test/units/TEST-74-AUX-UTILS.ssh.sh

   1 #!/usr/bin/env bash
   2 # SPDX-License-Identifier: LGPL-2.1-or-later
   3 set -eux
   4 set -o pipefail
   5
   6 if ! command -v ssh &> /dev/null || ! command -v sshd &> /dev/null ; then
   7     echo "ssh/sshd not found, skipping test." >&2
   8     exit 0
   9 fi
  10
  11 systemctl -q is-active sshd-unix-local.socket
  12
  13 if test -e /dev/vsock ; then
  14     systemctl -q is-active sshd-vsock.socket
  15 fi
  16
  17 if test -d /run/host/unix-export ; then
  18     systemctl -q is-active sshd-unix-export.socket
  19 fi
  20
  21 # FIXME: sshd seems to crash inside asan currently, skip the actual ssh test hence
  22 if [[ -v ASAN_OPTIONS ]] ; then
  23     exit 0
  24 fi
  25
  26 ROOTID=$(mktemp -u)
  27
  28 removesshid() {
  29     rm -f "$ROOTID" "$ROOTID".pub
  30 }
  31
  32 ssh-keygen -N '' -C '' -t rsa -f "$ROOTID"
  33
  34 mkdir -p 0700 /root/.ssh
  35 # Add a newline in case authorized_keys wasn't terminated correctly.
  36 echo >>/root/.ssh/authorized_keys
  37 cat "$ROOTID".pub >>/root/.ssh/authorized_keys
  38
  39 # set root pw to "foo", just to set it to something valid
  40 # shellcheck disable=SC2016
  41 usermod -p '$5$AAy6BYJ6rzz.QELv$6LpVEU3/RQmVz.svHu/33qoJWWWzZuJ3DM2fo9JgcUD' root
  42 usermod -U root
  43
  44 mkdir -p /etc/ssh
  45 test -f /etc/ssh/ssh_host_rsa_key || ssh-keygen -t rsa -C '' -N '' -f /etc/ssh/ssh_host_rsa_key
  46 echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
  47 echo "LogLevel DEBUG3" >> /etc/ssh/sshd_config
  48
  49 test -f /etc/ssh/ssh_config || {
  50     echo 'Include /etc/ssh/ssh_config.d/*.conf'
  51     echo 'Include /usr/etc/ssh/ssh_config.d/*.conf'
  52 } >/etc/ssh/ssh_config
  53
  54 # ssh wants this dir around, but distros cannot agree on a common name for it, let's just create all that are aware of distros use
  55 mkdir -p /usr/share/empty.sshd /var/empty /var/empty/sshd /run/sshd
  56
  57 ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" .host cat /etc/machine-id | cmp - /etc/machine-id
  58 ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" unix/run/ssh-unix-local/socket cat /etc/machine-id | cmp - /etc/machine-id
  59 ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" machine/.host cat /etc/machine-id | cmp - /etc/machine-id
  60
  61 modprobe vsock_loopback ||:
  62 if test -e /dev/vsock -a -d /sys/module/vsock_loopback ; then
  63     ssh -o StrictHostKeyChecking=no -v -i "$ROOTID" vsock/1 cat /etc/machine-id | cmp - /etc/machine-id
  64 fi