Posts

Showing posts from April, 2014

Automated OpenSSH Configuration Tests

Image
When developing or fine-tuning OpenSSH configurations the testing can be quite tiresome: Change configuration, restart server, run manual tests, repeat. Not to forget the many times when restarting the SSH server does not work and you lock yourself out of your test server. When writing a  Linux Magazin article about SSH key management  I wanted to show how to use OpenSSH PKI in a repeatable way. The result is an automated test suite for OpenSSH configuration : $ ./run_demo.sh    ... lots of info output running through ...   SSH PKI Demo Test Results: Succeeded create-ca-key Succeeded create-host-key Succeeded sign-host-key Succeeded create-user-root-key Succeeded sign-user-root-key Succeeded create-user-unpriv-key Succeeded sign-user-unpriv-key Succeeded test-trusting-known-hosts-via-cert-and-login-with-password Succeeded test-that-hostname-in-cert-must-match-target-host Succeeded test-login-with-root-key-trusted-by-cert Succeeded test-that-username-in-cert-m