systemd/test/units/TEST-74-AUX-UTILS.ssh.sh

#!/usr/bin/env bash
# SPDX-License-Identifier: LGPL-2.1-or-later
set -eux
set -o pipefail

if ! command -v ssh &> /dev/null || ! command -v sshd &> /dev/null ; then
    echo "ssh/sshd not found, skipping test." >&2
    exit 0
fi

systemctl -q is-active sshd-unix-local.socket

if test -e /dev/vsock ; then
    systemctl -q is-active sshd-vsock.socket
fi

if test -d /run/host/unix-export ; then
    systemctl -q is-active sshd-unix-export.socket
fi

# FIXME: sshd seems to crash inside asan currently, skip the actual ssh test hence
if [[ -v ASAN_OPTIONS ]] ; then
    exit 0
fi

ROOTID=$(mktemp -u)

removesshid() {
    rm -f "$ROOTID" "$ROOTID".pub
}

ssh-keygen -N '' -C '' -t rsa -f "$ROOTID"

mkdir -p 0700 /root/.ssh
# Add a newline in case authorized_keys wasn't terminated correctly.
echo >>/root/.ssh/authorized_keys
cat "$ROOTID".pub >>/root/.ssh/authorized_keys

# set root pw to "foo", just to set it to something valid
# shellcheck disable=SC2016
usermod -p '$5$AAy6BYJ6rzz.QELv$6LpVEU3/RQmVz.svHu/33qoJWWWzZuJ3DM2fo9JgcUD' root
usermod -U root

mkdir -p /etc/ssh
test -f /etc/ssh/ssh_host_rsa_key || ssh-keygen -t rsa -C '' -N '' -f /etc/ssh/ssh_host_rsa_key
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
echo "LogLevel DEBUG3" >> /etc/ssh/sshd_config

test -f /etc/ssh/ssh_config || {
    echo 'Include /etc/ssh/ssh_config.d/*.conf'
    echo 'Include /usr/etc/ssh/ssh_config.d/*.conf'
} >/etc/ssh/ssh_config

# ssh wants this dir around, but distros cannot agree on a common name for it, let's just create all that are aware of distros use
mkdir -p /usr/share/empty.sshd /var/empty /var/empty/sshd /run/sshd

ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" .host cat /etc/machine-id | cmp - /etc/machine-id
ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" unix/run/ssh-unix-local/socket cat /etc/machine-id | cmp - /etc/machine-id
ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" machine/.host cat /etc/machine-id | cmp - /etc/machine-id

modprobe vsock_loopback ||:
if test -e /dev/vsock -a -d /sys/module/vsock_loopback ; then
    ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" vsock/1 cat /etc/machine-id | cmp - /etc/machine-id
fi
test: add testcase for ssh generator 2024-01-10 11:28:23 +01:00			`#!/usr/bin/env bash`
			`# SPDX-License-Identifier: LGPL-2.1-or-later`
			`set -eux`
			`set -o pipefail`

			`if ! command -v ssh &> /dev/null \|\| ! command -v sshd &> /dev/null ; then`
			`echo "ssh/sshd not found, skipping test." >&2`
			`exit 0`
			`fi`

			`systemctl -q is-active sshd-unix-local.socket`

			`if test -e /dev/vsock ; then`
			`systemctl -q is-active sshd-vsock.socket`
			`fi`

			`if test -d /run/host/unix-export ; then`
			`systemctl -q is-active sshd-unix-export.socket`
			`fi`

			`# FIXME: sshd seems to crash inside asan currently, skip the actual ssh test hence`
			`if [[ -v ASAN_OPTIONS ]] ; then`
			`exit 0`
			`fi`

			`ROOTID=$(mktemp -u)`

			`removesshid() {`
			`rm -f "$ROOTID" "$ROOTID".pub`
			`}`

			`ssh-keygen -N '' -C '' -t rsa -f "$ROOTID"`

			`mkdir -p 0700 /root/.ssh`
TEST-74-AUX-UTILS: Support credential-provided root SSH public key When root authorized keys are provided by mkosi they are not newline-terminated so appending a public key to the file results in a corrupt key, so just to be safe we add an empty line. 2024-02-22 13:01:13 +00:00			`# Add a newline in case authorized_keys wasn't terminated correctly.`
			`echo >>/root/.ssh/authorized_keys`
			`cat "$ROOTID".pub >>/root/.ssh/authorized_keys`
test: add testcase for ssh generator 2024-01-10 11:28:23 +01:00
			`# set root pw to "foo", just to set it to something valid`
			`# shellcheck disable=SC2016`
			`usermod -p '$5$AAy6BYJ6rzz.QELv$6LpVEU3/RQmVz.svHu/33qoJWWWzZuJ3DM2fo9JgcUD' root`
			`usermod -U root`

			`mkdir -p /etc/ssh`
			`test -f /etc/ssh/ssh_host_rsa_key \|\| ssh-keygen -t rsa -C '' -N '' -f /etc/ssh/ssh_host_rsa_key`
			`echo "PermitRootLogin yes" >> /etc/ssh/sshd_config`
			`echo "LogLevel DEBUG3" >> /etc/ssh/sshd_config`

test: fix TEST-74-AUX-UTILS.ssh.sh on SUSE 2024-07-02 18:55:17 +02:00			`test -f /etc/ssh/ssh_config \|\| {`
			`echo 'Include /etc/ssh/ssh_config.d/*.conf'`
			`echo 'Include /usr/etc/ssh/ssh_config.d/*.conf'`
			`} >/etc/ssh/ssh_config`
test: add testcase for ssh generator 2024-01-10 11:28:23 +01:00
			`# ssh wants this dir around, but distros cannot agree on a common name for it, let's just create all that are aware of distros use`
test74: create ssh empty dir all at the same place A follow up for 8fddb50fd4de43993c4906baf19dae89ff8a021b, which mirrors the change also in test 74. 2024-03-01 15:10:56 +01:00			`mkdir -p /usr/share/empty.sshd /var/empty /var/empty/sshd /run/sshd`
test: add testcase for ssh generator 2024-01-10 11:28:23 +01:00
			`ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" .host cat /etc/machine-id \| cmp - /etc/machine-id`
			`ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" unix/run/ssh-unix-local/socket cat /etc/machine-id \| cmp - /etc/machine-id`
test: add some superficial integration tests 2024-05-23 23:19:12 +02:00			`ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" machine/.host cat /etc/machine-id \| cmp - /etc/machine-id`
test: add testcase for ssh generator 2024-01-10 11:28:23 +01:00
			`modprobe vsock_loopback \|\|:`
			`if test -e /dev/vsock -a -d /sys/module/vsock_loopback ; then`
			`ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" vsock/1 cat /etc/machine-id \| cmp - /etc/machine-id`
			`fi`