hostkey-rotate.sh - OpenGrok cross reference for /freebsd/crypto/openssh/regress/hostkey-rotate.sh

Lines Matching +full:current +full:- +full:rotate
1 #	$OpenBSD: hostkey-rotate.sh,v 1.10 2022/01/05 08:25:05 djm Exp $
4 tid="hostkey rotate"
8 # fail to find ssh host keys in the hostkey-rotate test.  If we have those
12 case `grep --version 2>&1 | awk '/GNU grep/{print $4}'` in
25 rm -f $OBJ/hkr.* $OBJ/ssh_proxy.orig $OBJ/ssh_proxy.orig
27 grep -vi 'hostkey' $OBJ/sshd_proxy > $OBJ/sshd_proxy.orig
29 grep -vi 'globalknownhostsfile' $OBJ/ssh_proxy.orig > $OBJ/ssh_proxy
36 primary="ssh-ed25519"
43 	${SSHKEYGEN} -qt $k -f $OBJ/hkr.$k -N '' || fatal "ssh-keygen $k"
48 	ssh-rsa)
49 		secondary="ssh-rsa"
50 		all_algs="${all_algs}rsa-sha2-256,rsa-sha2-512,$k"
60 	${SSH} -F $OBJ/ssh_proxy "$@" x true || fail "ssh $@ failed"
66 	_n=`wc -l $OBJ/known_hosts | awk '{ print $1 }'` || fatal "wc failed"
84 dossh -oHostKeyAlgorithms=$primary -oStrictHostKeyChecking=no
91 dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$all_algs
101 	ssh-rsa) alg="rsa-sha2-256,rsa-sha2-512,ssh-rsa" ;;
105 	dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$alg,$all_algs
112 	verbose "learn changed non-primary hostkey type=${secondary}"
114 	rm -f $OBJ/hkr.${secondary}
115 	${SSHKEYGEN} -qt ${secondary} -f $OBJ/hkr.${secondary} -N '' || \
116 	    fatal "ssh-keygen $secondary"
117 	dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$all_algs
127 ${SSHKEYGEN} -qt ${primary} -f $OBJ/hkr.${primary}-new -N '' || fatal "ssh-keygen ed25519"
128 ( cat $OBJ/sshd_proxy.orig ; echo HostKey $OBJ/hkr.${primary}-new ) \
131 dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=${primary},$all_algs
133 check_key_present ${primary} || fail "current key missing"
134 check_key_present ${primary} $OBJ/hkr.${primary}-new.pub || fail "new key missing"
137 verbose "rotate primary hostkey"
140 mv $OBJ/hkr.${primary}-new.pub $OBJ/hkr.${primary}.pub
141 mv $OBJ/hkr.${primary}-new $OBJ/hkr.${primary}
143 dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=${primary},$all_algs
149 verbose "check rotate primary hostkey"
150 dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=${primary}