +260,18 @@ func (m *mux) onePacket() error {
 	return ch.handlePacket(packet)
 }

+func (m *mux) handleDisconnect(packet []byte) error {
+	var d disconnectMsg
+	if err := Unmarshal(packet, &d); err != nil {
+		return err
+	}
+
+	if debugMux {
+		log.Printf("caught disconnect: %v", d)
+	}
+	return &d
+}
+
 func (m *mux) handleGlobalPacket(packet []byte) error {
 	msg, err := decode(packet)
 	if err != nil {
--- a/vendor/golang.org/x/crypto/ssh/mux_test.go
+++ b/vendor/golang.org/x/crypto/ssh/mux_test.go
@ -331,6 +331,7 @@ func TestMuxGlobalRequest(t *testing.T) {
 			ok, data, err)
 	}

+	clientMux.Disconnect(0, "")
 	if !seen {
 		t.Errorf("never saw 'peek' request")
 	}
@ -377,6 +378,28 @@ func TestMuxChannelRequestUnblock(t *testing.T) {
 	}
 }

+func TestMuxDisconnect(t *testing.T) {
+	a, b := muxPair()
+	defer a.Close()
+	defer b.Close()
+
+	go func() {
+		for r := range b.incomingRequests {
+			r.Reply(true, nil)
+		}
+	}()
+
+	a.Disconnect(42, "whatever")
+	ok, _, err := a.SendRequest("hello", true, nil)
+	if ok || err == nil {
+		t.Errorf("got reply after disconnecting")
+	}
+	err = b.Wait()
+	if d, ok := err.(*disconnectMsg); !ok || d.Reason != 42 {
+		t.Errorf("got %#v, want disconnectMsg{Reason:42}", err)
+	}
+}
+
 func TestMuxCloseChannel(t *testing.T) {
 	r, w, mux := channelPair(t)
 	defer mux.Close()
@ -499,7 +522,4 @@ func TestDebug(t *testing.T) {
 	if debugHandshake {
 		t.Error("handshake debug switched on")
 	}
-	if debugTransport {
-		t.Error("transport debug switched on")
-	}
 }
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@ -10,38 +10,26 @@ import (
 	"fmt"
 	"io"
 	"net"
-	"strings"
 )

 // The Permissions type holds fine-grained permissions that are
-// specific to a user or a specific authentication method for a user.
-// The Permissions value for a successful authentication attempt is
-// available in ServerConn, so it can be used to pass information from
-// the user-authentication phase to the application layer.
+// specific to a user or a specific authentication method for a
+// user. Permissions, except for "source-address", must be enforced in
+// the server application layer, after successful authentication. The
+// Permissions are passed on in ServerConn so a server implementation
+// can honor them.
 type Permissions struct {
-	// CriticalOptions indicate restrictions to the default
-	// permissions, and are typically used in conjunction with
-	// user certificates. The standard for SSH certificates
-	// defines "force-command" (only allow the given command to
-	// execute) and "source-address" (only allow connections from
-	// the given address). The SSH package currently only enforces
-	// the "source-address" critical option. It is up to server
-	// implementations to enforce other critical options, such as
-	// "force-command", by checking them after the SSH handshake
-	// is successful. In general, SSH servers should reject
-	// connections that specify critical options that are unknown
-	// or not supported.
+	// Critical options restrict default permissions. Common
+	// restrictions are "source-address" and "force-command". If
+	// the server cannot enforce the restriction, or does not
+	// recognize it, the user should not authenticate.
 	CriticalOptions map[string]string

 	// Extensions are extra functionality that the server may
-	// offer on authenticated connections. Lack of support for an
-	// extension does not preclude authenticating a user. Common
-	// extensions are "permit-agent-forwarding",
-	// "permit-X11-forwarding". The Go SSH library currently does
-	// not act on any extension, and it is up to server
-	// implementations to honor them. Extensions can be used to
-	// pass data from the authentication callbacks to the server
-	// application layer.
+	// offer on authenticated connections. Common extensions are
+	// "permit-agent-forwarding", "permit-X11-forwarding". Lack of
+	// support for an extension does not preclude authenticating a
+	// user.
 	Extensions map[string]string
 }

@ -56,24 +44,13 @@ type ServerConfig struct {
 	// authenticating.
 	NoClientAuth bool

-	// MaxAuthTries specifies the maximum number of authentication attempts
-	// permitted per connection. If set to a negative number, the number of
-	// attempts are unlimited. If set to zero, the number of attempts are limited
-	// to 6.
-	MaxAuthTries int
-
 	// PasswordCallback, if non-nil, is called when a user
 	// attempts to authenticate using a password.
 	PasswordCallback func(conn ConnMetadata, password []byte) (*Permissions, error)

-	// PublicKeyCallback, if non-nil, is called when a client
-	// offers a public key for authentication. It must return true
-	// if the given public key can be used to authenticate the
-	// given user. For example, see CertChecker.Authenticate. A
-	// call to this function does not guarantee that the key
-	// offered is in fact used to authenticate. To record any data
-	// depending on the public key, store it inside a
-	// Permissions.Extensions entry.
+	// PublicKeyCallback, if non-nil, is called when a client attempts public
+	// key authentication. It must return true if the given public key is
+	// valid for the given user. For example, see CertChecker.Authenticate.
 	PublicKeyCallback func(conn ConnMetadata, key PublicKey) (*Permissions, error)

 	// KeyboardInteractiveCallback, if non-nil, is called when
@ -89,11 +66,9 @@ type ServerConfig struct {
 	// attempts.
 	AuthLogCallback func(conn ConnMetadata, method string, err error)

-	// ServerVersion is the version identification string to announce in
-	// the public handshake.
+	// ServerVersion is the version identification string to
+	// announce in the public handshake.
 	// If empty, a reasonable default is used.
-	// Note that RFC 4253 section 4.2 requires that this string start with
-	// "SSH-2.0-".
 	ServerVersion string
 }

@ -165,10 +140,6 @@ type ServerConn struct {
 func NewServerConn(c net.Conn, config *ServerConfig) (*ServerConn, <-chan NewChannel, <-chan *Request, error) {
 	fullConf := *config
 	fullConf.SetDefaults()
-	if fullConf.MaxAuthTries == 0 {
-		fullConf.MaxAuthTries = 6
-	}
-
 	s := &connection{
 		sshConn: sshConn{conn: c},
 	}
@ -197,10 +168,6 @@ func (s *connection) serverHandshake(config *ServerConfig) (*Permissions, error)
 		return nil, errors.New("ssh: server has no host keys")
 	}

-	if !config.NoClientAuth && config.PasswordCallback == nil && config.PublicKeyCallback == nil && config.KeyboardInteractiveCallback == nil {
-		return nil, errors.New("ssh: no authentication methods configured but NoClientAuth is also false")
-	}
-
 	if config.ServerVersion != "" {
 		s.serverVersion = []byte(config.ServerVersion)
 	} else {
@ -215,10 +182,16 @@ func (s *connection) serverHandshake(config *ServerConfig) (*Permissions, error)
 	tr := newTransport(s.sshConn.conn, config.Rand, false /* not client */)
 	s.transport = newServerTransport(tr, s.clientVersion, s.serverVersion, config)

-	if err := s.transport.waitSession(); err != nil {
+	if err := s.transport.requestKeyChange(); err != nil {
 		return nil, err
 	}

+	if packet, err := s.transport.readPacket(); err != nil {
+		return nil, err
+	} else if packet[0] != msgNewKeys {
+		return nil, unexpectedMessageError(msgNewKeys, packet[0])
+	}
+
 	// We just did the key change, so the session ID is established.
 	s.sessionID = s.transport.getSessionID()

@ -251,14 +224,14 @@ func (s *connection) serverHandshake(config *ServerConfig) (*Permissions, error)

 func isAcceptableAlgo(algo string) bool {
 	switch algo {
-	case KeyAlgoRSA, KeyAlgoDSA, KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521, KeyAlgoED25519,
+	case KeyAlgoRSA, KeyAlgoDSA, KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521,
 		CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01:
 		return true
 	}
 	return false
 }

-func checkSourceAddress(addr net.Addr, sourceAddrs string) error {
+func checkSourceAddress(addr net.Addr, sourceAddr string) error {
 	if addr == nil {
 		return errors.New("ssh: no address known for client, but source-address match required")
 	}
@ -268,20 +241,18 @@ func checkSourceAddress(addr net.Addr, sourceAddrs string) error {
 		return fmt.Errorf("ssh: remote address %v is not an TCP address when checking source-address match", addr)
 	}

-	for _, sourceAddr := range strings.Split(sourceAddrs, ",") {
-		if allowedIP := net.ParseIP(sourceAddr); allowedIP != nil {
-			if allowedIP.Equal(tcpAddr.IP) {
-				return nil
-			}
-		} else {
-			_, ipNet, err := net.ParseCIDR(sourceAddr)
-			if err != nil {
-				return fmt.Errorf("ssh: error parsing source-address restriction %q: %v", sourceAddr, err)
-			}
+	if allowedIP := net.ParseIP(sourceAddr); allowedIP != nil {
+		if bytes.Equal(allowedIP, tcpAddr.IP) {
+			return nil
+		}
+	} else {
+		_, ipNet, err := net.ParseCIDR(sourceAddr)
+		if err != nil {
+			return fmt.Errorf("ssh: error parsing source-address restriction %q: %v", sourceAddr, err)
+		}

-			if ipNet.Contains(tcpAddr.IP) {
-				return nil
-			}
+		if ipNet.Contains(tcpAddr.IP) {
+			return nil
 		}
 	}

@ -289,27 +260,12 @@ func checkSourceAddress(addr net.Addr, sourceAddrs string) error {
 }

 func (s *connection) serverAuthenticate(config *ServerConfig) (*Permissions, error) {
-	sessionID := s.transport.getSessionID()
+	var err error
 	var cache pubKeyCache
 	var perms *Permissions

-	authFailures := 0
-
 userAuthLoop:
 	for {
-		if authFailures >= config.MaxAuthTries && config.MaxAuthTries > 0 {
-			discMsg := &disconnectMsg{
-				Reason:  2,
-				Message: "too many authentication failures",
-			}
-
-			if err := s.transport.writePacket(Marshal(discMsg)); err != nil {
-				return nil, err
-			}
-
-			return nil, discMsg
-		}
-
 		var userAuthReq userAuthRequestMsg
 		if packet, err := s.transport.readPacket(); err != nil {
 			return nil, err
@ -328,13 +284,9 @@ userAuthLoop:
 		switch userAuthReq.Method {
 		case "none":
 			if config.NoClientAuth {
+				s.user = ""
 				authErr = nil
 			}
-
-			// allow initial attempt of 'none' without penalty
-			if authFailures == 0 {
-				authFailures--
-			}
 		case "password":
 			if config.PasswordCallback == nil {
 				authErr = errors.New("ssh: password auth not configured")
@ -406,7 +358,6 @@ userAuthLoop:
 			if isQuery {
 				// The client can query if the given public key
 				// would be okay.
-
 				if len(payload) > 0 {
 					return nil, parseError(msgUserAuthRequest)
 				}
@ -435,7 +386,7 @@ userAuthLoop:
 				if !isAcceptableAlgo(sig.Format) {
 					break
 				}
-				signedData := buildDataSignedForAuth(sessionID, userAuthReq, algoBytes, pubKeyData)
+				signedData := buildDataSignedForAuth(s.transport.getSessionID(), userAuthReq, algoBytes, pubKeyData)

 				if err := pubKey.Verify(signedData, sig); err != nil {
 					return nil, err
@ -456,8 +407,6 @@ userAuthLoop:
 			break userAuthLoop
 		}

-		authFailures++
-
 		var failureMsg userAuthFailureMsg
 		if config.PasswordCallback != nil {
 			failureMsg.Methods = append(failureMsg.Methods, "password")
@ -473,12 +422,12 @@ userAuthLoop:
 			return nil, errors.New("ssh: no authentication methods configured but NoClientAuth is also false")
 		}

-		if err := s.transport.writePacket(Marshal(&failureMsg)); err != nil {
+		if err = s.transport.writePacket(Marshal(&failureMsg)); err != nil {
 			return nil, err
 		}
 	}

