1 # $OpenBSD: key-options.sh,v 1.2 2008/06/30 08:07:34 djm Exp $
2 # Placed in the Public Domain.
6 origkeys
="$OBJ/authkeys_orig"
7 authkeys
="$OBJ/authorized_keys_${USER}"
10 # Test command= forced command
12 for c
in 'command="echo bar"' 'no-pty,command="echo bar"'; do
13 sed "s/.*/$c &/" $origkeys >$authkeys
14 verbose
"key option proto $p $c"
15 r
=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost echo foo`
16 if [ "$r" = "foo" ]; then
17 fail
"key option forced command not restricted"
19 if [ "$r" != "bar" ]; then
20 fail
"key option forced command not executed"
26 sed 's/.*/no-pty &/' $origkeys >$authkeys
28 verbose
"key option proto $p no-pty"
29 r
=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost tty`
31 fail
"key option failed proto $p no-pty (pty $r)"
36 echo 'PermitUserEnvironment yes' >> $OBJ/sshd_proxy
37 sed 's/.*/environment="FOO=bar" &/' $origkeys >$authkeys
39 verbose
"key option proto $p environment"
40 r
=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost 'echo $FOO'`
41 if [ "$r" != "bar" ]; then
42 fail
"key option environment not set"
46 # Test from= restriction
49 for f
in 127.0.0.1 '127.0.0.0\/8'; do
50 cat $origkeys >$authkeys
51 ${SSH} -$p -q -F $OBJ/ssh_proxy somehost true
53 fail
"key option proto $p failed without restriction"
56 sed 's/.*/from="'"$f"'" &/' $origkeys >$authkeys
57 from
=`head -1 $authkeys | cut -f1 -d ' '`
58 verbose
"key option proto $p $from"
59 r
=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost 'echo true'`
60 if [ "$r" = "true" ]; then
61 fail
"key option proto $p $from not restricted"
64 r
=`${SSH} -$p -q -F $OBJ/ssh_config somehost 'echo true'`
65 if [ "$r" != "true" ]; then
66 fail
"key option proto $p $from not allowed but should be"
