Add key_exchanges, ciphers and macs to SSH executor

• Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA. As a benefit of being a GitLab Community Contributor, you can request access to GitLab Duo.

What does this MR do?

Add key_exchanges, ciphers and macs parameters to SSH executor config

Why was this MR needed?

Fixed SSH executor connecting the lower version SSH servers. e.g.

failed to dial: ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha256 diffie-hellman-group14-sha1 ext-info-c kex-strict-c-v00@openssh.com], server offered: [diffie-hellman-group-exchange-sha1 diffie-hellman-group1-sha1]

The key exchanges algorithms of the lower version SSH server, such as diffie-hellman-group-exchange-sha1 and diffie-hellman-group1-sha1, had been disabled in the library golang.org/x/crypto/ssh, which causes SSH executor fails to connect the lower version SSH servers.

What's the best way to test this MR?

For the runner config:

...
[[runners]]
  ...
  executor = "ssh"
  ...
  [runners.ssh]
    user = "<SSH user>"
    host = "<SSH host IP or domain>"
    port = "<SSH hort>"
    password = "<SSH password>"
    disable_strict_host_key_checking = true
    key_exchanges = [
      "curve25519-sha256",
      "ecdh-sha2-nistp256",
      "ecdh-sha2-nistp384",
      "ecdh-sha2-nistp521",
      "diffie-hellman-group14-sha256",
      "diffie-hellman-group14-sha1",
      "ext-info-c",
      "kex-strict-c-v00@openssh.com",
      "diffie-hellman-group-exchange-sha1",
      "diffie-hellman-group1-sha1"
    ]

To emulate the lower version SSH server on Linux, modify /etc/ssh/sshd_config :

KexAlgorithms diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1