-	if err := s.transport.writePacket([]byte{msgUserAuthSuccess}); err != nil {
+	if err = s.transport.writePacket([]byte{msgUserAuthSuccess}); err != nil {
 		return nil, err
 	}
 	return perms, nil
--- a/vendor/golang.org/x/crypto/ssh/session.go
+++ b/vendor/golang.org/x/crypto/ssh/session.go
@ -9,7 +9,6 @@ package ssh

 import (
 	"bytes"
-	"encoding/binary"
 	"errors"
 	"fmt"
 	"io"
@ -282,10 +281,9 @@ func (s *Session) Start(cmd string) error {
 // copying stdin, stdout, and stderr, and exits with a zero exit
 // status.
 //
-// If the remote server does not send an exit status, an error of type
-// *ExitMissingError is returned. If the command completes
-// unsuccessfully or is interrupted by a signal, the error is of type
-// *ExitError. Other error types may be returned for I/O problems.
+// If the command fails to run or doesn't complete successfully, the
+// error is of type *ExitError. Other error types may be
+// returned for I/O problems.
 func (s *Session) Run(cmd string) error {
 	err := s.Start(cmd)
 	if err != nil {
@ -341,7 +339,7 @@ func (s *Session) Shell() error {

 	ok, err := s.ch.SendRequest("shell", true, nil)
 	if err == nil && !ok {
-		return errors.New("ssh: could not start shell")
+		return fmt.Errorf("ssh: cound not start shell")
 	}
 	if err != nil {
 		return err
@ -372,10 +370,9 @@ func (s *Session) start() error {
 // copying stdin, stdout, and stderr, and exits with a zero exit
 // status.
 //
-// If the remote server does not send an exit status, an error of type
-// *ExitMissingError is returned. If the command completes
-// unsuccessfully or is interrupted by a signal, the error is of type
-// *ExitError. Other error types may be returned for I/O problems.
+// If the command fails to run or doesn't complete successfully, the
+// error is of type *ExitError. Other error types may be
+// returned for I/O problems.
 func (s *Session) Wait() error {
 	if !s.started {
 		return errors.New("ssh: session not started")
@ -403,7 +400,8 @@ func (s *Session) wait(reqs <-chan *Request) error {
 	for msg := range reqs {
 		switch msg.Type {
 		case "exit-status":
-			wm.status = int(binary.BigEndian.Uint32(msg.Payload))
+			d := msg.Payload
+			wm.status = int(d[0])<<24 | int(d[1])<<16 | int(d[2])<<8 | int(d[3])
 		case "exit-signal":
 			var sigval struct {
 				Signal     string
@ -433,29 +431,16 @@ func (s *Session) wait(reqs <-chan *Request) error {
 	if wm.status == -1 {
 		// exit-status was never sent from server
 		if wm.signal == "" {
-			// signal was not sent either.  RFC 4254
-			// section 6.10 recommends against this
-			// behavior, but it is allowed, so we let
-			// clients handle it.
-			return &ExitMissingError{}
+			return errors.New("wait: remote command exited without exit status or exit signal")
 		}
 		wm.status = 128
 		if _, ok := signals[Signal(wm.signal)]; ok {
 			wm.status += signals[Signal(wm.signal)]
 		}
 	}
-
 	return &ExitError{wm}
 }

-// ExitMissingError is returned if a session is torn down cleanly, but
-// the server sends no confirmation of the exit status.
-type ExitMissingError struct{}
-
-func (e *ExitMissingError) Error() string {
-	return "wait: remote command exited without exit status or exit signal"
-}
-
 func (s *Session) stdin() {
 	if s.stdinpipe {
 		return
@ -616,12 +601,5 @@ func (w Waitmsg) Lang() string {
 }

 func (w Waitmsg) String() string {
-	str := fmt.Sprintf("Process exited with status %v", w.status)
-	if w.signal != "" {
-		str += fmt.Sprintf(" from signal %v", w.signal)
-	}
-	if w.msg != "" {
-		str += fmt.Sprintf(". Reason was: %v", w.msg)
-	}
-	return str
+	return fmt.Sprintf("Process exited with: %v. Reason was: %v (%v)", w.status, w.msg, w.signal)
 }
--- a/vendor/golang.org/x/crypto/ssh/session_test.go
+++ b/vendor/golang.org/x/crypto/ssh/session_test.go
@ -9,11 +9,9 @@ package ssh
 import (
 	"bytes"
 	crypto_rand "crypto/rand"
-	"errors"
 	"io"
 	"io/ioutil"
 	"math/rand"
-	"net"
 	"testing"

 	"golang.org/x/crypto/ssh/terminal"
@ -59,8 +57,7 @@ func dial(handler serverType, t *testing.T) *Client {
 	}()

 	config := &ClientConfig{
-		User:            "testuser",
-		HostKeyCallback: InsecureIgnoreHostKey(),
+		User: "testuser",
 	}

 	conn, chans, reqs, err := NewClientConn(c2, "", config)
@ -298,6 +295,7 @@ func TestUnknownExitSignal(t *testing.T) {
 	}
 }

+// Test WaitMsg is not returned if the channel closes abruptly.
 func TestExitWithoutStatusOrSignal(t *testing.T) {
 	conn := dial(exitWithoutSignalOrStatus, t)
 	defer conn.Close()
@ -313,8 +311,11 @@ func TestExitWithoutStatusOrSignal(t *testing.T) {
 	if err == nil {
 		t.Fatalf("expected command to fail but it didn't")
 	}
-	if _, ok := err.(*ExitMissingError); !ok {
-		t.Fatalf("got %T want *ExitMissingError", err)
+	_, ok := err.(*ExitError)
+	if ok {
+		// you can't actually test for errors.errorString
+		// because it's not exported.
+		t.Fatalf("expected *errorString but got %T", err)
 	}
 }

@ -642,8 +643,7 @@ func TestSessionID(t *testing.T) {
 	}
 	serverConf.AddHostKey(testSigners["ecdsa"])
 	clientConf := &ClientConfig{
-		HostKeyCallback: InsecureIgnoreHostKey(),
-		User:            "user",
+		User: "user",
 	}

 	go func() {
@ -678,97 +678,3 @@ func TestSessionID(t *testing.T) {
 		t.Errorf("client and server SessionID were empty.")
 	}
 }
-
-type noReadConn struct {
-	readSeen bool
-	net.Conn
-}
-
-func (c *noReadConn) Close() error {
-	return nil
-}
-
-func (c *noReadConn) Read(b []byte) (int, error) {
-	c.readSeen = true
-	return 0, errors.New("noReadConn error")
-}
-
-func TestInvalidServerConfiguration(t *testing.T) {
-	c1, c2, err := netPipe()
-	if err != nil {
-		t.Fatalf("netPipe: %v", err)
-	}
-	defer c1.Close()
-	defer c2.Close()
-
-	serveConn := noReadConn{Conn: c1}
-	serverConf := &ServerConfig{}
-
-	NewServerConn(&serveConn, serverConf)
-	if serveConn.readSeen {
-		t.Fatalf("NewServerConn attempted to Read() from Conn while configuration is missing host key")
-	}
-
-	serverConf.AddHostKey(testSigners["ecdsa"])
-
-	NewServerConn(&serveConn, serverConf)
-	if serveConn.readSeen {
-		t.Fatalf("NewServerConn attempted to Read() from Conn while configuration is missing authentication method")
-	}
-}
-
-func TestHostKeyAlgorithms(t *testing.T) {
-	serverConf := &ServerConfig{
-		NoClientAuth: true,
-	}
-	serverConf.AddHostKey(testSigners["rsa"])
-	serverConf.AddHostKey(testSigners["ecdsa"])
-
-	connect := func(clientConf *ClientConfig, want string) {
-		var alg string
-		clientConf.HostKeyCallback = func(h string, a net.Addr, key PublicKey) error {
-			alg = key.Type()
-			return nil
-		}
-		c1, c2, err := netPipe()
-		if err != nil {
-			t.Fatalf("netPipe: %v", err)
-		}
-		defer c1.Close()
-		defer c2.Close()
-
-		go NewServerConn(c1, serverConf)
-		_, _, _, err = NewClientConn(c2, "", clientConf)
-		if err != nil {
-			t.Fatalf("NewClientConn: %v", err)
-		}
-		if alg != want {
-			t.Errorf("selected key algorithm %s, want %s", alg, want)
-		}
-	}
-
-	// By default, we get the preferred algorithm, which is ECDSA 256.
-
-	clientConf := &ClientConfig{
-		HostKeyCallback: InsecureIgnoreHostKey(),
-	}
-	connect(clientConf, KeyAlgoECDSA256)
-
-	// Client asks for RSA explicitly.
-	clientConf.HostKeyAlgorithms = []string{KeyAlgoRSA}
-	connect(clientConf, KeyAlgoRSA)
-
-	c1, c2, err := netPipe()
-	if err != nil {
-		t.Fatalf("netPipe: %v", err)
-	}
-	defer c1.Close()
-	defer c2.Close()
-
-	go NewServerConn(c1, serverConf)
-	clientConf.HostKeyAlgorithms = []string{"nonexistent-hostkey-algo"}
-	_, _, _, err = NewClientConn(c2, "", clientConf)
-	if err == nil {
-		t.Fatal("succeeded connecting with unknown hostkey algorithm")
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/streamlocal.go
+++ b/vendor/golang.org/x/crypto/ssh/streamlocal.go
@ -1,115 +0,0 @@
-package ssh
-
-import (
-	"errors"
-	"io"
-	"net"
-)
-
-// streamLocalChannelOpenDirectMsg is a struct used for SSH_MSG_CHANNEL_OPEN message
-// with "direct-streamlocal@openssh.com" string.
-//
-// See openssh-portable/PROTOCOL, section 2.4. connection: Unix domain socket forwarding
-// https://github.com/openssh/openssh-portable/blob/master/PROTOCOL#L235
-type streamLocalChannelOpenDirectMsg struct {
-	socketPath string
-	reserved0  string
-	reserved1  uint32
-}
-
-// forwardedStreamLocalPayload is a struct used for SSH_MSG_CHANNEL_OPEN message
-// with "forwarded-streamlocal@openssh.com" string.
-type forwardedStreamLocalPayload struct {
-	SocketPath string
-	Reserved0  string
-}
-
-// streamLocalChannelForwardMsg is a struct used for SSH2_MSG_GLOBAL_REQUEST message
-// with "streamlocal-forward@openssh.com"/"cancel-streamlocal-forward@openssh.com" string.
-type streamLocalChannelForwardMsg struct {
-	socketPath string
-}
-
-// ListenUnix is similar to ListenTCP but uses a Unix domain socket.
-func (c *Client) ListenUnix(socketPath string) (net.Listener, error) {
-	m := streamLocalChannelForwardMsg{
-		socketPath,
-	}
-	// send message
-	ok, _, err := c.SendRequest("streamlocal-forward@openssh.com", true, Marshal(&m))
-	if err != nil {
-		return nil, err
-	}
-	if !ok {
-		return nil, errors.New("ssh: streamlocal-forward@openssh.com request denied by peer")
-	}
-	ch := c.forwards.add(&net.UnixAddr{Name: socketPath, Net: "unix"})
-
-	return &unixListener{socketPath, c, ch}, nil
-}
-
-func (c *Client) dialStreamLocal(socketPath string) (Channel, error) {
-	msg := streamLocalChannelOpenDirectMsg{
-		socketPath: socketPath,
-	}
-	ch, in, err := c.OpenChannel("direct-streamlocal@openssh.com", Marshal(&msg))
-	if err != nil {
-		return nil, err
-	}
-	go DiscardRequests(in)
-	return ch, err
-}
-
-type unixListener struct {
-	socketPath string
-
-	conn *Client
-	in   <-chan forward
-}
-
-// Accept waits for and returns the next connection to the listener.
-func (l *unixListener) Accept() (net.Conn, error) {
-	s, ok := <-l.in
-	if !ok {
-		return nil, io.EOF
-	}
-	ch, incoming, err := s.newCh.Accept()
-	if err != nil {
-		return nil, err
-	}
-	go DiscardRequests(incoming)
-
-	return &chanConn{
-		Channel: ch,
-		laddr: &net.UnixAddr{
-			Name: l.socketPath,
-			Net:  "unix",
-		},
-		raddr: &net.UnixAddr{
-			Name: "@",
-			Net:  "unix",
-		},
-	}, nil
-}
-
-// Close closes the listener.
-func (l *unixListener) Close() error {
-	// this also closes the listener.
-	l.conn.forwards.remove(&net.UnixAddr{Name: l.socketPath, Net: "unix"})
-	m := streamLocalChannelForwardMsg{
-		l.socketPath,
-	}
-	ok, _, err := l.conn.SendRequest("cancel-streamlocal-forward@openssh.com", true, Marshal(&m))
-	if err == nil && !ok {
-		err = errors.New("ssh: cancel-streamlocal-forward@openssh.com failed")
-	}
-	return err
-}
-
-// Addr returns the listener's network address.
-func (l *unixListener) Addr() net.Addr {
-	return &net.UnixAddr{
-		Name: l.socketPath,
-		Net:  "unix",
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/tcpip.go
+++ b/vendor/golang.org/x/crypto/ssh/tcpip.go
@ -20,20 +20,12 @@ import (
 // addr. Incoming connections will be available by calling Accept on
 // the returned net.Listener. The listener must be serviced, or the
 // SSH connection may hang.
-// N must be "tcp", "tcp4", "tcp6", or "unix".
 func (c *Client) Listen(n, addr string) (net.Listener, error) {
-	switch n {
-	case "tcp", "tcp4", "tcp6":
-		laddr, err := net.ResolveTCPAddr(n, addr)
-		if err != nil {
-			return nil, err
-		}
-		return c.ListenTCP(laddr)
-	case "unix":
-		return c.ListenUnix(addr)
-	default:
-		return nil, fmt.Errorf("ssh: unsupported protocol: %s", n)
+	laddr, err := net.ResolveTCPAddr(n, addr)
+	if err != nil {
+		return nil, err
 	}
+	return c.ListenTCP(laddr)
 }

