SSH transport should support other use cases (validate fingerprints, keys, agents, etc.) for security

[NattyNarwhal]

Is your feature request related to a problem? Please describe.
The SSH transport doesn't check fingerprints and other non-trivial SSH use cases.

Describe the solution you'd like
The toolkit should support other use cases (validate fingerprints, keys, agents, etc.) for security. Being able to trust a fingerprint would make attackers' lives harder, for instance.

Describe alternatives you've considered
The toolkit gets passed an object with state and handlers defined already, like the Python toolkit needs a Paramiko session object instead of making one for you.

Additional context
I'm developing the SSH feature for the PHP toolkit, so it would be wise to have both parity and security features be consistent.

[abmusse]

Describe alternatives you've considered
The toolkit gets passed an object with state and handlers defined already, like the Python toolkit needs a Paramiko session object instead of making one for you.

PR #314 adds support for passing an existing odbc and idb-connector objects for those transports. Being able to pass in a ssh client object instead of creating one for the ssh transport makes sense too.

[abmusse]

Found some ssh2 connect config options that would help verify the host key and pass in an ssh agent. In theory this should work with the existing code just need pass this along these confis options on the Connection.transport options object. Still need to test these options out to confirm things are working properly.

hostHash - string - Any valid hash algorithm supported by node. The host's key is hashed using this
algorithm and passed to the hostVerifier function as a hex string. Default: (none)

hostVerifier - function - Function with parameters (hashedKey[, callback]) where hashedKey is a string
hex hash of the host's key for verification purposes. Return true to continue with the handshake or false
to reject and disconnect, or call callback() with true or false if you need to perform asynchronous 
verification. Default: (auto-accept if hostVerifier is not set)

...

agent - string - Path to ssh-agent's UNIX socket for ssh-agent-based user authentication. 
Windows users: set to 'pageant' for authenticating with Pageant or (actual) path to a cygwin 
"UNIX socket." Default: (none)

agentForward - boolean - Set to true to use OpenSSH agent forwarding (auth-agent@openssh.com)
for the life of the connection. agent must also be set to use this feature. Default: false

[github-actions]

👋 Hi! This issue has been marked stale due to inactivity. If no further activity occurs, it will automatically be closed.

[abmusse]

Example of host fingerprint verification:

mscdex/ssh2#985 (comment)
mscdex/ssh2#985 (comment)

We could add some wrappers in this lib to make it easier user just passes in the public key (base64) and we can setup the required configuration.