1*4f52dfbbSDag-Erling Smørgrav# $OpenBSD: ssh-com.sh,v 1.10 2017/05/08 01:52:49 djm Exp $ 2ce3adf43SDag-Erling Smørgrav# Placed in the Public Domain. 3ce3adf43SDag-Erling Smørgrav 4ce3adf43SDag-Erling Smørgravtid="connect to ssh.com server" 5ce3adf43SDag-Erling Smørgrav 6ce3adf43SDag-Erling Smørgrav#TEST_COMBASE=/path/to/ssh/com/binaries 7ce3adf43SDag-Erling Smørgravif [ "X${TEST_COMBASE}" = "X" ]; then 8ce3adf43SDag-Erling Smørgrav fatal '$TEST_COMBASE is not set' 9ce3adf43SDag-Erling Smørgravfi 10ce3adf43SDag-Erling Smørgrav 11ce3adf43SDag-Erling SmørgravVERSIONS=" 12ce3adf43SDag-Erling Smørgrav 2.0.12 13ce3adf43SDag-Erling Smørgrav 2.0.13 14ce3adf43SDag-Erling Smørgrav 2.1.0 15ce3adf43SDag-Erling Smørgrav 2.2.0 16ce3adf43SDag-Erling Smørgrav 2.3.0 17ce3adf43SDag-Erling Smørgrav 2.4.0 18ce3adf43SDag-Erling Smørgrav 3.0.0 19ce3adf43SDag-Erling Smørgrav 3.1.0 20ce3adf43SDag-Erling Smørgrav 3.2.0 21ce3adf43SDag-Erling Smørgrav 3.2.2 22ce3adf43SDag-Erling Smørgrav 3.2.3 23ce3adf43SDag-Erling Smørgrav 3.2.5 24ce3adf43SDag-Erling Smørgrav 3.2.9 25ce3adf43SDag-Erling Smørgrav 3.2.9.1 26ce3adf43SDag-Erling Smørgrav 3.3.0" 27ce3adf43SDag-Erling Smørgrav# 2.0.10 does not support UserConfigDirectory 28ce3adf43SDag-Erling Smørgrav# 2.3.1 requires a config in $HOME/.ssh2 29ce3adf43SDag-Erling Smørgrav 30ce3adf43SDag-Erling SmørgravSRC=`dirname ${SCRIPT}` 31ce3adf43SDag-Erling Smørgrav 32ce3adf43SDag-Erling Smørgrav# ssh.com 33ce3adf43SDag-Erling Smørgravcat << EOF > $OBJ/sshd2_config 34ce3adf43SDag-Erling Smørgrav#*: 35ce3adf43SDag-Erling Smørgrav # Port and ListenAddress are not used. 36ce3adf43SDag-Erling Smørgrav QuietMode yes 37ce3adf43SDag-Erling Smørgrav Port 4343 38ce3adf43SDag-Erling Smørgrav ListenAddress 127.0.0.1 39ce3adf43SDag-Erling Smørgrav UserConfigDirectory ${OBJ}/%U 40ce3adf43SDag-Erling Smørgrav Ciphers AnyCipher 41ce3adf43SDag-Erling Smørgrav PubKeyAuthentication yes 42ce3adf43SDag-Erling Smørgrav #AllowedAuthentications publickey 43ce3adf43SDag-Erling Smørgrav AuthorizationFile authorization 44ce3adf43SDag-Erling Smørgrav HostKeyFile ${SRC}/dsa_ssh2.prv 45ce3adf43SDag-Erling Smørgrav PublicHostKeyFile ${SRC}/dsa_ssh2.pub 46ce3adf43SDag-Erling Smørgrav RandomSeedFile ${OBJ}/random_seed 47ce3adf43SDag-Erling Smørgrav MaxConnections 0 48ce3adf43SDag-Erling Smørgrav PermitRootLogin yes 49ce3adf43SDag-Erling Smørgrav VerboseMode no 50ce3adf43SDag-Erling Smørgrav CheckMail no 51ce3adf43SDag-Erling Smørgrav Ssh1Compatibility no 52ce3adf43SDag-Erling SmørgravEOF 53ce3adf43SDag-Erling Smørgrav 54ce3adf43SDag-Erling Smørgrav# create client config 55ce3adf43SDag-Erling Smørgravsed "s/HostKeyAlias.*/HostKeyAlias ssh2-localhost-with-alias/" \ 56ce3adf43SDag-Erling Smørgrav < $OBJ/ssh_config > $OBJ/ssh_config_com 57ce3adf43SDag-Erling Smørgrav 58ce3adf43SDag-Erling Smørgrav# we need a DSA key for 59ce3adf43SDag-Erling Smørgravrm -f ${OBJ}/dsa ${OBJ}/dsa.pub 60ce3adf43SDag-Erling Smørgrav${SSHKEYGEN} -q -N '' -t dsa -f ${OBJ}/dsa 61ce3adf43SDag-Erling Smørgrav 62ce3adf43SDag-Erling Smørgrav# setup userdir, try rsa first 63ce3adf43SDag-Erling Smørgravmkdir -p ${OBJ}/${USER} 