 // Automatic port allocation is broken with OpenSSH before 6.0. See
@ -124,7 +116,7 @@ func (c *Client) ListenTCP(laddr *net.TCPAddr) (net.Listener, error) {
 	}

 	// Register this forward, using the port number we obtained.
-	ch := c.forwards.add(laddr)
+	ch := c.forwards.add(*laddr)

 	return &tcpListener{laddr, c, ch}, nil
 }
@ -139,7 +131,7 @@ type forwardList struct {
 // forwardEntry represents an established mapping of a laddr on a
 // remote ssh server to a channel connected to a tcpListener.
 type forwardEntry struct {
-	laddr net.Addr
+	laddr net.TCPAddr
 	c     chan forward
 }

@ -147,16 +139,16 @@ type forwardEntry struct {
 // arguments to add/remove/lookup should be address as specified in
 // the original forward-request.
 type forward struct {
-	newCh NewChannel // the ssh client channel underlying this forward
-	raddr net.Addr   // the raddr of the incoming connection
+	newCh NewChannel   // the ssh client channel underlying this forward
+	raddr *net.TCPAddr // the raddr of the incoming connection
 }

-func (l *forwardList) add(addr net.Addr) chan forward {
+func (l *forwardList) add(addr net.TCPAddr) chan forward {
 	l.Lock()
 	defer l.Unlock()
 	f := forwardEntry{
-		laddr: addr,
-		c:     make(chan forward, 1),
+		addr,
+		make(chan forward, 1),
 	}
 	l.entries = append(l.entries, f)
 	return f.c
@ -184,69 +176,44 @@ func parseTCPAddr(addr string, port uint32) (*net.TCPAddr, error) {

 func (l *forwardList) handleChannels(in <-chan NewChannel) {
 	for ch := range in {
-		var (
-			laddr net.Addr
-			raddr net.Addr
-			err   error
-		)
-		switch channelType := ch.ChannelType(); channelType {
-		case "forwarded-tcpip":
-			var payload forwardedTCPPayload
-			if err = Unmarshal(ch.ExtraData(), &payload); err != nil {
-				ch.Reject(ConnectionFailed, "could not parse forwarded-tcpip payload: "+err.Error())
-				continue
-			}
-
-			// RFC 4254 section 7.2 specifies that incoming
-			// addresses should list the address, in string
-			// format. It is implied that this should be an IP
-			// address, as it would be impossible to connect to it
-			// otherwise.
-			laddr, err = parseTCPAddr(payload.Addr, payload.Port)
-			if err != nil {
-				ch.Reject(ConnectionFailed, err.Error())
-				continue
-			}
-			raddr, err = parseTCPAddr(payload.OriginAddr, payload.OriginPort)
-			if err != nil {
-				ch.Reject(ConnectionFailed, err.Error())
-				continue
-			}
-
-		case "forwarded-streamlocal@openssh.com":
-			var payload forwardedStreamLocalPayload
-			if err = Unmarshal(ch.ExtraData(), &payload); err != nil {
-				ch.Reject(ConnectionFailed, "could not parse forwarded-streamlocal@openssh.com payload: "+err.Error())
-				continue
-			}
-			laddr = &net.UnixAddr{
-				Name: payload.SocketPath,
-				Net:  "unix",
-			}
-			raddr = &net.UnixAddr{
-				Name: "@",
-				Net:  "unix",
-			}
-		default:
-			panic(fmt.Errorf("ssh: unknown channel type %s", channelType))
+		var payload forwardedTCPPayload
+		if err := Unmarshal(ch.ExtraData(), &payload); err != nil {
+			ch.Reject(ConnectionFailed, "could not parse forwarded-tcpip payload: "+err.Error())
+			continue
 		}
-		if ok := l.forward(laddr, raddr, ch); !ok {
+
+		// RFC 4254 section 7.2 specifies that incoming
+		// addresses should list the address, in string
+		// format. It is implied that this should be an IP
+		// address, as it would be impossible to connect to it
+		// otherwise.
+		laddr, err := parseTCPAddr(payload.Addr, payload.Port)
+		if err != nil {
+			ch.Reject(ConnectionFailed, err.Error())
+			continue
+		}
+		raddr, err := parseTCPAddr(payload.OriginAddr, payload.OriginPort)
+		if err != nil {
+			ch.Reject(ConnectionFailed, err.Error())
+			continue
+		}
+
+		if ok := l.forward(*laddr, *raddr, ch); !ok {
 			// Section 7.2, implementations MUST reject spurious incoming
 			// connections.
 			ch.Reject(Prohibited, "no forward for address")
 			continue
 		}
-
 	}
 }

 // remove removes the forward entry, and the channel feeding its
 // listener.
-func (l *forwardList) remove(addr net.Addr) {
+func (l *forwardList) remove(addr net.TCPAddr) {
 	l.Lock()
 	defer l.Unlock()
 	for i, f := range l.entries {
-		if addr.Network() == f.laddr.Network() && addr.String() == f.laddr.String() {
+		if addr.IP.Equal(f.laddr.IP) && addr.Port == f.laddr.Port {
 			l.entries = append(l.entries[:i], l.entries[i+1:]...)
 			close(f.c)
 			return
@ -264,12 +231,12 @@ func (l *forwardList) closeAll() {
 	l.entries = nil
 }

-func (l *forwardList) forward(laddr, raddr net.Addr, ch NewChannel) bool {
+func (l *forwardList) forward(laddr, raddr net.TCPAddr, ch NewChannel) bool {
 	l.Lock()
 	defer l.Unlock()
 	for _, f := range l.entries {
-		if laddr.Network() == f.laddr.Network() && laddr.String() == f.laddr.String() {
-			f.c <- forward{newCh: ch, raddr: raddr}
+		if laddr.IP.Equal(f.laddr.IP) && laddr.Port == f.laddr.Port {
+			f.c <- forward{ch, &raddr}
 			return true
 		}
 	}
@ -295,7 +262,7 @@ func (l *tcpListener) Accept() (net.Conn, error) {
 	}
 	go DiscardRequests(incoming)

-	return &chanConn{
+	return &tcpChanConn{
 		Channel: ch,
 		laddr:   l.laddr,
 		raddr:   s.raddr,
@ -310,7 +277,7 @@ func (l *tcpListener) Close() error {
 	}

 	// this also closes the listener.
-	l.conn.forwards.remove(l.laddr)
+	l.conn.forwards.remove(*l.laddr)
 	ok, _, err := l.conn.SendRequest("cancel-tcpip-forward", true, Marshal(&m))
 	if err == nil && !ok {
 		err = errors.New("ssh: cancel-tcpip-forward failed")
@ -326,52 +293,29 @@ func (l *tcpListener) Addr() net.Addr {
 // Dial initiates a connection to the addr from the remote host.
 // The resulting connection has a zero LocalAddr() and RemoteAddr().
 func (c *Client) Dial(n, addr string) (net.Conn, error) {
-	var ch Channel
-	switch n {
-	case "tcp", "tcp4", "tcp6":
-		// Parse the address into host and numeric port.
-		host, portString, err := net.SplitHostPort(addr)
-		if err != nil {
-			return nil, err
-		}
-		port, err := strconv.ParseUint(portString, 10, 16)
-		if err != nil {
-			return nil, err
-		}
-		ch, err = c.dial(net.IPv4zero.String(), 0, host, int(port))
-		if err != nil {
-			return nil, err
-		}
-		// Use a zero address for local and remote address.
-		zeroAddr := &net.TCPAddr{
-			IP:   net.IPv4zero,
-			Port: 0,
-		}
-		return &chanConn{
-			Channel: ch,
-			laddr:   zeroAddr,
-			raddr:   zeroAddr,
-		}, nil
-	case "unix":
-		var err error
-		ch, err = c.dialStreamLocal(addr)
-		if err != nil {
-			return nil, err
-		}
-		return &chanConn{
-			Channel: ch,
-			laddr: &net.UnixAddr{
-				Name: "@",
-				Net:  "unix",
-			},
-			raddr: &net.UnixAddr{
-				Name: addr,
-				Net:  "unix",
-			},
-		}, nil
-	default:
-		return nil, fmt.Errorf("ssh: unsupported protocol: %s", n)
+	// Parse the address into host and numeric port.
+	host, portString, err := net.SplitHostPort(addr)
+	if err != nil {
+		return nil, err
 	}
+	port, err := strconv.ParseUint(portString, 10, 16)
+	if err != nil {
+		return nil, err
+	}
+	// Use a zero address for local and remote address.
+	zeroAddr := &net.TCPAddr{
+		IP:   net.IPv4zero,
+		Port: 0,
+	}
+	ch, err := c.dial(net.IPv4zero.String(), 0, host, int(port))
+	if err != nil {
+		return nil, err
+	}
+	return &tcpChanConn{
+		Channel: ch,
+		laddr:   zeroAddr,
+		raddr:   zeroAddr,
+	}, nil
 }

 // DialTCP connects to the remote address raddr on the network net,
@ -388,7 +332,7 @@ func (c *Client) DialTCP(n string, laddr, raddr *net.TCPAddr) (net.Conn, error)
 	if err != nil {
 		return nil, err
 	}
-	return &chanConn{
+	return &tcpChanConn{
 		Channel: ch,
 		laddr:   laddr,
 		raddr:   raddr,
@ -411,9 +355,6 @@ func (c *Client) dial(laddr string, lport int, raddr string, rport int) (Channel
 		lport: uint32(lport),
 	}
 	ch, in, err := c.OpenChannel("direct-tcpip", Marshal(&msg))
-	if err != nil {
-		return nil, err
-	}
 	go DiscardRequests(in)
 	return ch, err
 }
@ -422,26 +363,26 @@ type tcpChan struct {
 	Channel // the backing channel
 }

-// chanConn fulfills the net.Conn interface without
+// tcpChanConn fulfills the net.Conn interface without
 // the tcpChan having to hold laddr or raddr directly.
-type chanConn struct {
+type tcpChanConn struct {
 	Channel
 	laddr, raddr net.Addr
 }

 // LocalAddr returns the local network address.
-func (t *chanConn) LocalAddr() net.Addr {
+func (t *tcpChanConn) LocalAddr() net.Addr {
 	return t.laddr
 }

 // RemoteAddr returns the remote network address.
-func (t *chanConn) RemoteAddr() net.Addr {
+func (t *tcpChanConn) RemoteAddr() net.Addr {
 	return t.raddr
 }

 // SetDeadline sets the read and write deadlines associated
 // with the connection.
-func (t *chanConn) SetDeadline(deadline time.Time) error {
+func (t *tcpChanConn) SetDeadline(deadline time.Time) error {
 	if err := t.SetReadDeadline(deadline); err != nil {
 		return err
 	}
@ -452,14 +393,12 @@ func (t *chanConn) SetDeadline(deadline time.Time) error {
 // A zero value for t means Read will not time out.
 // After the deadline, the error from Read will implement net.Error
 // with Timeout() == true.
-func (t *chanConn) SetReadDeadline(deadline time.Time) error {
-	// for compatibility with previous version,
-	// the error message contains "tcpChan"
+func (t *tcpChanConn) SetReadDeadline(deadline time.Time) error {
 	return errors.New("ssh: tcpChan: deadline not supported")
 }

 // SetWriteDeadline exists to satisfy the net.Conn interface
 // but is not implemented by this type.  It always returns an error.
-func (t *chanConn) SetWriteDeadline(deadline time.Time) error {
+func (t *tcpChanConn) SetWriteDeadline(deadline time.Time) error {
 	return errors.New("ssh: tcpChan: deadline not supported")
 }
--- a/vendor/golang.org/x/crypto/ssh/terminal/terminal.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/terminal.go
@ -132,11 +132,8 @@ const (
 	keyPasteEnd
 )

-var (
-	crlf       = []byte{'\r', '\n'}
-	pasteStart = []byte{keyEscape, '[', '2', '0', '0', '~'}
-	pasteEnd   = []byte{keyEscape, '[', '2', '0', '1', '~'}
-)
+var pasteStart = []byte{keyEscape, '[', '2', '0', '0', '~'}
+var pasteEnd = []byte{keyEscape, '[', '2', '0', '1', '~'}

 // bytesToKey tries to parse a key sequence from b. If successful, it returns
 // the key and the remainder of the input. Otherwise it returns utf8.RuneError.
@ -336,7 +333,7 @@ func (t *Terminal) advanceCursor(places int) {
 		// So, if we are stopping at the end of a line, we
 		// need to write a newline so that our cursor can be
 		// advanced to the next line.
-		t.outBuf = append(t.outBuf, '\r', '\n')
+		t.outBuf = append(t.outBuf, '\n')
 	}
 }

