Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 71e5a536ec815d542b199f2ae6d646c0db9f1b58 / . / regress / keytype.sh
blob: 88b022de4adb00158cfbc7c7abf164cbe29987e9 [file] [log] [blame]
djm@openbsd.org096fb652017-03-20 22:08:06 +0000[diff] [blame]1# $OpenBSD: keytype.sh,v 1.5 2017/03/20 22:08:06 djm Exp $
Darren Tuckerb69e0332010-11-05 18:19:15 +1100[diff] [blame]2# Placed in the Public Domain.
3
4tid="login with different key types"
5
Darren Tuckerb69e0332010-11-05 18:19:15 +1100[diff] [blame]6cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
7cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
8
Darren Tucker77244af2013-12-21 17:02:39 +1100[diff] [blame]9# Traditional and builtin key types.
Damien Millerf54542a2013-12-07 16:32:44 +1100[diff] [blame]10ktypes="dsa-1024 rsa-2048 rsa-3072 ed25519-512"
Darren Tucker77244af2013-12-21 17:02:39 +1100[diff] [blame]11# Types not present in all OpenSSL versions.
Darren Tuckerb6a75b02013-11-10 20:25:22 +1100[diff] [blame]12for i in `$SSH -Q key`; do
13 case "$i" in
Darren Tucker77244af2013-12-21 17:02:39 +1100[diff] [blame]14 ecdsa-sha2-nistp256) ktypes="$ktypes ecdsa-256" ;;
15 ecdsa-sha2-nistp384) ktypes="$ktypes ecdsa-384" ;;
16 ecdsa-sha2-nistp521) ktypes="$ktypes ecdsa-521" ;;
Darren Tuckerb6a75b02013-11-10 20:25:22 +1100[diff] [blame]17 esac
18done
Darren Tuckerb69e0332010-11-05 18:19:15 +1100[diff] [blame]19
20for kt in $ktypes; do
21 rm -f $OBJ/key.$kt
Tim Ricec10aeaa2010-11-07 13:03:11 -0800[diff] [blame]22 bits=`echo ${kt} | awk -F- '{print $2}'`
23 type=`echo ${kt} | awk -F- '{print $1}'`
djm@openbsd.org096fb652017-03-20 22:08:06 +0000[diff] [blame]24 verbose "keygen $type, $bits bits"
25 ${SSHKEYGEN} -b $bits -q -N '' -t $type -f $OBJ/key.$kt ||\
Darren Tuckerb69e0332010-11-05 18:19:15 +1100[diff] [blame]26 fail "ssh-keygen for type $type, $bits bits failed"
27done
28
29tries="1 2 3"
30for ut in $ktypes; do
31 htypes=$ut
32 #htypes=$ktypes
33 for ht in $htypes; do
markus@openbsd.org5bf09332015-07-10 06:23:25 +0000[diff] [blame]34 case $ht in
35 dsa-1024) t=ssh-dss;;
36 ecdsa-256) t=ecdsa-sha2-nistp256;;
37 ecdsa-384) t=ecdsa-sha2-nistp384;;
38 ecdsa-521) t=ecdsa-sha2-nistp521;;
39 ed25519-512) t=ssh-ed25519;;
40 rsa-*) t=ssh-rsa;;
41 esac
Darren Tuckerb69e0332010-11-05 18:19:15 +1100[diff] [blame]42 trace "ssh connect, userkey $ut, hostkey $ht"
43 (
44 grep -v HostKey $OBJ/sshd_proxy_bak
45 echo HostKey $OBJ/key.$ht
markus@openbsd.org5bf09332015-07-10 06:23:25 +0000[diff] [blame]46 echo PubkeyAcceptedKeyTypes $t
47 echo HostKeyAlgorithms $t
Darren Tuckerb69e0332010-11-05 18:19:15 +1100[diff] [blame]48 ) > $OBJ/sshd_proxy
49 (
50 grep -v IdentityFile $OBJ/ssh_proxy_bak
51 echo IdentityFile $OBJ/key.$ut
markus@openbsd.org5bf09332015-07-10 06:23:25 +0000[diff] [blame]52 echo PubkeyAcceptedKeyTypes $t
53 echo HostKeyAlgorithms $t
Darren Tuckerb69e0332010-11-05 18:19:15 +1100[diff] [blame]54 ) > $OBJ/ssh_proxy
55 (
Darren Tucker56347ef2013-05-17 13:28:36 +1000[diff] [blame]56 printf 'localhost-with-alias,127.0.0.1,::1 '
Darren Tuckerb69e0332010-11-05 18:19:15 +1100[diff] [blame]57 cat $OBJ/key.$ht.pub
58 ) > $OBJ/known_hosts
59 cat $OBJ/key.$ut.pub > $OBJ/authorized_keys_$USER
60 for i in $tries; do
djm@openbsd.org096fb652017-03-20 22:08:06 +0000[diff] [blame]61 verbose "userkey $ut, hostkey ${ht}"
62 ${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true
Darren Tuckerb69e0332010-11-05 18:19:15 +1100[diff] [blame]63 if [ $? -ne 0 ]; then
64 fail "ssh userkey $ut, hostkey $ht failed"
65 fi
66 done
67 done
68done