64ce3adf43SDag-Erling Smørgravcp /dev/null ${OBJ}/${USER}/authorization 65ce3adf43SDag-Erling Smørgravfor t in rsa dsa; do 66ce3adf43SDag-Erling Smørgrav ${SSHKEYGEN} -e -f ${OBJ}/$t.pub > ${OBJ}/${USER}/$t.com 67ce3adf43SDag-Erling Smørgrav echo Key $t.com >> ${OBJ}/${USER}/authorization 68ce3adf43SDag-Erling Smørgrav echo IdentityFile ${OBJ}/$t >> ${OBJ}/ssh_config_com 69ce3adf43SDag-Erling Smørgravdone 70ce3adf43SDag-Erling Smørgrav 71ce3adf43SDag-Erling Smørgrav# convert and append DSA hostkey 72ce3adf43SDag-Erling Smørgrav( 73ce3adf43SDag-Erling Smørgrav printf 'ssh2-localhost-with-alias,127.0.0.1,::1 ' 74ce3adf43SDag-Erling Smørgrav ${SSHKEYGEN} -if ${SRC}/dsa_ssh2.pub 75ce3adf43SDag-Erling Smørgrav) >> $OBJ/known_hosts 76ce3adf43SDag-Erling Smørgrav 77ce3adf43SDag-Erling Smørgrav# go for it 78ce3adf43SDag-Erling Smørgravfor v in ${VERSIONS}; do 79ce3adf43SDag-Erling Smørgrav sshd2=${TEST_COMBASE}/${v}/sshd2 80ce3adf43SDag-Erling Smørgrav if [ ! -x ${sshd2} ]; then 81ce3adf43SDag-Erling Smørgrav continue 82ce3adf43SDag-Erling Smørgrav fi 83ce3adf43SDag-Erling Smørgrav trace "sshd2 ${v}" 84ce3adf43SDag-Erling Smørgrav PROXY="proxycommand ${sshd2} -qif ${OBJ}/sshd2_config 2> /dev/null" 85ce3adf43SDag-Erling Smørgrav ${SSH} -qF ${OBJ}/ssh_config_com -o "${PROXY}" dummy exit 0 86ce3adf43SDag-Erling Smørgrav if [ $? -ne 0 ]; then 87ce3adf43SDag-Erling Smørgrav fail "ssh connect to sshd2 ${v} failed" 88ce3adf43SDag-Erling Smørgrav fi 89ce3adf43SDag-Erling Smørgrav 90*4f52dfbbSDag-Erling Smørgrav ciphers="3des-cbc" 91ce3adf43SDag-Erling Smørgrav macs="hmac-md5" 92ce3adf43SDag-Erling Smørgrav case $v in 93ce3adf43SDag-Erling Smørgrav 2.4.*) 94ce3adf43SDag-Erling Smørgrav ciphers="$ciphers cast128-cbc" 95ce3adf43SDag-Erling Smørgrav macs="$macs hmac-sha1 hmac-sha1-96 hmac-md5-96" 96ce3adf43SDag-Erling Smørgrav ;; 97ce3adf43SDag-Erling Smørgrav 3.*) 98ce3adf43SDag-Erling Smørgrav ciphers="$ciphers aes128-cbc cast128-cbc" 99ce3adf43SDag-Erling Smørgrav macs="$macs hmac-sha1 hmac-sha1-96 hmac-md5-96" 100ce3adf43SDag-Erling Smørgrav ;; 101ce3adf43SDag-Erling Smørgrav esac 102ce3adf43SDag-Erling Smørgrav #ciphers="3des-cbc" 103ce3adf43SDag-Erling Smørgrav for m in $macs; do 104ce3adf43SDag-Erling Smørgrav for c in $ciphers; do 105ce3adf43SDag-Erling Smørgrav trace "sshd2 ${v} cipher $c mac $m" 106ce3adf43SDag-Erling Smørgrav verbose "test ${tid}: sshd2 ${v} cipher $c mac $m" 107ce3adf43SDag-Erling Smørgrav ${SSH} -c $c -m $m -qF ${OBJ}/ssh_config_com -o "${PROXY}" dummy exit 0 108ce3adf43SDag-Erling Smørgrav if [ $? -ne 0 ]; then 109ce3adf43SDag-Erling Smørgrav fail "ssh connect to sshd2 ${v} with $c/$m failed" 110ce3adf43SDag-Erling Smørgrav fi 111ce3adf43SDag-Erling Smørgrav done 112ce3adf43SDag-Erling Smørgrav done 113ce3adf43SDag-Erling Smørgravdone 114ce3adf43SDag-Erling Smørgrav 115ce3adf43SDag-Erling Smørgravrm -rf ${OBJ}/${USER} 116ce3adf43SDag-Erling Smørgravfor i in sshd_config_proxy ssh_config_proxy random_seed \ 117ce3adf43SDag-Erling Smørgrav sshd2_config dsa.pub dsa ssh_config_com; do 118ce3adf43SDag-Erling Smørgrav rm -f ${OBJ}/$i 119ce3adf43SDag-Erling Smørgravdone 120