aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJon Simons <jon@jonsimons.org>2018-06-18 18:57:51 -0400
committerJon Simons <jon@jonsimons.org>2018-06-27 19:42:37 -0700
commitadc817cf138bd930fedd01672eed043343bc2775 (patch)
tree53437f18748c2e5e02b8e2bc8f590590881d8454
parent787a64939035e60358c7ff25df2e8da67928a823 (diff)
downloadlibssh-adc817cf138bd930fedd01672eed043343bc2775.tar.gz
libssh-adc817cf138bd930fedd01672eed043343bc2775.tar.xz
libssh-adc817cf138bd930fedd01672eed043343bc2775.zip
pkd: specify PubkeyAcceptedTypes for OpenSSH client
As of OpenSSH 6.9, support for `ssh-dss` user keys is disabled by default at runtime. Specify an explicit `-o PubkeyAcceptedKeyTYpes` in the pkd tests to explicitly enable each user key type being tested, including `ssh-dss`. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--tests/pkd/pkd_client.h15
1 files changed, 14 insertions, 1 deletions
diff --git a/tests/pkd/pkd_client.h b/tests/pkd/pkd_client.h
index 13909a66..4f9b48b4 100644
--- a/tests/pkd/pkd_client.h
+++ b/tests/pkd/pkd_client.h
@@ -15,18 +15,23 @@
#define OPENSSH_BINARY "ssh"
#define OPENSSH_KEYGEN "ssh-keygen"
-#define OPENSSH_HOSTKEY_ALGOS_DEFAULT "ssh-rsa"
+#define OPENSSH_HOSTKEY_ALGOS_DEFAULT "ssh-ed25519,ssh-rsa"
+#define OPENSSH_PKACCEPTED_DEFAULT "ssh-ed25519,ssh-rsa"
#if HAVE_ECC
#define OPENSSH_HOSTKEY_ALGOS_ECDSA ",ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"
+#define OPENSSH_PKACCEPTED_ECDSA ",ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"
#else /* HAVE_ECC */
#define OPENSSH_HOSTKEY_ALGOS_ECDSA ""
+#define OPENSSH_PKACCEPTED_ECDSA ""
#endif /* HAVE_ECC */
#if HAVE_DSA
#define OPENSSH_HOSTKEY_ALGOS_DSA ",ssh-dss"
+#define OPENSSH_PKACCEPTED_DSA ",ssh-dss"
#else /* HAVE_DSA */
#define OPENSSH_HOSTKEY_ALGOS_DSA ""
+#define OPENSSH_PKACCEPTED_DSA ""
#endif /* HAVE_DSA */
#define OPENSSH_HOSTKEY_ALGOS \
@@ -35,11 +40,19 @@
OPENSSH_HOSTKEY_ALGOS_ECDSA \
OPENSSH_HOSTKEY_ALGOS_DSA
+#define OPENSSH_PKACCEPTED_TYPES \
+ "-o PubkeyAcceptedKeyTypes=" \
+ OPENSSH_PKACCEPTED_DEFAULT \
+ OPENSSH_PKACCEPTED_ECDSA \
+ OPENSSH_PKACCEPTED_DSA
+
#define OPENSSH_CMD_START \
OPENSSH_BINARY " " \
"-o UserKnownHostsFile=/dev/null " \
"-o StrictHostKeyChecking=no " \
+ "-F /dev/null " \
OPENSSH_HOSTKEY_ALGOS " " \
+ OPENSSH_PKACCEPTED_TYPES " " \
"-i " CLIENT_ID_FILE " " \
"1> %s.out " \
"2> %s.err " \