KNOWN_HOSTS=$TEMPDIR/testuser/.ssh/known_hosts
EOF
+# set up a simple default monkeysphere-server.conf
+cat <<EOF >> "$TEMPDIR"/monkeysphere-server.conf
+AUTHORIZED_USER_IDS="$TEMPDIR/testuser/.monkeysphere/authorized_user_ids"
+EOF
+
### SERVER TESTS
# setup monkeysphere temp gnupghome directories
mkdir -p -m 750 "$MONKEYSPHERE_SYSDATADIR"/gnupg-host
mkdir -p -m 700 "$MONKEYSPHERE_SYSDATADIR"/gnupg-authentication
+mkdir -p -m 700 "$MONKEYSPHERE_SYSDATADIR"/authorized_keys
cat <<EOF > "$MONKEYSPHERE_SYSDATADIR"/gnupg-authentication/gpg.conf
primary-keyring ${MONKEYSPHERE_SYSDATADIR}/gnupg-authentication/pubring.gpg
keyring ${MONKEYSPHERE_SYSDATADIR}/gnupg-host/pubring.gpg
echo "### export server key to testuser..."
gpgadmin --armor --export "$HOSTKEYID" | gpg --import
+# teach the "server" about the testuser's key
+echo "### export testuser key to server..."
+gpg --export testuser | monkeysphere-server gpg-authentication-cmd --import
+echo "### update server authorized_keys file for this testuser..."
+monkeysphere-server update-users "$USER"
+
# connect to test sshd, using monkeysphere-ssh-proxycommand to verify
# the identity before connection. This should work in both directions!
echo "### testuser connecting to sshd socket..."
ssh-agent bash -c \
- 'monkeysphere subkey-to-ssh-agent && ssh -F "$TEMPDIR"/testuser/.ssh/config testhost'
+ "monkeysphere subkey-to-ssh-agent && ssh -F $TEMPDIR/testuser/.ssh/config testhost"
trap - EXIT
cleanup