@ -596,35 +593,6 @@ func (t *Terminal) writeLine(line []rune) {
 	}
 }

-// writeWithCRLF writes buf to w but replaces all occurrences of \n with \r\n.
-func writeWithCRLF(w io.Writer, buf []byte) (n int, err error) {
-	for len(buf) > 0 {
-		i := bytes.IndexByte(buf, '\n')
-		todo := len(buf)
-		if i >= 0 {
-			todo = i
-		}
-
-		var nn int
-		nn, err = w.Write(buf[:todo])
-		n += nn
-		if err != nil {
-			return n, err
-		}
-		buf = buf[todo:]
-
-		if i >= 0 {
-			if _, err = w.Write(crlf); err != nil {
-				return n, err
-			}
-			n += 1
-			buf = buf[1:]
-		}
-	}
-
-	return n, nil
-}
-
 func (t *Terminal) Write(buf []byte) (n int, err error) {
 	t.lock.Lock()
 	defer t.lock.Unlock()
@ -632,7 +600,7 @@ func (t *Terminal) Write(buf []byte) (n int, err error) {
 	if t.cursorX == 0 && t.cursorY == 0 {
 		// This is the easy case: there's nothing on the screen that we
 		// have to move out of the way.
-		return writeWithCRLF(t.c, buf)
+		return t.c.Write(buf)
 	}

 	// We have a prompt and possibly user input on the screen. We
@ -652,7 +620,7 @@ func (t *Terminal) Write(buf []byte) (n int, err error) {
 	}
 	t.outBuf = t.outBuf[:0]

-	if n, err = writeWithCRLF(t.c, buf); err != nil {
+	if n, err = t.c.Write(buf); err != nil {
 		return
 	}

@ -772,6 +740,8 @@ func (t *Terminal) readLine() (line string, err error) {

 		t.remainder = t.inBuf[:n+len(t.remainder)]
 	}
+
+	panic("unreachable") // for Go 1.0.
 }

 // SetPrompt sets the prompt to be used when reading subsequent lines.
@ -920,32 +890,3 @@ func (s *stRingBuffer) NthPreviousEntry(n int) (value string, ok bool) {
 	}
 	return s.entries[index], true
 }
-
-// readPasswordLine reads from reader until it finds \n or io.EOF.
-// The slice returned does not include the \n.
-// readPasswordLine also ignores any \r it finds.
-func readPasswordLine(reader io.Reader) ([]byte, error) {
-	var buf [1]byte
-	var ret []byte
-
-	for {
-		n, err := reader.Read(buf[:])
-		if n > 0 {
-			switch buf[0] {
-			case '\n':
-				return ret, nil
-			case '\r':
-				// remove \r from passwords on Windows
-			default:
-				ret = append(ret, buf[0])
-			}
-			continue
-		}
-		if err != nil {
-			if err == io.EOF && len(ret) > 0 {
-				return ret, nil
-			}
-			return ret, err
-		}
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/terminal/terminal_test.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/terminal_test.go
@ -5,9 +5,7 @@
 package terminal

 import (
-	"bytes"
 	"io"
-	"os"
 	"testing"
 )

@ -269,82 +267,3 @@ func TestTerminalSetSize(t *testing.T) {
 		}
 	}
 }
-
-func TestReadPasswordLineEnd(t *testing.T) {
-	var tests = []struct {
-		input string
-		want  string
-	}{
-		{"\n", ""},
-		{"\r\n", ""},
-		{"test\r\n", "test"},
-		{"testtesttesttes\n", "testtesttesttes"},
-		{"testtesttesttes\r\n", "testtesttesttes"},
-		{"testtesttesttesttest\n", "testtesttesttesttest"},
-		{"testtesttesttesttest\r\n", "testtesttesttesttest"},
-	}
-	for _, test := range tests {
-		buf := new(bytes.Buffer)
-		if _, err := buf.WriteString(test.input); err != nil {
-			t.Fatal(err)
-		}
-
-		have, err := readPasswordLine(buf)
-		if err != nil {
-			t.Errorf("readPasswordLine(%q) failed: %v", test.input, err)
-			continue
-		}
-		if string(have) != test.want {
-			t.Errorf("readPasswordLine(%q) returns %q, but %q is expected", test.input, string(have), test.want)
-			continue
-		}
-
-		if _, err = buf.WriteString(test.input); err != nil {
-			t.Fatal(err)
-		}
-		have, err = readPasswordLine(buf)
-		if err != nil {
-			t.Errorf("readPasswordLine(%q) failed: %v", test.input, err)
-			continue
-		}
-		if string(have) != test.want {
-			t.Errorf("readPasswordLine(%q) returns %q, but %q is expected", test.input, string(have), test.want)
-			continue
-		}
-	}
-}
-
-func TestMakeRawState(t *testing.T) {
-	fd := int(os.Stdout.Fd())
-	if !IsTerminal(fd) {
-		t.Skip("stdout is not a terminal; skipping test")
-	}
-
-	st, err := GetState(fd)
-	if err != nil {
-		t.Fatalf("failed to get terminal state from GetState: %s", err)
-	}
-	defer Restore(fd, st)
-	raw, err := MakeRaw(fd)
-	if err != nil {
-		t.Fatalf("failed to get terminal state from MakeRaw: %s", err)
-	}
-
-	if *st != *raw {
-		t.Errorf("states do not match; was %v, expected %v", raw, st)
-	}
-}
-
-func TestOutputNewlines(t *testing.T) {
-	// \n should be changed to \r\n in terminal output.
-	buf := new(bytes.Buffer)
-	term := NewTerminal(buf, ">")
-
-	term.Write([]byte("1\n2\n"))
-	output := string(buf.Bytes())
-	const expected = "1\r\n2\r\n"
-
-	if output != expected {
-		t.Errorf("incorrect output: was %q, expected %q", output, expected)
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/terminal/util.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/util.go
@ -17,6 +17,7 @@
 package terminal // import "golang.org/x/crypto/ssh/terminal"

 import (
+	"io"
 	"syscall"
 	"unsafe"
 )
@ -43,13 +44,8 @@ func MakeRaw(fd int) (*State, error) {
 	}

 	newState := oldState.termios
-	// This attempts to replicate the behaviour documented for cfmakeraw in
-	// the termios(3) manpage.
-	newState.Iflag &^= syscall.IGNBRK | syscall.BRKINT | syscall.PARMRK | syscall.ISTRIP | syscall.INLCR | syscall.IGNCR | syscall.ICRNL | syscall.IXON
-	newState.Oflag &^= syscall.OPOST
-	newState.Lflag &^= syscall.ECHO | syscall.ECHONL | syscall.ICANON | syscall.ISIG | syscall.IEXTEN
-	newState.Cflag &^= syscall.CSIZE | syscall.PARENB
-	newState.Cflag |= syscall.CS8
+	newState.Iflag &^= syscall.ISTRIP | syscall.INLCR | syscall.ICRNL | syscall.IGNCR | syscall.IXON | syscall.IXOFF
+	newState.Lflag &^= syscall.ECHO | syscall.ICANON | syscall.ISIG
 	if _, _, err := syscall.Syscall6(syscall.SYS_IOCTL, uintptr(fd), ioctlWriteTermios, uintptr(unsafe.Pointer(&newState)), 0, 0, 0); err != 0 {
 		return nil, err
 	}
@ -71,10 +67,8 @@ func GetState(fd int) (*State, error) {
 // Restore restores the terminal connected to the given file descriptor to a
 // previous state.
 func Restore(fd int, state *State) error {
-	if _, _, err := syscall.Syscall6(syscall.SYS_IOCTL, uintptr(fd), ioctlWriteTermios, uintptr(unsafe.Pointer(&state.termios)), 0, 0, 0); err != 0 {
-		return err
-	}
-	return nil
+	_, _, err := syscall.Syscall6(syscall.SYS_IOCTL, uintptr(fd), ioctlWriteTermios, uintptr(unsafe.Pointer(&state.termios)), 0, 0, 0)
+	return err
 }

 // GetSize returns the dimensions of the given terminal.
@ -87,13 +81,6 @@ func GetSize(fd int) (width, height int, err error) {
 	return int(dimensions[1]), int(dimensions[0]), nil
 }

-// passwordReader is an io.Reader that reads from a specific file descriptor.
-type passwordReader int
-
-func (r passwordReader) Read(buf []byte) (int, error) {
-	return syscall.Read(int(r), buf)
-}
-
 // ReadPassword reads a line of input from a terminal without local echo.  This
 // is commonly used for inputting passwords and other sensitive data. The slice
 // returned does not include the \n.
@ -115,5 +102,27 @@ func ReadPassword(fd int) ([]byte, error) {
 		syscall.Syscall6(syscall.SYS_IOCTL, uintptr(fd), ioctlWriteTermios, uintptr(unsafe.Pointer(&oldState)), 0, 0, 0)
 	}()

-	return readPasswordLine(passwordReader(fd))
+	var buf [16]byte
+	var ret []byte
+	for {
+		n, err := syscall.Read(fd, buf[:])
+		if err != nil {
+			return nil, err
+		}
+		if n == 0 {
+			if len(ret) == 0 {
+				return nil, io.EOF
+			}
+			break
+		}
+		if buf[n-1] == '\n' {
+			n--
+		}
+		ret = append(ret, buf[:n]...)
+		if n < len(buf) {
+			break
+		}
+	}
+
+	return ret, nil
 }
--- a/vendor/golang.org/x/crypto/ssh/terminal/util_plan9.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/util_plan9.go
@ -1,58 +0,0 @@
-// Copyright 2016 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package terminal provides support functions for dealing with terminals, as
-// commonly found on UNIX systems.
-//
-// Putting a terminal into raw mode is the most common requirement:
-//
-// 	oldState, err := terminal.MakeRaw(0)
-// 	if err != nil {
-// 	        panic(err)
-// 	}
-// 	defer terminal.Restore(0, oldState)
-package terminal
-
-import (
-	"fmt"
-	"runtime"
-)
-
-type State struct{}
-
-// IsTerminal returns true if the given file descriptor is a terminal.
-func IsTerminal(fd int) bool {
-	return false
-}
-
-// MakeRaw put the terminal connected to the given file descriptor into raw
-// mode and returns the previous state of the terminal so that it can be
-// restored.
-func MakeRaw(fd int) (*State, error) {
-	return nil, fmt.Errorf("terminal: MakeRaw not implemented on %s/%s", runtime.GOOS, runtime.GOARCH)
-}
-
-// GetState returns the current state of a terminal which may be useful to
-// restore the terminal after a signal.
-func GetState(fd int) (*State, error) {
-	return nil, fmt.Errorf("terminal: GetState not implemented on %s/%s", runtime.GOOS, runtime.GOARCH)
-}
-
-// Restore restores the terminal connected to the given file descriptor to a
-// previous state.
-func Restore(fd int, state *State) error {
-	return fmt.Errorf("terminal: Restore not implemented on %s/%s", runtime.GOOS, runtime.GOARCH)
-}
-
-// GetSize returns the dimensions of the given terminal.
-func GetSize(fd int) (width, height int, err error) {
-	return 0, 0, fmt.Errorf("terminal: GetSize not implemented on %s/%s", runtime.GOOS, runtime.GOARCH)
-}
-
-// ReadPassword reads a line of input from a terminal without local echo.  This
-// is commonly used for inputting passwords and other sensitive data. The slice
-// returned does not include the \n.
-func ReadPassword(fd int) ([]byte, error) {
-	return nil, fmt.Errorf("terminal: ReadPassword not implemented on %s/%s", runtime.GOOS, runtime.GOARCH)
-}
--- a/vendor/golang.org/x/crypto/ssh/terminal/util_solaris.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/util_solaris.go
@ -1,128 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build solaris
-
-package terminal // import "golang.org/x/crypto/ssh/terminal"
-
-import (
-	"golang.org/x/sys/unix"
-	"io"
-	"syscall"
-)
-
-// State contains the state of a terminal.
-type State struct {
-	state *unix.Termios
-}
-
-// IsTerminal returns true if the given file descriptor is a terminal.
-func IsTerminal(fd int) bool {
-	_, err := unix.IoctlGetTermio(fd, unix.TCGETA)
-	return err == nil
-}
-
-// ReadPassword reads a line of input from a terminal without local echo.  This
-// is commonly used for inputting passwords and other sensitive data. The slice
-// returned does not include the \n.
-func ReadPassword(fd int) ([]byte, error) {
-	// see also: http://src.illumos.org/source/xref/illumos-gate/usr/src/lib/libast/common/uwin/getpass.c
-	val, err := unix.IoctlGetTermios(fd, unix.TCGETS)
-	if err != nil {
-		return nil, err
-	}
-	oldState := *val
-
-	newState := oldState
-	newState.Lflag &^= syscall.ECHO
-	newState.Lflag |= syscall.ICANON | syscall.ISIG
-	newState.Iflag |= syscall.ICRNL
-	err = unix.IoctlSetTermios(fd, unix.TCSETS, &newState)
-	if err != nil {
-		return nil, err
-	}
-
-	defer unix.IoctlSetTermios(fd, unix.TCSETS, &oldState)
-
-	var buf [16]byte
-	var ret []byte
-	for {
-		n, err := syscall.Read(fd, buf[:])
-		if err != nil {
-			return nil, err
-		}
-		if n == 0 {
-			if len(ret) == 0 {
-				return nil, io.EOF
-			}
-			break
-		}
-		if buf[n-1] == '\n' {
-			n--
-		}
-		ret = append(ret, buf[:n]...)
-		if n < len(buf) {
-			break
-		}
-	}
-
-	return ret, nil
-}
-
-// MakeRaw puts the terminal connected to the given file descriptor into raw
-// mode and returns the previous state of the terminal so that it can be
-// restored.
-// see http://cr.illumos.org/~webrev/andy_js/1060/
-func MakeRaw(fd int) (*State, error) {
-	oldTermiosPtr, err := unix.IoctlGetTermios(fd, unix.TCGETS)
-	if err != nil {
-		return nil, err
-	}
-	oldTermios := *oldTermiosPtr
-
-	newTermios := oldTermios
-	newTermios.Iflag &^= syscall.IGNBRK | syscall.BRKINT | syscall.PARMRK | syscall.ISTRIP | syscall.INLCR | syscall.IGNCR | syscall.ICRNL | syscall.IXON
-	newTermios.Oflag &^= syscall.OPOST
-	newTermios.Lflag &^= syscall.ECHO | syscall.ECHONL | syscall.ICANON | syscall.ISIG | syscall.IEXTEN
-	newTermios.Cflag &^= syscall.CSIZE | syscall.PARENB
-	newTermios.Cflag |= syscall.CS8
-	newTermios.Cc[unix.VMIN] = 1
-	newTermios.Cc[unix.VTIME] = 0
-
-	if err := unix.IoctlSetTermios(fd, unix.TCSETS, &newTermios); err != nil {
-		return nil, err
-	}
-
-	return &State{
-		state: oldTermiosPtr,
-	}, nil
-}
-
-// Restore restores the terminal connected to the given file descriptor to a
-// previous state.
-func Restore(fd int, oldState *State) error {
-	return unix.IoctlSetTermios(fd, unix.TCSETS, oldState.state)
-}
-
-// GetState returns the current state of a terminal which may be useful to
-// restore the terminal after a signal.
-func GetState(fd int) (*State, error) {
-	oldTermiosPtr, err := unix.IoctlGetTermios(fd, unix.TCGETS)
-	if err != nil {
-		return nil, err
-	}
-
-	return &State{
-		state: oldTermiosPtr,
-	}, nil
-}
-
-// GetSize returns the dimensions of the given terminal.
-func GetSize(fd int) (width, height int, err error) {
-	ws, err := unix.IoctlGetWinsize(fd, unix.TIOCGWINSZ)
-	if err != nil {
-		return 0, 0, err
-	}
-	return int(ws.Col), int(ws.Row), nil
-}
--- a/vendor/golang.org/x/crypto/ssh/terminal/util_windows.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/util_windows.go
@ -17,6 +17,7 @@
 package terminal

