Automated test suite for OpenSSH configuration
When developing or fine-tuning OpenSSH configurations the testing can be quite tiresome. These scripts create a test environment where one can test various setups without deploying a server or breaking the existing SSH configuration.
- clone this git repo
- change into the cloned directory
run_demo.shto find out if your OpenSSH supports CA-based operations:
$ ./run_demo.sh ... lots of info output running through ... SSH PKI Demo Test Results: Succeeded create-ca-key Succeeded create-host-key Succeeded sign-host-key Succeeded create-user-root-key Succeeded sign-user-root-key Succeeded create-user-unpriv-key Succeeded sign-user-unpriv-key Succeeded test-trusting-known-hosts-via-cert-and-login-with-password Succeeded test-that-hostname-in-cert-must-match-target-host Succeeded test-login-with-root-key-trusted-by-cert Succeeded test-that-username-in-cert-must-match-target-user Succeeded test-revoked-ca-key-prevents-login Succeeded test-revoked-user-key-prevents-login Succeeded test-revoked-host-key-prevents-connection Succeeded in running all tests, congratulations!
run_demo.sh script and look at the
*_config files to see how to use SSH PKI.
Requirements on Ubuntu:
sudo apt-get install fakeroot sshpass checkinstall