test now has better sshd configuration.
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Sat, 25 Oct 2008 18:17:34 +0000 (14:17 -0400)
committerDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Sat, 25 Oct 2008 18:17:34 +0000 (14:17 -0400)
tests/basic
tests/etc/ssh/sshd_config [new file with mode: 0644]

index b9ae8f110146b37d0669f6afe7a57e78393a8d83..e3cc42eff4faa8515e896b34062519395425d8c0 100755 (executable)
@@ -81,9 +81,12 @@ gpgadmin --sign-key "$HOSTKEYID"
 echo "-- adding admin as certifier..."
 monkeysphere-server add-identity-certifier "$TESTDIR"/home/admin/.gnupg/pubkey.gpg
 
+# initialize base sshd_config
+cp etc/ssh/sshd_config "$TEMPDIR"/sshd_config
 # write the sshd_config
-cat <<EOF > "$TEMPDIR"/sshd_config
+cat <<EOF >> "$TEMPDIR"/sshd_config
 HostKey ${MONKEYSPHERE_SYSDATADIR}/ssh_host_rsa_key
+AuthorizedKeysFile ${MONKEYSPHERE_SYSDATADIR}/authorized_keys/%u
 EOF
 
 # launch sshd with the new host key.
diff --git a/tests/etc/ssh/sshd_config b/tests/etc/ssh/sshd_config
new file mode 100644 (file)
index 0000000..75f0314
--- /dev/null
@@ -0,0 +1,21 @@
+# Base sshd_config for monkeysphere test
+
+# HostKey and AuthorizedKeysFile lines will be added dynamically
+# during test.
+
+# goal: minimal ssh configuration to do public key authentication.
+
+Protocol 2
+PubkeyAuthentication yes
+HostbasedAuthentication no
+PermitEmptyPasswords no
+ChallengeResponseAuthentication no
+PasswordAuthentication no
+KerberosAuthentication no
+GSSAPIAuthentication no
+X11Forwarding no
+PrintMotd no
+PrintLastLog no
+TCPKeepAlive no
+AcceptEnv LANG LC_*
+UsePAM no