File: 05authorizedkeys

package info (click to toggle)
tinyssh 20190101-1
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 2,188 kB
  • sloc: ansic: 11,914; sh: 1,005; python: 385; makefile: 18
file content (86 lines) | stat: -rw-r--r-- 2,317 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
#!/bin/sh
# 20181028
# Jan Mojzis
# Public domain.

# change directory to $AUTOPKGTEST_TMP
cd "${AUTOPKGTEST_TMP}"

# we need tools from /usr/sbin
PATH="/usr/sbin:${PATH}"
export PATH

# backup ~/.ssh
rm -rf ~/.ssh.tinysshtest.bk
[ -d ~/.ssh ] && mv ~/.ssh ~/.ssh.tinysshtest.bk
mkdir -p ~/.ssh
chmod 700 ~/.ssh

# run tinysshd on port 10000
rm -rf sshkeydir
tinysshd-makekey -q sshkeydir
tcpserver -HRDl0 127.0.0.1 10000 tinysshd -- sshkeydir &
tcpserverpid=$!

cleanup() {
  ex=$?
  rm -rf ~/.ssh sshkeydir
  [ -d ~/.ssh.tinysshtest.bk ] && mv ~/.ssh.tinysshtest.bk ~/.ssh
  #kill tcpserver
  kill -TERM "${tcpserverpid}" 1>/dev/null 2>/dev/null || :
  kill -KILL "${tcpserverpid}" 1>/dev/null 2>/dev/null || :
  exit "${ex}"
}
trap "cleanup" EXIT TERM INT

# create authorization keys
ssh-keygen -t ed25519 -q -N '' -f ~/.ssh/id_ed25519 || exit 2

KEYTYPE=`cut -d ' ' -f1 < ~/.ssh/id_ed25519.pub`
KEY=`cut -d ' ' -f2 < ~/.ssh/id_ed25519.pub`
REST=`cut -d ' ' -f3- < ~/.ssh/id_ed25519.pub`

# now create malformed lines in authorization_keys
# login MUST FAIL
(
  #extra space before key-type
  echo " ${KEYTYPE} ${KEY} ${REST}"
  #extra space after key-type
  echo "${KEYTYPE}  ${KEY} ${REST}"
  #extra character before key-type
  echo "a${KEYTYPE} ${KEY} ${REST}"
  #extra character after key-type
  echo "${KEYTYPE}a ${KEY} ${REST}"
  #extra character before key
  echo "${KEYTYPE} a${KEY} ${REST}"
  #extra character after key
  echo "${KEYTYPE} ${KEY}a ${REST}"
) > ~/.ssh/authorized_keys
(
  echo "malformed authorization_keys:"
  cat ~/.ssh/authorized_keys >&2
  echo
) >&2

ssh -o StrictHostKeyChecking=no -p 10000 127.0.0.1 'exit 0'
exitcode=$?
if [ "${exitcode}" -eq 0 ]; then
  echo "ssh 127.0.0.1:10000 login using malformed authorized_keys succeeded, too bad" >&2
  exit 3
else
  echo "ssh 127.0.0.1:10000 login using malformed authorized_keys failed, this is correct behavior" >&2
fi

# now add correct line to authorized_keys
echo "${KEYTYPE} ${KEY}" >> ~/.ssh/authorized_keys

ssh -o StrictHostKeyChecking=no -p 10000 127.0.0.1 'exit 0'
exitcode=$?
if [ ! "${exitcode}" -eq 0 ]; then
  echo "ssh 127.0.0.1:10000 login using correct authorized_keys failed, too bad" >&2
  exit 4
else
  echo "ssh 127.0.0.1:10000 login using correct authorized_keys succeeded, this is correct behavior" >&2
fi

exit 0