agent-restrict.sh - OpenGrok cross reference for /freebsd/crypto/openssh/regress/agent-restrict.sh

Lines Matching refs:OBJ
6 SSH_AUTH_SOCK="$OBJ/agent.sock"
8 rm -f $SSH_AUTH_SOCK $OBJ/agent.log $OBJ/host_[abcdex]* $OBJ/user_[abcdex]*
9 rm -f $OBJ/sshd_proxy_host* $OBJ/ssh_output* $OBJ/expect_*
10 rm -f $OBJ/ssh_proxy[._]* $OBJ/command
14 	$SSHKEYGEN -q -t ed25519 -C host_$h -N '' -f $OBJ/host_$h || \
16 	$SSHKEYGEN -q -t ed25519 -C user_$h -N '' -f $OBJ/user_$h || \
23 	$SSHKEYGEN -q -s $OBJ/host_ca -I $id -n $id -h $OBJ/host_${h}.pub || \
29 	$OBJ/ssh_proxy > $OBJ/ssh_proxy.bak
30 cat << _EOF > $OBJ/ssh_proxy
35 cp $OBJ/ssh_proxy $OBJ/ssh_proxy_noid
37 	cat << _EOF >> $OBJ/ssh_proxy
41 	IdentityFile $OBJ/user_$h
42 …ProxyCommand ${SUDO} env SSH_SK_HELPER=\"$SSH_SK_HELPER\" ${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/ss…
45 	cat << _EOF >> $OBJ/ssh_proxy_noid
49 …ProxyCommand ${SUDO} env SSH_SK_HELPER=\"$SSH_SK_HELPER\" ${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/ss…
52 cat $OBJ/ssh_proxy.bak >> $OBJ/ssh_proxy
53 cat $OBJ/ssh_proxy.bak >> $OBJ/ssh_proxy_noid
60 rm -f $OBJ/known_hosts
62 	(printf "host_$h " ; cat $OBJ/host_${h}.pub) >> $OBJ/known_hosts
64 (printf "@cert-authority host_* " ; cat $OBJ/host_ca.pub) >> $OBJ/known_hosts
67 egrep -vi '(hostkey|pidfile)' $OBJ/sshd_proxy \
68 	> $OBJ/sshd_proxy.bak
70 	cp $OBJ/sshd_proxy.bak $OBJ/sshd_proxy_host_$h
71 	cat << _EOF >> $OBJ/sshd_proxy_host_$h
74 Hostkey $OBJ/host_$h
78 	echo "HostCertificate $OBJ/host_${h}-cert.pub" \
79 		>> $OBJ/sshd_proxy_host_$h
91 	>$OBJ/authorized_keys_$USER
94 		 cat $OBJ/user_$h.pub) >> $OBJ/authorized_keys_$USER
99 	_key="$OBJ/${1}.pub"
100 	_file="$OBJ/$2"
118 	rm -f $OBJ/ssh_output
119 	${SSH} $_extra -F $OBJ/ssh_proxy $_host true > $OBJ/ssh_output
122 	diff $OBJ/ssh_output $OBJ/expect_${_id} ||
134 	_keyfile="$OBJ/$_key"
135 	rm -f $OBJ/ssh_output
136 	${SSH} $_extra -F $OBJ/ssh_proxy_noid \
137 	    -oIdentityFile=$_keyfile $_host true > $OBJ/ssh_output
141 	diff $OBJ/ssh_output $OBJ/expect_key ||
150 	${SSH} $_extra -F $OBJ/ssh_proxy $_host true >/dev/null && \
161 	_keyfile="$OBJ/$_key"
162 	${SSH} $_extra -F $OBJ/ssh_proxy_noid -oIdentityFile=$_keyfile \
163 	    $_host true > $OBJ/ssh_output && \
170 		mv $OBJ/user_$u $OBJ/user_x$u || fatal "hide privkey $u"
177 		mv $OBJ/user_x$u $OBJ/user_$u || fatal "restore privkey $u"
201 ${SSHAGENT} ${EXTRA_AGENT_ARGS} -d -a $SSH_AUTH_SOCK > $OBJ/agent.log 2>&1 &
213 	$SSHADD -q $OBJ/user_$u || fatal "add key $u unrestricted"
225 rm -f $OBJ/expect_list.pre
228 	cut -d " " -f-2 $OBJ/user_${u}.pub >> $OBJ/expect_list.pre
230 sort $OBJ/expect_list.pre > $OBJ/expect_list
232 	cp $OBJ/expect_list $OBJ/expect_$h
241 	$SSHADD -h host_$h -H $OBJ/known_hosts -q $OBJ/user_$h \
245 $SSHADD -q $OBJ/user_x || fatal "add unrestricted key"
262 cut -d " " -f-2 $OBJ/user_x.pub > $OBJ/expect_list
264 	cp $OBJ/expect_list $OBJ/expect_$h
273 	$SSHADD -h "${USER}@host_$h" -H $OBJ/known_hosts -q $OBJ/user_$h \
286 	$SSHADD -h "*@host_$h" -H $OBJ/known_hosts -q $OBJ/user_$h \