 import (
+	"io"
 	"syscall"
 	"unsafe"
 )
@ -86,8 +87,8 @@ func MakeRaw(fd int) (*State, error) {
 	if e != 0 {
 		return nil, error(e)
 	}
-	raw := st &^ (enableEchoInput | enableProcessedInput | enableLineInput | enableProcessedOutput)
-	_, _, e = syscall.Syscall(procSetConsoleMode.Addr(), 2, uintptr(fd), uintptr(raw), 0)
+	st &^= (enableEchoInput | enableProcessedInput | enableLineInput | enableProcessedOutput)
+	_, _, e = syscall.Syscall(procSetConsoleMode.Addr(), 2, uintptr(fd), uintptr(st), 0)
 	if e != 0 {
 		return nil, error(e)
 	}
@ -122,13 +123,6 @@ func GetSize(fd int) (width, height int, err error) {
 	return int(info.size.x), int(info.size.y), nil
 }

-// passwordReader is an io.Reader that reads from a specific Windows HANDLE.
-type passwordReader int
-
-func (r passwordReader) Read(buf []byte) (int, error) {
-	return syscall.Read(syscall.Handle(r), buf)
-}
-
 // ReadPassword reads a line of input from a terminal without local echo.  This
 // is commonly used for inputting passwords and other sensitive data. The slice
 // returned does not include the \n.
@ -151,5 +145,30 @@ func ReadPassword(fd int) ([]byte, error) {
 		syscall.Syscall(procSetConsoleMode.Addr(), 2, uintptr(fd), uintptr(old), 0)
 	}()

-	return readPasswordLine(passwordReader(fd))
+	var buf [16]byte
+	var ret []byte
+	for {
+		n, err := syscall.Read(syscall.Handle(fd), buf[:])
+		if err != nil {
+			return nil, err
+		}
+		if n == 0 {
+			if len(ret) == 0 {
+				return nil, io.EOF
+			}
+			break
+		}
+		if buf[n-1] == '\n' {
+			n--
+		}
+		if n > 0 && buf[n-1] == '\r' {
+			n--
+		}
+		ret = append(ret, buf[:n]...)
+		if n < len(buf) {
+			break
+		}
+	}
+
+	return ret, nil
 }
--- a/vendor/golang.org/x/crypto/ssh/test/agent_unix_test.go
+++ b/vendor/golang.org/x/crypto/ssh/test/agent_unix_test.go
@ -21,16 +21,7 @@ func TestAgentForward(t *testing.T) {
 	defer conn.Close()

 	keyring := agent.NewKeyring()
-	if err := keyring.Add(agent.AddedKey{PrivateKey: testPrivateKeys["dsa"]}); err != nil {
-		t.Fatalf("Error adding key: %s", err)
-	}
-	if err := keyring.Add(agent.AddedKey{
-		PrivateKey:       testPrivateKeys["dsa"],
-		ConfirmBeforeUse: true,
-		LifetimeSecs:     3600,
-	}); err != nil {
-		t.Fatalf("Error adding key with constraints: %s", err)
-	}
+	keyring.Add(testPrivateKeys["dsa"], nil, "")
 	pub := testPublicKeys["dsa"]

 	sess, err := conn.NewSession()
--- a/vendor/golang.org/x/crypto/ssh/test/cert_test.go
+++ b/vendor/golang.org/x/crypto/ssh/test/cert_test.go
@ -7,14 +7,12 @@
 package test

 import (
-	"bytes"
 	"crypto/rand"
 	"testing"

 	"golang.org/x/crypto/ssh"
 )

-// Test both logging in with a cert, and also that the certificate presented by an OpenSSH host can be validated correctly
 func TestCertLogin(t *testing.T) {
 	s := newServer(t)
 	defer s.Shutdown()
@ -39,39 +37,11 @@ func TestCertLogin(t *testing.T) {

 	conf := &ssh.ClientConfig{
 		User: username(),
-		HostKeyCallback: (&ssh.CertChecker{
-			IsHostAuthority: func(pk ssh.PublicKey, addr string) bool {
-				return bytes.Equal(pk.Marshal(), testPublicKeys["ca"].Marshal())
-			},
-		}).CheckHostKey,
 	}
 	conf.Auth = append(conf.Auth, ssh.PublicKeys(certSigner))
-
-	for _, test := range []struct {
-		addr    string
-		succeed bool
-	}{
-		{addr: "host.example.com:22", succeed: true},
-		{addr: "host.example.com:10000", succeed: true}, // non-standard port must be OK
-		{addr: "host.example.com", succeed: false},      // port must be specified
-		{addr: "host.ex4mple.com:22", succeed: false},   // wrong host
-	} {
-		client, err := s.TryDialWithAddr(conf, test.addr)
-
-		// Always close client if opened successfully
-		if err == nil {
-			client.Close()
-		}
-
-		// Now evaluate whether the test failed or passed
-		if test.succeed {
-			if err != nil {
-				t.Fatalf("TryDialWithAddr: %v", err)
-			}
-		} else {
-			if err == nil {
-				t.Fatalf("TryDialWithAddr, unexpected success")
-			}
-		}
+	client, err := s.TryDial(conf)
+	if err != nil {
+		t.Fatalf("TryDial: %v", err)
 	}
+	client.Close()
 }
--- a/vendor/golang.org/x/crypto/ssh/test/dial_unix_test.go
+++ b/vendor/golang.org/x/crypto/ssh/test/dial_unix_test.go
@ -1,128 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !windows
-
-package test
-
-// direct-tcpip and direct-streamlocal functional tests
-
-import (
-	"fmt"
-	"io"
-	"io/ioutil"
-	"net"
-	"strings"
-	"testing"
-)
-
-type dialTester interface {
-	TestServerConn(t *testing.T, c net.Conn)
-	TestClientConn(t *testing.T, c net.Conn)
-}
-
-func testDial(t *testing.T, n, listenAddr string, x dialTester) {
-	server := newServer(t)
-	defer server.Shutdown()
-	sshConn := server.Dial(clientConfig())
-	defer sshConn.Close()
-
-	l, err := net.Listen(n, listenAddr)
-	if err != nil {
-		t.Fatalf("Listen: %v", err)
-	}
-	defer l.Close()
-
-	testData := fmt.Sprintf("hello from %s, %s", n, listenAddr)
-	go func() {
-		for {
-			c, err := l.Accept()
-			if err != nil {
-				break
-			}
-			x.TestServerConn(t, c)
-
-			io.WriteString(c, testData)
-			c.Close()
-		}
-	}()
-
-	conn, err := sshConn.Dial(n, l.Addr().String())
-	if err != nil {
-		t.Fatalf("Dial: %v", err)
-	}
-	x.TestClientConn(t, conn)
-	defer conn.Close()
-	b, err := ioutil.ReadAll(conn)
-	if err != nil {
-		t.Fatalf("ReadAll: %v", err)
-	}
-	t.Logf("got %q", string(b))
-	if string(b) != testData {
-		t.Fatalf("expected %q, got %q", testData, string(b))
-	}
-}
-
-type tcpDialTester struct {
-	listenAddr string
-}
-
-func (x *tcpDialTester) TestServerConn(t *testing.T, c net.Conn) {
-	host := strings.Split(x.listenAddr, ":")[0]
-	prefix := host + ":"
-	if !strings.HasPrefix(c.LocalAddr().String(), prefix) {
-		t.Fatalf("expected to start with %q, got %q", prefix, c.LocalAddr().String())
-	}
-	if !strings.HasPrefix(c.RemoteAddr().String(), prefix) {
-		t.Fatalf("expected to start with %q, got %q", prefix, c.RemoteAddr().String())
-	}
-}
-
-func (x *tcpDialTester) TestClientConn(t *testing.T, c net.Conn) {
-	// we use zero addresses. see *Client.Dial.
-	if c.LocalAddr().String() != "0.0.0.0:0" {
-		t.Fatalf("expected \"0.0.0.0:0\", got %q", c.LocalAddr().String())
-	}
-	if c.RemoteAddr().String() != "0.0.0.0:0" {
-		t.Fatalf("expected \"0.0.0.0:0\", got %q", c.RemoteAddr().String())
-	}
-}
-
-func TestDialTCP(t *testing.T) {
-	x := &tcpDialTester{
-		listenAddr: "127.0.0.1:0",
-	}
-	testDial(t, "tcp", x.listenAddr, x)
-}
-
-type unixDialTester struct {
-	listenAddr string
-}
-
-func (x *unixDialTester) TestServerConn(t *testing.T, c net.Conn) {
-	if c.LocalAddr().String() != x.listenAddr {
-		t.Fatalf("expected %q, got %q", x.listenAddr, c.LocalAddr().String())
-	}
-	if c.RemoteAddr().String() != "@" {
-		t.Fatalf("expected \"@\", got %q", c.RemoteAddr().String())
-	}
-}
-
-func (x *unixDialTester) TestClientConn(t *testing.T, c net.Conn) {
-	if c.RemoteAddr().String() != x.listenAddr {
-		t.Fatalf("expected %q, got %q", x.listenAddr, c.RemoteAddr().String())
-	}
-	if c.LocalAddr().String() != "@" {
-		t.Fatalf("expected \"@\", got %q", c.LocalAddr().String())
-	}
-}
-
-func TestDialUnix(t *testing.T) {
-	addr, cleanup := newTempSocket(t)
-	defer cleanup()
-	x := &unixDialTester{
-		listenAddr: addr,
-	}
-	testDial(t, "unix", x.listenAddr, x)
-}
--- a/vendor/golang.org/x/crypto/ssh/test/doc.go
+++ b/vendor/golang.org/x/crypto/ssh/test/doc.go
@ -3,5 +3,5 @@
 // license that can be found in the LICENSE file.

