sshnoports: Add unit tests

[gkc]

Is your feature request related to a problem? Please describe.

No unit tests currently

Describe the solution you'd like

Need unit tests which, while they do not test the whole thing end to end, can check the logic and behaviour of the atProtocol interactions - the records that are created and updated, the notifications that are sent and received, etc

Describe alternatives you've considered

No response

Additional context

No response

Tasks

Beta Give feedback

1. impl
2. impl/dart pure
3. impl/openssh local
4. impl/unsigned (legacy)
5. models
6. models/config file repo (mostly done - last piece requires stubbing file io)
7. models/config key repo
8. models/sshnp arg
9. models/sshnp device list
10. models/sshnp params
11. models/sshnp result (done, but subject to change)
12. util
13. util/initial tunnel
14. util/initial tunnel/dart
15. util/initial tunnel/openssh
16. util/ssh key handler
17. util/ssh key handler/dart
18. util/ssh key handler/local
19. util/sshnpd channel
20. util/sshnpd channel/default
21. util/sshnpd channel/unsigned
22. util/sshrvd channel
23. util/sshrvd channel/dart
24. util/sshrvd channel/exec
25. sshnp core
26. sshnp (public interface)

[gkc]

Unassigning myself and moving to Triage again ... hoping someone else has capacity to pick this up in this sprint

[purnimavenkatasubbu]

@cconstab I was trying to run sshnp, But I got a remote SSH client failure

1. sshnpd in aws
   ubuntu@ip-172-26-14-158:~/sshnp$ ./sshnpd -a @95consistent -m @aquamarine659 -d device1 -u
   SHOUT|2023-04-06 11:24:48.698741| sshnpd |Starting @95consistent sync

SHOUT|2023-04-06 11:24:55.364158| sshnpd |@95consistent sync complete

SHOUT|2023-04-06 11:27:16.519554| sshnpd |ssh session started from: @aquamarine659 session: 45891ce5-1f0e-4248-a409-a35885cb01b6

2. sshnp

dart sshnp.dart -k sshnoports/.atsign/keys/@aquamarine659_key.atKeys -f @aquamarine659 -t @95consistent -h 27d00de9-3719-56b3-82d2-5b97212a9959.swarm0002.atsign.zone -p 2215 -d device1

sshnp_logs.txt

From the logs, I could see a failure as

Remote sshnpd error: Remote SSH Client failure : SSHAuthAbortError(Connection closed before authentication)

But at the end, it says notification as delivered

FINER|2023-04-06 16:57:17.067081|AtLookup|SENDING: notify:status:91752f94-991c-47e4-aa0b-232c0d7958eb

FINER|2023-04-06 16:57:17.332635|OutboundMessageListener|RECEIVED data:delivered

[cconstab]

So the -h and -p should point to the place you are running sshnp.. Currently you have the host and the port of the secondary server which is not where you are running ssh from..

My Host -------------------------> Hosty I want to log into
sshnp ----------------------------> sshnpd
sshd (port 22) <-------------------sshnpd

so in this case the -h "my host" and -p "22"

hope that helps

[cconstab]

The sshnp repo has lots of clues https://github.com/atsign-foundation/sshnoports

[murali-shris]

@cconstab
We tried to run sshnpd on my machine and sshnp on @purnimavenkatasubbu machine

Remote machine:

• dart bin/sshnpd.dart -a @91elephant -m @ninelivesfew11 -d sshnptest -u sshnptest -s -v
  log file - https://github.com/atsign-foundation/sshnoports/files/11199144/remote_sshnpd.log
• murali@murali-Latitude-3460:/etc/ssh$ ssh -R 0:localhost:2222 tunnel.us.ngrok.com tcp
  Allocated port 15869 for remote forward to localhost:2222

ngrok (via SSH) (Ctrl+C to quit)

Account murali@atsign.com (Plan: Free)
Region us
Forwarding tcp://4.tcp.ngrok.io:15869

• added public key from client to .ssh/authorized_keys
  murali@murali-Latitude-3460:~/.ssh$ cat authorized_keys
  ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+thV+w+fkRlRLh5QkbYGYXYIjHzwtqK1yhzFzS2FXq9ww5AVmDlTSge1g8mZGEQ4h+HX9O7kHDmsUKzF017F/rQv5JVE93THM3CXxKgnohq9wYyDDEHs5BXmLisWNyc9I8vf+dN2ngJa8tSRmiPoiBc+qYsizYTpIXxI8FfJj3vJbQ/HhxTmi3V1Ilo7LV+WgfVn8QSZk+mQ5aS/uu835WTQGZ0YtY7ml38DX28xGclVWQ/2aSUxsQHQpPwJopL8rzucmvX6PQNZDeoMBB74UoFab4mDnAgd4XWxOtEsNzlg2+XcHSZhKhuvKt7TrGrrJuSP9CTXrMQEj84upPkmR shaikirfan@SHLT013

