diff options
author | Jon Simons <jon@jonsimons.org> | 2018-06-15 18:45:43 -0400 |
---|---|---|
committer | Jon Simons <jon@jonsimons.org> | 2018-06-27 19:42:33 -0700 |
commit | 787a64939035e60358c7ff25df2e8da67928a823 (patch) | |
tree | 0b5ad6f8818b35cf324bdf9832308a2ee543500b | |
parent | 54690e6cddeab1f0349f74885e4cfbc901b1ad01 (diff) | |
download | libssh-787a64939035e60358c7ff25df2e8da67928a823.tar.gz libssh-787a64939035e60358c7ff25df2e8da67928a823.tar.xz libssh-787a64939035e60358c7ff25df2e8da67928a823.zip |
pkd: specify HostKeyAlgorithms for OpenSSH client
As of OpenSSH 6.9, support for `ssh-dss` host keys is disabled by default
at runtime. Specify an explicit `-o HostKeyAlgorithms` in the pkd tests
to explicitly enable each host key type being tested, including `ssh-dss`.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r-- | tests/pkd/pkd_client.h | 37 |
1 files changed, 30 insertions, 7 deletions
diff --git a/tests/pkd/pkd_client.h b/tests/pkd/pkd_client.h index c4a8a601..13909a66 100644 --- a/tests/pkd/pkd_client.h +++ b/tests/pkd/pkd_client.h @@ -2,24 +2,47 @@ * pkd_client.h -- macros for generating client-specific command * invocations for use with pkd testing * - * (c) 2014 Jon Simons + * (c) 2014, 2018 Jon Simons <jon@jonsimons.org> */ #ifndef __PKD_CLIENT_H__ #define __PKD_CLIENT_H__ +#include "config.h" + /* OpenSSH */ #define OPENSSH_BINARY "ssh" #define OPENSSH_KEYGEN "ssh-keygen" +#define OPENSSH_HOSTKEY_ALGOS_DEFAULT "ssh-rsa" + +#if HAVE_ECC +#define OPENSSH_HOSTKEY_ALGOS_ECDSA ",ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521" +#else /* HAVE_ECC */ +#define OPENSSH_HOSTKEY_ALGOS_ECDSA "" +#endif /* HAVE_ECC */ + +#if HAVE_DSA +#define OPENSSH_HOSTKEY_ALGOS_DSA ",ssh-dss" +#else /* HAVE_DSA */ +#define OPENSSH_HOSTKEY_ALGOS_DSA "" +#endif /* HAVE_DSA */ + +#define OPENSSH_HOSTKEY_ALGOS \ + "-o HostKeyAlgorithms=" \ + OPENSSH_HOSTKEY_ALGOS_DEFAULT \ + OPENSSH_HOSTKEY_ALGOS_ECDSA \ + OPENSSH_HOSTKEY_ALGOS_DSA + #define OPENSSH_CMD_START \ - OPENSSH_BINARY " " \ - "-o UserKnownHostsFile=/dev/null " \ - "-o StrictHostKeyChecking=no " \ - "-i " CLIENT_ID_FILE " " \ - "1> %s.out " \ - "2> %s.err " \ + OPENSSH_BINARY " " \ + "-o UserKnownHostsFile=/dev/null " \ + "-o StrictHostKeyChecking=no " \ + OPENSSH_HOSTKEY_ALGOS " " \ + "-i " CLIENT_ID_FILE " " \ + "1> %s.out " \ + "2> %s.err " \ "-vvv " #define OPENSSH_CMD_END "-p 1234 localhost ls" |