 // This package contains integration tests for the
-// golang.org/x/crypto/ssh package.
+// code.google.com/p/go.crypto/ssh package.
 package test // import "golang.org/x/crypto/ssh/test"
--- a/vendor/golang.org/x/crypto/ssh/test/forward_unix_test.go
+++ b/vendor/golang.org/x/crypto/ssh/test/forward_unix_test.go
@ -16,17 +16,13 @@ import (
 	"time"
 )

-type closeWriter interface {
-	CloseWrite() error
-}
-
-func testPortForward(t *testing.T, n, listenAddr string) {
+func TestPortForward(t *testing.T) {
 	server := newServer(t)
 	defer server.Shutdown()
 	conn := server.Dial(clientConfig())
 	defer conn.Close()

-	sshListener, err := conn.Listen(n, listenAddr)
+	sshListener, err := conn.Listen("tcp", "localhost:0")
 	if err != nil {
 		t.Fatal(err)
 	}
@ -45,14 +41,14 @@ func testPortForward(t *testing.T, n, listenAddr string) {
 	}()

 	forwardedAddr := sshListener.Addr().String()
-	netConn, err := net.Dial(n, forwardedAddr)
+	tcpConn, err := net.Dial("tcp", forwardedAddr)
 	if err != nil {
-		t.Fatalf("net dial failed: %v", err)
+		t.Fatalf("TCP dial failed: %v", err)
 	}

 	readChan := make(chan []byte)
 	go func() {
-		data, _ := ioutil.ReadAll(netConn)
+		data, _ := ioutil.ReadAll(tcpConn)
 		readChan <- data
 	}()

@ -66,14 +62,14 @@ func testPortForward(t *testing.T, n, listenAddr string) {
 	for len(sent) < 1000*1000 {
 		// Send random sized chunks
 		m := rand.Intn(len(data))
-		n, err := netConn.Write(data[:m])
+		n, err := tcpConn.Write(data[:m])
 		if err != nil {
 			break
 		}
 		sent = append(sent, data[:n]...)
 	}
-	if err := netConn.(closeWriter).CloseWrite(); err != nil {
-		t.Errorf("netConn.CloseWrite: %v", err)
+	if err := tcpConn.(*net.TCPConn).CloseWrite(); err != nil {
+		t.Errorf("tcpConn.CloseWrite: %v", err)
 	}

 	read := <-readChan
@ -90,29 +86,19 @@ func testPortForward(t *testing.T, n, listenAddr string) {
 	}

 	// Check that the forward disappeared.
-	netConn, err = net.Dial(n, forwardedAddr)
+	tcpConn, err = net.Dial("tcp", forwardedAddr)
 	if err == nil {
-		netConn.Close()
+		tcpConn.Close()
 		t.Errorf("still listening to %s after closing", forwardedAddr)
 	}
 }

-func TestPortForwardTCP(t *testing.T) {
-	testPortForward(t, "tcp", "localhost:0")
-}
-
-func TestPortForwardUnix(t *testing.T) {
-	addr, cleanup := newTempSocket(t)
-	defer cleanup()
-	testPortForward(t, "unix", addr)
-}
-
-func testAcceptClose(t *testing.T, n, listenAddr string) {
+func TestAcceptClose(t *testing.T) {
 	server := newServer(t)
 	defer server.Shutdown()
 	conn := server.Dial(clientConfig())

-	sshListener, err := conn.Listen(n, listenAddr)
+	sshListener, err := conn.Listen("tcp", "localhost:0")
 	if err != nil {
 		t.Fatal(err)
 	}
@ -138,23 +124,13 @@ func testAcceptClose(t *testing.T, n, listenAddr string) {
 	}
 }

-func TestAcceptCloseTCP(t *testing.T) {
-	testAcceptClose(t, "tcp", "localhost:0")
-}
-
-func TestAcceptCloseUnix(t *testing.T) {
-	addr, cleanup := newTempSocket(t)
-	defer cleanup()
-	testAcceptClose(t, "unix", addr)
-}
-
 // Check that listeners exit if the underlying client transport dies.
-func testPortForwardConnectionClose(t *testing.T, n, listenAddr string) {
+func TestPortForwardConnectionClose(t *testing.T) {
 	server := newServer(t)
 	defer server.Shutdown()
 	conn := server.Dial(clientConfig())

-	sshListener, err := conn.Listen(n, listenAddr)
+	sshListener, err := conn.Listen("tcp", "localhost:0")
 	if err != nil {
 		t.Fatal(err)
 	}
@ -182,13 +158,3 @@ func testPortForwardConnectionClose(t *testing.T, n, listenAddr string) {
 		t.Logf("quit as expected (error %v)", err)
 	}
 }
-
-func TestPortForwardConnectionCloseTCP(t *testing.T) {
-	testPortForwardConnectionClose(t, "tcp", "localhost:0")
-}
-
-func TestPortForwardConnectionCloseUnix(t *testing.T) {
-	addr, cleanup := newTempSocket(t)
-	defer cleanup()
-	testPortForwardConnectionClose(t, "unix", addr)
-}
--- a/vendor/golang.org/x/crypto/ssh/test/session_test.go
+++ b/vendor/golang.org/x/crypto/ssh/test/session_test.go
@ -280,16 +280,13 @@ func TestCiphers(t *testing.T) {
 	var config ssh.Config
 	config.SetDefaults()
 	cipherOrder := config.Ciphers
-	// These ciphers will not be tested when commented out in cipher.go it will
-	// fallback to the next available as per line 292.
-	cipherOrder = append(cipherOrder, "aes128-cbc", "3des-cbc")

 	for _, ciph := range cipherOrder {
 		server := newServer(t)
 		defer server.Shutdown()
 		conf := clientConfig()
 		conf.Ciphers = []string{ciph}
-		// Don't fail if sshd doesn't have the cipher.
+		// Don't fail if sshd doesnt have the cipher.
 		conf.Ciphers = append(conf.Ciphers, cipherOrder...)
 		conn, err := server.TryDial(conf)
 		if err == nil {
@ -310,7 +307,7 @@ func TestMACs(t *testing.T) {
 		defer server.Shutdown()
 		conf := clientConfig()
 		conf.MACs = []string{mac}
-		// Don't fail if sshd doesn't have the MAC.
+		// Don't fail if sshd doesnt have the MAC.
 		conf.MACs = append(conf.MACs, macOrder...)
 		if conn, err := server.TryDial(conf); err == nil {
 			conn.Close()
@ -319,47 +316,3 @@ func TestMACs(t *testing.T) {
 		}
 	}
 }
-
-func TestKeyExchanges(t *testing.T) {
-	var config ssh.Config
-	config.SetDefaults()
-	kexOrder := config.KeyExchanges
-	for _, kex := range kexOrder {
-		server := newServer(t)
-		defer server.Shutdown()
-		conf := clientConfig()
-		// Don't fail if sshd doesn't have the kex.
-		conf.KeyExchanges = append([]string{kex}, kexOrder...)
-		conn, err := server.TryDial(conf)
-		if err == nil {
-			conn.Close()
-		} else {
-			t.Errorf("failed for kex %q", kex)
-		}
-	}
-}
-
-func TestClientAuthAlgorithms(t *testing.T) {
-	for _, key := range []string{
-		"rsa",
-		"dsa",
-		"ecdsa",
-		"ed25519",
-	} {
-		server := newServer(t)
-		conf := clientConfig()
-		conf.SetDefaults()
-		conf.Auth = []ssh.AuthMethod{
-			ssh.PublicKeys(testSigners[key]),
-		}
-
-		conn, err := server.TryDial(conf)
-		if err == nil {
-			conn.Close()
-		} else {
-			t.Errorf("failed for key %q", key)
-		}
-
-		server.Shutdown()
-	}
-}
--- a/vendor/golang.org/x/crypto/ssh/test/tcpip_test.go
+++ b/vendor/golang.org/x/crypto/ssh/test/tcpip_test.go
@ -0,0 +1,46 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build !windows
+
+package test
+
+// direct-tcpip functional tests
+
+import (
+	"io"
+	"net"
+	"testing"
+)
+
+func TestDial(t *testing.T) {
+	server := newServer(t)
+	defer server.Shutdown()
+	sshConn := server.Dial(clientConfig())
+	defer sshConn.Close()
+
+	l, err := net.Listen("tcp", "127.0.0.1:0")
+	if err != nil {
+		t.Fatalf("Listen: %v", err)
+	}
+	defer l.Close()
+
+	go func() {
+		for {
+			c, err := l.Accept()
+			if err != nil {
+				break
+			}
+
+			io.WriteString(c, c.RemoteAddr().String())
+			c.Close()
+		}
+	}()
+
+	conn, err := sshConn.Dial("tcp", l.Addr().String())
+	if err != nil {
+		t.Fatalf("Dial: %v", err)
+	}
+	defer conn.Close()
+}
--- a/vendor/golang.org/x/crypto/ssh/test/test_unix_test.go
+++ b/vendor/golang.org/x/crypto/ssh/test/test_unix_test.go
@ -30,7 +30,6 @@ Protocol 2
 HostKey {{.Dir}}/id_rsa
 HostKey {{.Dir}}/id_dsa
 HostKey {{.Dir}}/id_ecdsa
-HostCertificate {{.Dir}}/id_rsa-cert.pub
 Pidfile {{.Dir}}/sshd.pid
 #UsePrivilegeSeparation no
 KeyRegenerationInterval 3600
@ -42,12 +41,11 @@ PermitRootLogin no
 StrictModes no
 RSAAuthentication yes
 PubkeyAuthentication yes
-AuthorizedKeysFile	{{.Dir}}/authorized_keys
+AuthorizedKeysFile	{{.Dir}}/id_user.pub
 TrustedUserCAKeys {{.Dir}}/id_ecdsa.pub
 IgnoreRhosts yes
 RhostsRSAAuthentication no
 HostbasedAuthentication no
-PubkeyAcceptedKeyTypes=*
 `

 var configTmpl = template.Must(template.New("").Parse(sshd_config))
@ -120,11 +118,6 @@ func clientConfig() *ssh.ClientConfig {
 			ssh.PublicKeys(testSigners["user"]),
 		},
 		HostKeyCallback: hostKeyDB().Check,
-		HostKeyAlgorithms: []string{ // by default, don't allow certs as this affects the hostKeyDB checker
-			ssh.KeyAlgoECDSA256, ssh.KeyAlgoECDSA384, ssh.KeyAlgoECDSA521,
-			ssh.KeyAlgoRSA, ssh.KeyAlgoDSA,
-			ssh.KeyAlgoED25519,
-		},
 	}
 	return config
 }
@ -160,12 +153,6 @@ func unixConnection() (*net.UnixConn, *net.UnixConn, error) {
 }

 func (s *server) TryDial(config *ssh.ClientConfig) (*ssh.Client, error) {
-	return s.TryDialWithAddr(config, "")
-}
-
-// addr is the user specified host:port. While we don't actually dial it,
-// we need to know this for host key matching
-func (s *server) TryDialWithAddr(config *ssh.ClientConfig, addr string) (*ssh.Client, error) {
 	sshd, err := exec.LookPath("sshd")
 	if err != nil {
 		s.t.Skipf("skipping test: %v", err)
@ -191,7 +178,7 @@ func (s *server) TryDialWithAddr(config *ssh.ClientConfig, addr string) (*ssh.Cl
 		s.t.Fatalf("s.cmd.Start: %v", err)
 	}
 	s.clientConn = c1
-	conn, chans, reqs, err := ssh.NewClientConn(c1, addr, config)
+	conn, chans, reqs, err := ssh.NewClientConn(c1, "", config)
 	if err != nil {
 		return nil, err
 	}
@ -262,17 +249,6 @@ func newServer(t *testing.T) *server {
 		writeFile(filepath.Join(dir, filename+".pub"), ssh.MarshalAuthorizedKey(testPublicKeys[k]))
 	}

-	for k, v := range testdata.SSHCertificates {
-		filename := "id_" + k + "-cert.pub"
-		writeFile(filepath.Join(dir, filename), v)
-	}
-
-	var authkeys bytes.Buffer
-	for k, _ := range testdata.PEMBytes {
-		authkeys.Write(ssh.MarshalAuthorizedKey(testPublicKeys[k]))
-	}
-	writeFile(filepath.Join(dir, "authorized_keys"), authkeys.Bytes())
-
 	return &server{
 		t:          t,
 		configfile: f.Name(),
@ -283,13 +259,3 @@ func newServer(t *testing.T) *server {
 		},
 	}
 }
-
-func newTempSocket(t *testing.T) (string, func()) {
-	dir, err := ioutil.TempDir("", "socket")
-	if err != nil {
-		t.Fatal(err)
-	}
-	deferFunc := func() { os.RemoveAll(dir) }
-	addr := filepath.Join(dir, "sock")
-	return addr, deferFunc
-}
--- a/vendor/golang.org/x/crypto/ssh/test/testdata_test.go
+++ b/vendor/golang.org/x/crypto/ssh/test/testdata_test.go
@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

-// IMPLEMENTATION NOTE: To avoid a package loop, this file is in three places:
+// IMPLEMENTOR NOTE: To avoid a package loop, this file is in three places:
 // ssh/, ssh/agent, and ssh/test/. It should be kept in sync across all three
 // instances.

--- a/vendor/golang.org/x/crypto/ssh/testdata/doc.go
+++ b/vendor/golang.org/x/crypto/ssh/testdata/doc.go
@ -3,6 +3,6 @@
 // license that can be found in the LICENSE file.

