+# FIXME: should we run "diagnostics" here to test setup?
+
+
+######################################################################
+### SERVER AUTHENTICATION SETUP
+
+# set up monkeysphere authentication
+echo "##################################################"
+echo "### setup monkeysphere authentication..."
+cp "$TESTDIR"/etc/monkeysphere/monkeysphere-authentication.conf "$TEMPDIR"/
+cat <<EOF >> "$TEMPDIR"/monkeysphere-authentication.conf
+AUTHORIZED_USER_IDS="$MONKEYSPHERE_HOME/authorized_user_ids"
+EOF
+monkeysphere-authentication setup
+get_gpg_prng_arg >> "$MONKEYSPHERE_SYSDATADIR"/authentication/sphere/gpg.conf
+
+# add admin as identity certifier for testhost
+echo "##################################################"
+echo "### adding admin as certifier..."
+monkeysphere-authentication add-id-certifier -y "$TEMPDIR"/admin/.gnupg/pubkey.gpg
+
+# FIXME: should we run "diagnostics" here to test setup?
+
+
+######################################################################
+### TESTUSER SETUP
+
+# generate an auth subkey for the test user that expires in 2 days
+echo "##################################################"
+echo "### generating key for testuser..."
+monkeysphere gen-subkey --expire 2
+
+# add server key to testuser keychain
+echo "##################################################"
+echo "### export server key to testuser..."
+gpgadmin --armor --export "$HOSTKEYID" | gpg --import
+
+# teach the "server" about the testuser's key
+echo "##################################################"
+echo "### export testuser key to server..."
+gpg --export testuser | monkeysphere-authentication expert gpg-cmd --import
+
+# update authorized_keys for user
+echo "##################################################"
+echo "### update server authorized_keys file for this testuser..."
+monkeysphere-authentication update-users $(whoami)
+# FIXME: NOT FAILING PROPERLY FOR:
+# ms: improper group or other writability on path '/tmp'.
+
+
+######################################################################
+### TESTS
+
+# connect to test sshd, using monkeysphere ssh-proxycommand to verify
+# the identity before connection. This should work in both directions!
+echo "##################################################"
+echo "### ssh connection test for success..."
+ssh_test