299 	$SSHADD -h "--BADUSER@host_$h" -H $OBJ/known_hosts -q $OBJ/user_$h \
313 $SSHADD -h host_e -H $OBJ/known_hosts -q $OBJ/user_d || fatal "add key"
322 	MULTIHOP_RUN=$OBJ/command
329 	rm -f $OBJ/done
337 	touch $OBJ/done
342 	${SSH} -F $OBJ/ssh_proxy_noid -oIdentityFile=$OBJ/user_a \
348 	if test ! -f $OBJ/done ; then
366 	rm -f $OBJ/expect_keys
368 		cut -d" " -f-2 $OBJ/user_${h}.pub >> $OBJ/expect_keys
370 	rm -f $OBJ/expect_a
371 	echo "AGENT" >> $OBJ/expect_a
372 	test "x$_keys" = "xnone" || sort $OBJ/expect_keys >> $OBJ/expect_a
373 	echo "NEXT" >> $OBJ/expect_a
375 		echo "HOSTNAME host_$h" >> $OBJ/expect_a
376 		echo "AUTHINFO" >> $OBJ/expect_a
377 		(printf "publickey " ; cut -d" " -f-2 $OBJ/user_a.pub) >> $OBJ/expect_a
378 		echo "AGENT" >> $OBJ/expect_a
380 			sort $OBJ/expect_keys >> $OBJ/expect_a
384 				cut -d" " -f-2 $OBJ/user_a.pub >> $OBJ/expect_a
386 			echo "NEXT" >> $OBJ/expect_a
389 	echo "FINISH" >> $OBJ/expect_a
391 		echo "COMPLETE \"$h\"" >> $OBJ/expect_a
396 cp $OBJ/user_a.pub $OBJ/authorized_keys_$USER # only one key used.
401 $MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output || fail "multihop no agent ssh failed"
402 diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
406 $SSHADD -q $OBJ/user_[abcde]
408 $MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output || fail "multihop no agent ssh failed"
409 diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
417 	-H $OBJ/known_hosts -q $OBJ/user_a \
420 $SSHADD -q -h host_x -H $OBJ/known_hosts $OBJ/user_[bcde] || fail "add keys"
422 $MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output || fail "multihop ssh failed"
423 diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
429 	-H $OBJ/known_hosts -q $OBJ/user_a || fatal "add key user_a multihop"
431 $MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output || fail "multihop w/ user ssh failed"
432 diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
438 	-H $OBJ/known_hosts -q $OBJ/user_a || fatal "add key user_a multihop"
440 $MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output || fail "multihop w/ user ssh failed"
441 diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
447 	-H $OBJ/known_hosts -q $OBJ/user_a || fatal "add key user_a multihop"
449 $MULTIHOP_RUN "" a b c d e > $OBJ/ssh_output && \
456 $MULTIHOP_RUN "" a b a a c d e > $OBJ/ssh_output || \
458 diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
462 $SSHADD -q $OBJ/user_[abcde] || fail "add keys"
464 $MULTIHOP_RUN "" a b a a c d e > $OBJ/ssh_output || \
466 diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"
470 $SSHADD -q -h host_x -H $OBJ/known_hosts $OBJ/user_[bcde] || fail "add keys"
473 	-H $OBJ/known_hosts -q $OBJ/user_a \
477 $MULTIHOP_RUN "" a b a a c d e > $OBJ/ssh_output && \
483 $SSHADD -q -h host_x -H $OBJ/known_hosts $OBJ/user_[bcde] || fail "add keys"
487 	-H $OBJ/known_hosts -q $OBJ/user_a \
491 $MULTIHOP_RUN "" a b a a c d e > $OBJ/ssh_output || \
493 diff $OBJ/ssh_output $OBJ/expect_a || fail "unexpected ssh output"