 // This package contains test data shared between the various subpackages of
-// the golang.org/x/crypto/ssh package. Under no circumstance should
+// the code.google.com/p/go.crypto/ssh package. Under no circumstance should
 // this data be used for production code.
 package testdata // import "golang.org/x/crypto/ssh/testdata"
--- a/vendor/golang.org/x/crypto/ssh/testdata/keys.go
+++ b/vendor/golang.org/x/crypto/ssh/testdata/keys.go
@ -25,153 +25,19 @@ AwEHoUQDQgAEi9Hdw6KvZcWxfg2IDhA7UkpDtzzt6ZqJXSsFdLd+Kx4S3Sx4cVO+
 -----END EC PRIVATE KEY-----
 `),
 	"rsa": []byte(`-----BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQC8A6FGHDiWCSREAXCq6yBfNVr0xCVG2CzvktFNRpue+RXrGs/2
-a6ySEJQb3IYquw7HlJgu6fg3WIWhOmHCjfpG0PrL4CRwbqQ2LaPPXhJErWYejcD8
-Di00cF3677+G10KMZk9RXbmHtuBFZT98wxg8j+ZsBMqGM1+7yrWUvynswQIDAQAB
-AoGAJMCk5vqfSRzyXOTXLGIYCuR4Kj6pdsbNSeuuRGfYBeR1F2c/XdFAg7D/8s5R
-38p/Ih52/Ty5S8BfJtwtvgVY9ecf/JlU/rl/QzhG8/8KC0NG7KsyXklbQ7gJT8UT
-Ojmw5QpMk+rKv17ipDVkQQmPaj+gJXYNAHqImke5mm/K/h0CQQDciPmviQ+DOhOq
-2ZBqUfH8oXHgFmp7/6pXw80DpMIxgV3CwkxxIVx6a8lVH9bT/AFySJ6vXq4zTuV9
-6QmZcZzDAkEA2j/UXJPIs1fQ8z/6sONOkU/BjtoePFIWJlRxdN35cZjXnBraX5UR
-fFHkePv4YwqmXNqrBOvSu+w2WdSDci+IKwJAcsPRc/jWmsrJW1q3Ha0hSf/WG/Bu
-X7MPuXaKpP/DkzGoUmb8ks7yqj6XWnYkPNLjCc8izU5vRwIiyWBRf4mxMwJBAILa
-NDvRS0rjwt6lJGv7zPZoqDc65VfrK2aNyHx2PgFyzwrEOtuF57bu7pnvEIxpLTeM
-z26i6XVMeYXAWZMTloMCQBbpGgEERQpeUknLBqUHhg/wXF6+lFA+vEGnkY+Dwab2
-KCXFGd+SQ5GdUcEMe9isUH6DYj/6/yCDoFrXXmpQb+M=
+MIIBOwIBAAJBALdGZxkXDAjsYk10ihwU6Id2KeILz1TAJuoq4tOgDWxEEGeTrcld
+r/ZwVaFzjWzxaf6zQIJbfaSEAhqD5yo72+sCAwEAAQJBAK8PEVU23Wj8mV0QjwcJ
+tZ4GcTUYQL7cF4+ezTCE9a1NrGnCP2RuQkHEKxuTVrxXt+6OF15/1/fuXnxKjmJC
+nxkCIQDaXvPPBi0c7vAxGwNY9726x01/dNbHCE0CBtcotobxpwIhANbbQbh3JHVW
+2haQh4fAG5mhesZKAGcxTyv4mQ7uMSQdAiAj+4dzMpJWdSzQ+qGHlHMIBvVHLkqB
+y2VdEyF7DPCZewIhAI7GOI/6LDIFOvtPo6Bj2nNmyQ1HU6k/LRtNIXi4c9NJAiAr
+rrxx26itVhJmcvoUhOjwuzSlP2bE5VHAvkGB352YBg==
 -----END RSA PRIVATE KEY-----
 `),
-	"ed25519": []byte(`-----BEGIN OPENSSH PRIVATE KEY-----
-b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
-QyNTUxOQAAACA+3f7hS7g5UWwXOGVTrMfhmxyrjqz7Sxxbx7I1j8DvvwAAAJhAFfkOQBX5
-DgAAAAtzc2gtZWQyNTUxOQAAACA+3f7hS7g5UWwXOGVTrMfhmxyrjqz7Sxxbx7I1j8Dvvw
-AAAEAaYmXltfW6nhRo3iWGglRB48lYq0z0Q3I3KyrdutEr6j7d/uFLuDlRbBc4ZVOsx+Gb
-HKuOrPtLHFvHsjWPwO+/AAAAE2dhcnRvbm1AZ2FydG9ubS14cHMBAg==
-----END OPENSSH PRIVATE KEY-----
-`),
-	"rsa-openssh-format": []byte(`-----BEGIN OPENSSH PRIVATE KEY-----
-b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAlwAAAAdzc2gtcn
-NhAAAAAwEAAQAAAIEAwa48yfWFi3uIdqzuf9X7C2Zxfea/Iaaw0zIwHudpF8U92WVIiC5l
-oEuW1+OaVi3UWfIEjWMV1tHGysrHOwtwc34BPCJqJknUQO/KtDTBTJ4Pryhw1bWPC999Lz
-a+yrCTdNQYBzoROXKExZgPFh9pTMi5wqpHDuOQ2qZFIEI3lT0AAAIQWL0H31i9B98AAAAH
-c3NoLXJzYQAAAIEAwa48yfWFi3uIdqzuf9X7C2Zxfea/Iaaw0zIwHudpF8U92WVIiC5loE
-uW1+OaVi3UWfIEjWMV1tHGysrHOwtwc34BPCJqJknUQO/KtDTBTJ4Pryhw1bWPC999Lza+
-yrCTdNQYBzoROXKExZgPFh9pTMi5wqpHDuOQ2qZFIEI3lT0AAAADAQABAAAAgCThyTGsT4
-IARDxVMhWl6eiB2ZrgFgWSeJm/NOqtppWgOebsIqPMMg4UVuVFsl422/lE3RkPhVkjGXgE
-pWvZAdCnmLmApK8wK12vF334lZhZT7t3Z9EzJps88PWEHo7kguf285HcnUM7FlFeissJdk
-kXly34y7/3X/a6Tclm+iABAAAAQE0xR/KxZ39slwfMv64Rz7WKk1PPskaryI29aHE3mKHk
-pY2QA+P3QlrKxT/VWUMjHUbNNdYfJm48xu0SGNMRdKMAAABBAORh2NP/06JUV3J9W/2Hju
-X1ViJuqqcQnJPVzpgSL826EC2xwOECTqoY8uvFpUdD7CtpksIxNVqRIhuNOlz0lqEAAABB
-ANkaHTTaPojClO0dKJ/Zjs7pWOCGliebBYprQ/Y4r9QLBkC/XaWMS26gFIrjgC7D2Rv+rZ
-wSD0v0RcmkITP1ZR0AAAAYcHF1ZXJuYUBMdWNreUh5ZHJvLmxvY2FsAQID
-----END OPENSSH PRIVATE KEY-----`),
 	"user": []byte(`-----BEGIN EC PRIVATE KEY-----
 MHcCAQEEILYCAeq8f7V4vSSypRw7pxy8yz3V5W4qg8kSC3zJhqpQoAoGCCqGSM49
 AwEHoUQDQgAEYcO2xNKiRUYOLEHM7VYAp57HNyKbOdYtHD83Z4hzNPVC4tM5mdGD
 PLL8IEwvYu2wq+lpXfGQnNMbzYf9gspG0w==
 -----END EC PRIVATE KEY-----
-`),
-	"ca": []byte(`-----BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAvg9dQ9IRG59lYJb+GESfKWTch4yBpr7Ydw1jkK6vvtrx9jLo
-5hkA8X6+ElRPRqTAZSlN5cBm6YCAcQIOsmXDUn6Oj1lVPQAoOjTBTvsjM3NjGhvv
-52kHTY0nsMsBeY9q5DTtlzmlYkVUq2a6Htgf2mNi01dIw5fJ7uTTo8EbNf7O0i3u
-c9a8P19HaZl5NKiWN4EIZkfB2WdXYRJCVBsGgQj3dE/GrEmH9QINq1A+GkNvK96u
-vZm8H1jjmuqzHplWa7lFeXcx8FTVTbVb/iJrZ2Lc/JvIPitKZWhqbR59yrGjpwEp
-Id7bo4WhO5L3OB0fSIJYvfu+o4WYnt4f3UzecwIDAQABAoIBABRD9yHgKErVuC2Q
-bA+SYZY8VvdtF/X7q4EmQFORDNRA7EPgMc03JU6awRGbQ8i4kHs46EFzPoXvWcKz
-AXYsO6N0Myc900Tp22A5d9NAHATEbPC/wdje7hRq1KyZONMJY9BphFv3nZbY5apR
-Dc90JBFZP5RhXjTc3n9GjvqLAKfFEKVmPRCvqxCOZunw6XR+SgIQLJo36nsIsbhW
-QUXIVaCI6cXMN8bRPm8EITdBNZu06Fpu4ZHm6VaxlXN9smERCDkgBSNXNWHKxmmA
-c3Glo2DByUr2/JFBOrLEe9fkYgr24KNCQkHVcSaFxEcZvTggr7StjKISVHlCNEaB
-7Q+kPoECgYEA3zE9FmvFGoQCU4g4Nl3dpQHs6kaAW8vJlrmq3xsireIuaJoa2HMe
-wYdIvgCnK9DIjyxd5OWnE4jXtAEYPsyGD32B5rSLQrRO96lgb3f4bESCLUb3Bsn/
-sdgeE3p1xZMA0B59htqCrvVgN9k8WxyevBxYl3/gSBm/p8OVH1RTW/ECgYEA2f9Z
-95OLj0KQHQtxQXf+I3VjhCw3LkLW39QZOXVI0QrCJfqqP7uxsJXH9NYX0l0GFTcR
-kRrlyoaSU1EGQosZh+n1MvplGBTkTSV47/bPsTzFpgK2NfEZuFm9RoWgltS+nYeH
-Y2k4mnAN3PhReCMwuprmJz8GRLsO3Cs2s2YylKMCgYEA2UX+uO/q7jgqZ5UJW+ue
-1H5+W0aMuFA3i7JtZEnvRaUVFqFGlwXin/WJ2+WY1++k/rPrJ+Rk9IBXtBUIvEGw
-FC5TIfsKQsJyyWgqx/jbbtJ2g4s8+W/1qfTAuqeRNOg5d2DnRDs90wJuS4//0JaY
-9HkHyVwkQyxFxhSA/AHEMJECgYA2MvyFR1O9bIk0D3I7GsA+xKLXa77Ua53MzIjw
-9i4CezBGDQpjCiFli/fI8am+jY5DnAtsDknvjoG24UAzLy5L0mk6IXMdB6SzYYut
-7ak5oahqW+Y9hxIj+XvLmtGQbphtxhJtLu35x75KoBpxSh6FZpmuTEccs31AVCYn
-eFM/DQKBgQDOPUwbLKqVi6ddFGgrV9MrWw+SWsDa43bPuyvYppMM3oqesvyaX1Dt
-qDvN7owaNxNM4OnfKcZr91z8YPVCFo4RbBif3DXRzjNNBlxEjHBtuMOikwvsmucN
-vIrbeEpjTiUMTEAr6PoTiVHjsfS8WAM6MDlF5M+2PNswDsBpa2yLgA==
-----END RSA PRIVATE KEY-----
 `),
 }
-
-var SSHCertificates = map[string][]byte{
-	// The following are corresponding certificates for the private keys above, signed by the CA key
-	// Generated by the following commands:
-	//
-	// 1. Assumes "rsa" key above in file named "rsa", write out the public key to "rsa.pub":
-	//    ssh-keygen -y -f rsa > rsa.pu
-	//
-	// 2. Assumes "ca" key above in file named "ca", sign a cert for "rsa.pub":
-	//    ssh-keygen -s ca -h -n host.example.com -V +500w -I host.example.com-key rsa.pub
-	"rsa": []byte(`ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgLjYqmmuTSEmjVhSfLQphBSTJMLwIZhRgmpn8FHKLiEIAAAADAQABAAAAgQC8A6FGHDiWCSREAXCq6yBfNVr0xCVG2CzvktFNRpue+RXrGs/2a6ySEJQb3IYquw7HlJgu6fg3WIWhOmHCjfpG0PrL4CRwbqQ2LaPPXhJErWYejcD8Di00cF3677+G10KMZk9RXbmHtuBFZT98wxg8j+ZsBMqGM1+7yrWUvynswQAAAAAAAAAAAAAAAgAAABRob3N0LmV4YW1wbGUuY29tLWtleQAAABQAAAAQaG9zdC5leGFtcGxlLmNvbQAAAABZHN8UAAAAAGsjIYUAAAAAAAAAAAAAAAAAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQC+D11D0hEbn2Vglv4YRJ8pZNyHjIGmvth3DWOQrq++2vH2MujmGQDxfr4SVE9GpMBlKU3lwGbpgIBxAg6yZcNSfo6PWVU9ACg6NMFO+yMzc2MaG+/naQdNjSewywF5j2rkNO2XOaViRVSrZroe2B/aY2LTV0jDl8nu5NOjwRs1/s7SLe5z1rw/X0dpmXk0qJY3gQhmR8HZZ1dhEkJUGwaBCPd0T8asSYf1Ag2rUD4aQ28r3q69mbwfWOOa6rMemVZruUV5dzHwVNVNtVv+ImtnYtz8m8g+K0plaGptHn3KsaOnASkh3tujhaE7kvc4HR9Igli9+76jhZie3h/dTN5zAAABDwAAAAdzc2gtcnNhAAABALeDea+60H6xJGhktAyosHaSY7AYzLocaqd8hJQjEIDifBwzoTlnBmcK9CxGhKuaoJFThdCLdaevCeOSuquh8HTkf+2ebZZc/G5T+2thPvPqmcuEcmMosWo+SIjYhbP3S6KD49aLC1X0kz8IBQeauFvURhkZ5ZjhA1L4aQYt9NjL73nqOl8PplRui+Ov5w8b4ldul4zOvYAFrzfcP6wnnXk3c1Zzwwf5wynD5jakO8GpYKBuhM7Z4crzkKSQjU3hla7xqgfomC5Gz4XbR2TNjcQiRrJQ0UlKtX3X3ObRCEhuvG0Kzjklhv+Ddw6txrhKjMjiSi/Yyius/AE8TmC1p4U= host.example.com
-`),
-}
-
-var PEMEncryptedKeys = []struct {
-	Name          string
-	EncryptionKey string
-	PEMBytes      []byte
-}{
-	0: {
-		Name:          "rsa-encrypted",
-		EncryptionKey: "r54-G0pher_t3st$",
-		PEMBytes: []byte(`-----BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: AES-128-CBC,3E1714DE130BC5E81327F36564B05462
-
-MqW88sud4fnWk/Jk3fkjh7ydu51ZkHLN5qlQgA4SkAXORPPMj2XvqZOv1v2LOgUV
-dUevUn8PZK7a9zbZg4QShUSzwE5k6wdB7XKPyBgI39mJ79GBd2U4W3h6KT6jIdWA
-goQpluxkrzr2/X602IaxLEre97FT9mpKC6zxKCLvyFWVIP9n3OSFS47cTTXyFr+l
-7PdRhe60nn6jSBgUNk/Q1lAvEQ9fufdPwDYY93F1wyJ6lOr0F1+mzRrMbH67NyKs
-rG8J1Fa7cIIre7ueKIAXTIne7OAWqpU9UDgQatDtZTbvA7ciqGsSFgiwwW13N+Rr
-hN8MkODKs9cjtONxSKi05s206A3NDU6STtZ3KuPDjFE1gMJODotOuqSM+cxKfyFq
-wxpk/CHYCDdMAVBSwxb/vraOHamylL4uCHpJdBHypzf2HABt+lS8Su23uAmL87DR
-yvyCS/lmpuNTndef6qHPRkoW2EV3xqD3ovosGf7kgwGJUk2ZpCLVteqmYehKlZDK
-r/Jy+J26ooI2jIg9bjvD1PZq+Mv+2dQ1RlDrPG3PB+rEixw6vBaL9x3jatCd4ej7
-XG7lb3qO9xFpLsx89tkEcvpGR+broSpUJ6Mu5LBCVmrvqHjvnDhrZVz1brMiQtU9
-iMZbgXqDLXHd6ERWygk7OTU03u+l1gs+KGMfmS0h0ZYw6KGVLgMnsoxqd6cFSKNB
-8Ohk9ZTZGCiovlXBUepyu8wKat1k8YlHSfIHoRUJRhhcd7DrmojC+bcbMIZBU22T
-Pl2ftVRGtcQY23lYd0NNKfebF7ncjuLWQGy+vZW+7cgfI6wPIbfYfP6g7QAutk6W
-KQx0AoX5woZ6cNxtpIrymaVjSMRRBkKQrJKmRp3pC/lul5E5P2cueMs1fj4OHTbJ
-lAUv88ywr+R+mRgYQlFW/XQ653f6DT4t6+njfO9oBcPrQDASZel3LjXLpjjYG/N5
-+BWnVexuJX9ika8HJiFl55oqaKb+WknfNhk5cPY+x7SDV9ywQeMiDZpr0ffeYAEP
-LlwwiWRDYpO+uwXHSFF3+JjWwjhs8m8g99iFb7U93yKgBB12dCEPPa2ZeH9wUHMJ
-sreYhNuq6f4iWWSXpzN45inQqtTi8jrJhuNLTT543ErW7DtntBO2rWMhff3aiXbn
-Uy3qzZM1nPbuCGuBmP9L2dJ3Z5ifDWB4JmOyWY4swTZGt9AVmUxMIKdZpRONx8vz
-I9u9nbVPGZBcou50Pa0qTLbkWsSL94MNXrARBxzhHC9Zs6XNEtwN7mOuii7uMkVc
-adrxgknBH1J1N+NX/eTKzUwJuPvDtA+Z5ILWNN9wpZT/7ed8zEnKHPNUexyeT5g3
-uw9z9jH7ffGxFYlx87oiVPHGOrCXYZYW5uoZE31SCBkbtNuffNRJRKIFeipmpJ3P
-7bpAG+kGHMelQH6b+5K1Qgsv4tpuSyKeTKpPFH9Av5nN4P1ZBm9N80tzbNWqjSJm
-S7rYdHnuNEVnUGnRmEUMmVuYZnNBEVN/fP2m2SEwXcP3Uh7TiYlcWw10ygaGmOr7
-MvMLGkYgQ4Utwnd98mtqa0jr0hK2TcOSFir3AqVvXN3XJj4cVULkrXe4Im1laWgp
-----END RSA PRIVATE KEY-----
-`),
-	},
-
-	1: {
-		Name:          "dsa-encrypted",
-		EncryptionKey: "qG0pher-dsa_t3st$",
-		PEMBytes: []byte(`-----BEGIN DSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: AES-128-CBC,7CE7A6E4A647DC01AF860210B15ADE3E
-
-hvnBpI99Hceq/55pYRdOzBLntIEis02JFNXuLEydWL+RJBFDn7tA+vXec0ERJd6J
-G8JXlSOAhmC2H4uK3q2xR8/Y3yL95n6OIcjvCBiLsV+o3jj1MYJmErxP6zRtq4w3
-JjIjGHWmaYFSxPKQ6e8fs74HEqaeMV9ONUoTtB+aISmgaBL15Fcoayg245dkBvVl
-h5Kqspe7yvOBmzA3zjRuxmSCqKJmasXM7mqs3vIrMxZE3XPo1/fWKcPuExgpVQoT
-HkJZEoIEIIPnPMwT2uYbFJSGgPJVMDT84xz7yvjCdhLmqrsXgs5Qw7Pw0i0c0BUJ
-b7fDJ2UhdiwSckWGmIhTLlJZzr8K+JpjCDlP+REYBI5meB7kosBnlvCEHdw2EJkH
-0QDc/2F4xlVrHOLbPRFyu1Oi2Gvbeoo9EsM/DThpd1hKAlb0sF5Y0y0d+owv0PnE
-R/4X3HWfIdOHsDUvJ8xVWZ4BZk9Zk9qol045DcFCehpr/3hslCrKSZHakLt9GI58
-vVQJ4L0aYp5nloLfzhViZtKJXRLkySMKdzYkIlNmW1oVGl7tce5UCNI8Nok4j6yn
-IiHM7GBn+0nJoKTXsOGMIBe3ulKlKVxLjEuk9yivh/8=
-----END DSA PRIVATE KEY-----
-`),
-	},
-}
--- a/vendor/golang.org/x/crypto/ssh/testdata_test.go
+++ b/vendor/golang.org/x/crypto/ssh/testdata_test.go
@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

