-gpgadmin --armor --export "$HOSTKEYID" | \
- GNUPGHOME="$TEMPDIR"/testuser/.gnupg gpg --import
-
-# connect to test sshd, using monkeysphere to verify the identity
-# before connection.
-echo "### testuser connecting to sshd socket..."
-PROXY_COMMAND="monkeysphere-ssh-proxycommand --no-connect %h && socat STDIO UNIX:${SOCKET}"
-GNUPGHOME="$TEMPDIR"/testuser/.gnupg ssh -oProxyCommand="$PROXY_COMMAND" testhost
-
-# create a new client side key, certify it with the "CA", use it to
-# log in.
-## FIXME: implement!
+gpgadmin --armor --export "$HOSTKEYID" | gpg --import
+
+# teach the "server" about the testuser's key
+echo "### export testuser key to server..."
+gpg --export testuser | monkeysphere-server gpg-authentication-cmd --import
+echo "### update server authorized_keys file for this testuser..."
+monkeysphere-server update-users $(whoami)
+
+# connect to test sshd, using monkeysphere-ssh-proxycommand to verify
+# the identity before connection. This should work in both directions!
+echo "### ssh connection test for success..."
+ssh_test
+
+# remove the testuser's authorized_user_ids file and update
+# authorized_keys file, this is to make sure that the ssh
+# authentication FAILS...
+echo "### removing testuser authorized_user_ids and reupdating authorized_keys..."
+rm -f "$TESTHOME"/.monkeysphere/authorized_user_ids
+monkeysphere-server update-users $(whoami)
+
+# make sure the user can NOT connect
+echo "### ssh connection test for server authentication denial..."
+ssh_test || ret="$?"
+if [ "$ret" != '255' ] ; then
+ echo "### connection should have failed!"
+ exit "$ret"
+fi
+
+trap - EXIT
+
+echo
+echo "Monkeysphere basic tests completed successfully!"
+echo
+
+cleanup