client machine:
shaikirfan@SHLT013:~/Desktop/sshnp/sshnoports$ dart bin/sshnp.dart -f @ninelivesfew11 -t @91elephant -h 4.tcp.ngrok.io -p 15869 -l 3456 -d sshnptest -s id_rsa.pub
log file https://github.com/atsign-foundation/sshnoports/files/11199141/client_sshnp.log

remote machine:
murali@murali-Latitude-3460:/etc/ssh$ ssh -R 0:localhost:2222 tunnel.us.ngrok.com tcp
Allocated port 15869 for remote forward to localhost:2222

ngrok (via SSH) (Ctrl+C to quit)

Account murali@atsign.com (Plan: Free)
Region us
Forwarding tcp://4.tcp.ngrok.io:15869

TCP connection opened
TCP connection closed
TCP connection opened
TCP connection closed
TCP connection opened
TCP connection closed
TCP connection opened
TCP connection closed

murali@murali-Latitude-3460:~/git/at_protocol/sshnoports$ journalctl -fu ssh
-- Logs begin at Tue 2022-11-08 16:31:00 IST. --
Apr 11 15:15:50 murali-Latitude-3460 sshd[12548]: Invalid user shaikirfan from 127.0.0.1 port 60094
Apr 11 15:15:50 murali-Latitude-3460 sshd[12548]: Connection closed by invalid user shaikirfan 127.0.0.1 port 60094 [preauth]
Apr 11 15:17:23 murali-Latitude-3460 sshd[17638]: Invalid user shaikirfan from 127.0.0.1 port 53258
Apr 11 15:17:24 murali-Latitude-3460 sshd[17638]: Connection closed by invalid user shaikirfan 127.0.0.1 port 53258 [preauth]
Apr 11 15:18:19 murali-Latitude-3460 sshd[20664]: Invalid user shaikirfan from 127.0.0.1 port 37644
Apr 11 15:18:20 murali-Latitude-3460 sshd[20664]: Connection closed by invalid user shaikirfan 127.0.0.1 port 37644 [preauth]
Apr 11 15:18:49 murali-Latitude-3460 sshd[22016]: Invalid user shaikirfan from 127.0.0.1 port 33968
Apr 11 15:18:50 murali-Latitude-3460 sshd[22016]: Connection closed by invalid user shaikirfan 127.0.0.1 port 33968 [preauth]

[murali-shris]

client_sshnp.log
remote_sshnpd.log

[cconstab]

I would make sure that ssh logins are allowed on the remote machine the logs would suggest they are not..

To test on the remote machine try

ssh 0

You should be able to login

The other thing I notice is the sshnpd has -u sshnptest but the -u is just a flag and will pick up the processes username that is running sshnpd.

[murali-shris]

ssh 0

In the remote machine on which sshnpd runs, I ran the ssh service on port 2222. ssh 0 didn't work.
ssh 0 -p 2222 works.
Should I run the ssh service on the remote machine on port 22 or 2222?

---

We tried a manual ssh from purnima's machine to murali's machine
ssh -i /home/shaikirfan/.ssh/id_rsa -p 13026 shaikirfan@6.tcp.ngrok.io
With this command we were getting the error on ssh in murali's machine

Invalid user shaikirfan from 127.0.0.1 port xxxxx

shaikirfan is the username on Purnima's machine. sshnp.dart also picks this username from envVars I guess.
The below command worked
ssh -i /home/shaikirfan/.ssh/id_rsa -p 13026 murali@6.tcp.ngrok.io

[gkc]

Will ping on here once sshnp refactoring is complete so that unit tests can be written, likewise then for sshnpd and sshrvd

[gkc]

sshnp refactoring is complete; a small number of unit tests were added during PR64

[gkc]

no progress during PR65 but work should proceed during PR66 now that refactoring is complete for sshnpd and sshnp

[XavierChanth]

Refactoring is mostly done, but there are still some bugs that need to be addressed first. Once v3.4.0 is officially released I will update this card.

[gkc]

Since we now have comprehensive end-to-end test automation, this is not as important; reducing priority to P2

[XavierChanth]

Reducing to 5SP

[XavierChanth]

Lowered priority to P1 now that we've released 4.0.0

[XavierChanth]

Will resume in PR 78

[gkc]

Will resume in PR80

[XavierChanth]

I think this is in a good place for now, e2e tests cover the rest.