-// IMPLEMENTATION NOTE: To avoid a package loop, this file is in three places:
+// IMPLEMENTOR NOTE: To avoid a package loop, this file is in three places:
 // ssh/, ssh/agent, and ssh/test/. It should be kept in sync across all three
 // instances.

--- a/vendor/golang.org/x/crypto/ssh/transport.go
+++ b/vendor/golang.org/x/crypto/ssh/transport.go
@ -8,17 +8,10 @@ import (
 	"bufio"
 	"errors"
 	"io"
-	"log"
 )

-// debugTransport if set, will print packet types as they go over the
-// wire. No message decoding is done, to minimize the impact on timing.
-const debugTransport = false
-
 const (
-	gcmCipherID    = "aes128-gcm@openssh.com"
-	aes128cbcID    = "aes128-cbc"
-	tripledescbcID = "3des-cbc"
+	gcmCipherID = "aes128-gcm@openssh.com"
 )

 // packetConn represents a transport that implements packet based
@ -27,9 +20,7 @@ type packetConn interface {
 	// Encrypt and send a packet of data to the remote peer.
 	writePacket(packet []byte) error

-	// Read a packet from the connection. The read is blocking,
-	// i.e. if error is nil, then the returned byte slice is
-	// always non-empty.
+	// Read a packet from the connection
 	readPacket() ([]byte, error)

 	// Close closes the write-side of the connection.
@ -45,8 +36,21 @@ type transport struct {
 	bufReader *bufio.Reader
 	bufWriter *bufio.Writer
 	rand      io.Reader
-	isClient  bool
+
 	io.Closer
+
+	// Initial H used for the session ID. Once assigned this does
+	// not change, even during subsequent key exchanges.
+	sessionID []byte
+}
+
+// getSessionID returns the ID of the SSH connection. The return value
+// should not be modified.
+func (t *transport) getSessionID() []byte {
+	if t.sessionID == nil {
+		panic("session ID not set yet")
+	}
+	return t.sessionID
 }

 // packetCipher represents a combination of SSH encryption/MAC
@ -76,6 +80,12 @@ type connectionState struct {
 // both directions are triggered by reading and writing a msgNewKey packet
 // respectively.
 func (t *transport) prepareKeyChange(algs *algorithms, kexResult *kexResult) error {
+	if t.sessionID == nil {
+		t.sessionID = kexResult.H
+	}
+
+	kexResult.SessionID = t.sessionID
+
 	if ciph, err := newPacketCipher(t.reader.dir, algs.r, kexResult); err != nil {
 		return err
 	} else {
@ -91,38 +101,9 @@ func (t *transport) prepareKeyChange(algs *algorithms, kexResult *kexResult) err
 	return nil
 }

-func (t *transport) printPacket(p []byte, write bool) {
-	if len(p) == 0 {
-		return
-	}
-	who := "server"
-	if t.isClient {
-		who = "client"
-	}
-	what := "read"
-	if write {
-		what = "write"
-	}
-
-	log.Println(what, who, p[0])
-}
-
 // Read and decrypt next packet.
-func (t *transport) readPacket() (p []byte, err error) {
-	for {
-		p, err = t.reader.readPacket(t.bufReader)
-		if err != nil {
-			break
-		}
-		if len(p) == 0 || (p[0] != msgIgnore && p[0] != msgDebug) {
-			break
-		}
-	}
-	if debugTransport {
-		t.printPacket(p, false)
-	}
-
-	return p, err
+func (t *transport) readPacket() ([]byte, error) {
+	return t.reader.readPacket(t.bufReader)
 }

 func (s *connectionState) readPacket(r *bufio.Reader) ([]byte, error) {
@ -132,27 +113,12 @@ func (s *connectionState) readPacket(r *bufio.Reader) ([]byte, error) {
 		err = errors.New("ssh: zero length packet")
 	}

-	if len(packet) > 0 {
-		switch packet[0] {
-		case msgNewKeys:
-			select {
-			case cipher := <-s.pendingKeyChange:
-				s.packetCipher = cipher
-			default:
-				return nil, errors.New("ssh: got bogus newkeys message.")
-			}
-
-		case msgDisconnect:
-			// Transform a disconnect message into an
-			// error. Since this is lowest level at which
-			// we interpret message types, doing it here
-			// ensures that we don't have to handle it
-			// elsewhere.
-			var msg disconnectMsg
-			if err := Unmarshal(packet, &msg); err != nil {
-				return nil, err
-			}
-			return nil, &msg
+	if len(packet) > 0 && packet[0] == msgNewKeys {
+		select {
+		case cipher := <-s.pendingKeyChange:
+			s.packetCipher = cipher
+		default:
+			return nil, errors.New("ssh: got bogus newkeys message.")
 		}
 	}

@ -165,9 +131,6 @@ func (s *connectionState) readPacket(r *bufio.Reader) ([]byte, error) {
 }

 func (t *transport) writePacket(packet []byte) error {
-	if debugTransport {
-		t.printPacket(packet, true)
-	}
 	return t.writer.writePacket(t.bufWriter, t.rand, packet)
 }

@ -208,8 +171,6 @@ func newTransport(rwc io.ReadWriteCloser, rand io.Reader, isClient bool) *transp
 		},
 		Closer: rwc,
 	}
-	t.isClient = isClient
-
 	if isClient {
 		t.reader.dir = serverKeys
 		t.writer.dir = clientKeys
@ -257,17 +218,8 @@ func newPacketCipher(d direction, algs directionAlgorithms, kex *kexResult) (pac
 		return newGCMCipher(iv, key, macKey)
 	}

-	if algs.Cipher == aes128cbcID {
-		return newAESCBCCipher(iv, key, macKey, algs)
-	}
-
-	if algs.Cipher == tripledescbcID {
-		return newTripleDESCBCCipher(iv, key, macKey, algs)
-	}
-
 	c := &streamPacketCipher{
 		mac: macModes[algs.MAC].new(macKey),
-		etm: macModes[algs.MAC].etm,
 	}
 	c.macResult = make([]byte, c.mac.Size())