From b6b8b48e2202e1c21c6b475a5673f8152c279e0b Mon Sep 17 00:00:00 2001 From: Louis Abel Date: Wed, 4 Jan 2023 00:44:29 -0700 Subject: [PATCH] add openssh tests --- func/core/pkg_openssh/00-install-openssh.sh | 3 ++ func/core/pkg_openssh/01-test-ssh-listen.sh | 5 ++++ func/core/pkg_openssh/10-test-login.sh | 16 +++++++++++ func/core/pkg_openssh/11-test-key.sh | 32 +++++++++++++++++++++ 4 files changed, 56 insertions(+) create mode 100755 func/core/pkg_openssh/00-install-openssh.sh create mode 100755 func/core/pkg_openssh/01-test-ssh-listen.sh create mode 100755 func/core/pkg_openssh/10-test-login.sh create mode 100755 func/core/pkg_openssh/11-test-key.sh diff --git a/func/core/pkg_openssh/00-install-openssh.sh b/func/core/pkg_openssh/00-install-openssh.sh new file mode 100755 index 0000000..e6ab5b3 --- /dev/null +++ b/func/core/pkg_openssh/00-install-openssh.sh @@ -0,0 +1,3 @@ +#!/bin/bash +r_log "openssh" "Install openssh" +p_installPackageNormal openssh-clients openssh-server sshpass diff --git a/func/core/pkg_openssh/01-test-ssh-listen.sh b/func/core/pkg_openssh/01-test-ssh-listen.sh new file mode 100755 index 0000000..5bd1212 --- /dev/null +++ b/func/core/pkg_openssh/01-test-ssh-listen.sh @@ -0,0 +1,5 @@ +#!/bin/bash +r_log "openssh" "Ensure ssh is listening" + +echo "" > /dev/tcp/localhost/22 +r_checkExitStatus $? diff --git a/func/core/pkg_openssh/10-test-login.sh b/func/core/pkg_openssh/10-test-login.sh new file mode 100755 index 0000000..5ccffdf --- /dev/null +++ b/func/core/pkg_openssh/10-test-login.sh @@ -0,0 +1,16 @@ +#!/bin/bash +r_log "openssh" "Testing basic login (using sshpass)" + +if sshd -T | grep -q "passwordauthentication yes"; then + r_log "openssh" "Creating test user" + SSHPASS="Blu30nyx!" + useradd sshpasstest + echo "${SSHPASS}" | passwd --stdin sshpasstest + r_log "openssh" "Testing login" + sshpass -e ssh sshpasstest@localhost echo 'hello' + r_checkExitStatus $? + userdel -rf sshpasstest +else + r_log "openssh" "Skipping test" + exit 0 +fi diff --git a/func/core/pkg_openssh/11-test-key.sh b/func/core/pkg_openssh/11-test-key.sh new file mode 100755 index 0000000..61c0d52 --- /dev/null +++ b/func/core/pkg_openssh/11-test-key.sh @@ -0,0 +1,32 @@ +#!/bin/bash +r_log "openssh" "Testing key login (using sshpass)" + +case $RL_VER in + 8) + KEYTYPES="rsa ecdsa ed25519" + ;; + 9) + KEYTYPES="rsa ecdsa ed25519" + ;; + *) + KEYTYPES="ed25519" + ;; +esac + +r_log "openssh" "Creating test user" +useradd sshkeytest +echo "Blu30nyx!" | passwd --stdin sshkeytest + +for KEYTYPE in $KEYTYPES; do + r_log "openssh" "Creating key: ${KEYTYPE}" + runuser -l sshkeytest -c "echo | ssh-keygen -q -t ${KEYTYPE} -b 4096 -f ~/.ssh/id_${KEYTYPE}" > /dev/null + runuser -l sshkeytest -c "cat ~/.ssh/*pub > ~/.ssh/authorized_keys && chmod 600 ~/.ssh/*keys" > /dev/null + STRINGTEST=$(mktemp -u) + echo "${STRINGTEST}" > /home/sshkeytest/test_file + r_log "openssh" "Testing key: ${KEYTYPE}" + runuser -l sshkeytest -c "ssh -i ~/.ssh/id_${KEYTYPE} localhost | grep -q ${STRINGTEST} /home/sshkeytest/test_file" + ret_val=$? + r_checkExitStatus $ret_val +done + +userdel -rf sshkeytest