spec: Use ed25519 key if libssh >= 0.7.0

Cyberwatch · Mar 3, 2018 · 52a030d · 52a030d
1 parent ff805c9
commit 52a030d
Show file tree

Hide file tree

Showing 6 changed files with 33 additions and 10 deletions.
diff --git a/spec/Dockerfile b/spec/Dockerfile
@@ -3,16 +3,14 @@ FROM alpine:3.7
 RUN apk add openssh --no-cache
 
 RUN adduser -D alice && (echo alice:alice | chpasswd)
-COPY id_ecdsa /home/alice/.ssh/id_ecdsa
-COPY id_ecdsa.pub /home/alice/.ssh/id_ecdsa.pub
-COPY id_ecdsa.pub /home/alice/.ssh/authorized_keys
-COPY ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key
-COPY ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub
+COPY id_ecdsa id_ecdsa.pub id_ed25519 id_ed25519.pub /home/alice/.ssh/
+RUN cat /home/alice/.ssh/id_ecdsa.pub /home/alice/.ssh/id_ed25519.pub > /home/alice/.ssh/authorized_keys
+COPY ssh_host_ecdsa_key ssh_host_ecdsa_key.pub ssh_host_ed25519_key ssh_host_ed25519_key.pub /etc/ssh/
 RUN chmod 600 /home/alice/.ssh/* \
   && chmod 700 /home/alice/.ssh \
   && chown -R alice:alice /home/alice \
-  && chmod 600 /etc/ssh/ssh_host_ecdsa_key \
-  && chmod 644 /etc/ssh/ssh_host_ecdsa_key.pub
+  && chmod 600 /etc/ssh/ssh_host_*_key \
+  && chmod 644 /etc/ssh/ssh_host_*_key.pub
 COPY sshd_config /etc/ssh/sshd_config
 
 EXPOSE 22

diff --git a/spec/id_ed25519 b/spec/id_ed25519
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACD7iPq6W3q3zZFc+hn+EIlCmM93q3y2eQeFsQYHuCPQMQAAAJi+YzXpvmM1
+6QAAAAtzc2gtZWQyNTUxOQAAACD7iPq6W3q3zZFc+hn+EIlCmM93q3y2eQeFsQYHuCPQMQ
+AAAEAiuHIIGEEyN42RjNR8NtZ+y7u4I2i6sMgtM/jrHQGWA/uI+rpberfNkVz6Gf4QiUKY
+z3erfLZ5B4WxBge4I9AxAAAAEmVhZ2xldG10QHJlaW5mb3JjZQECAw==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/spec/id_ed25519.pub b/spec/id_ed25519.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPuI+rpberfNkVz6Gf4QiUKYz3erfLZ5B4WxBge4I9Ax eagletmt@reinforce
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -32,7 +32,7 @@ def stop
 
     def wait_for_ready
       10.times do
-        if system('docker', 'run', "--link=#{@container_id}:sshd", IMAGE_NAME, 'ssh', '-i', '/home/alice/.ssh/id_ecdsa', '-oStrictHostKeyChecking=no', 'alice@sshd', 'exit', '0', err: File::NULL)
+        if system('docker', 'run', "--link=#{@container_id}:sshd", IMAGE_NAME, 'ssh', '-i', '/home/alice/.ssh/id_ed25519', '-oStrictHostKeyChecking=no', 'alice@sshd', 'exit', '0', err: File::NULL)
           return
         end
       end
@@ -55,8 +55,17 @@ def password
       'alice'
     end
 
+    def default_key_type
+      @default_key_type ||=
+        if Gem::Version.new(LibSSH.version.split('/').first) >= Gem::Version.new('0.7.0')
+          'ed25519'
+        else
+          'ecdsa'
+        end
+    end
+
     def identity_path
-      File.join(__dir__, 'id_ecdsa')
+      File.join(__dir__, "id_#{default_key_type}")
     end
 
     def empty_known_hosts
@@ -79,7 +88,7 @@ def prepare_known_hosts
       FileUtils.rm_f(absent_known_hosts)
       File.open(empty_known_hosts, 'w') {}
 
-      key = File.read(File.join(__dir__, 'ssh_host_ecdsa_key.pub')).slice(/\Aecdsa-sha2-nistp256 \S+/, 0)
+      key = File.read(File.join(__dir__, "ssh_host_#{default_key_type}_key.pub")).slice(/\A[^ ]+ \S+/, 0)
       File.open(valid_known_hosts, 'w') do |f|
         f.puts("[#{host}]:#{DockerHelper.port} #{key}")
       end

diff --git a/spec/ssh_host_ed25519_key b/spec/ssh_host_ed25519_key
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACBVlTLs75G5YS1p2SkAsLg1ig7q1aJdKltGebPgF5YmmQAAAJjPyuYFz8rm
+BQAAAAtzc2gtZWQyNTUxOQAAACBVlTLs75G5YS1p2SkAsLg1ig7q1aJdKltGebPgF5YmmQ
+AAAEChu81nh6WejgEcKd+oO0Hxg9NMyboexqNlTE05xWBQ51WVMuzvkblhLWnZKQCwuDWK
+DurVol0qW0Z5s+AXliaZAAAAEXJvb3RAMzAzNjJiZTVmMDZjAQIDBA==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/spec/ssh_host_ed25519_key.pub b/spec/ssh_host_ed25519_key.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFWVMuzvkblhLWnZKQCwuDWKDurVol0qW0Z5s+AXliaZ root@30362be5f06c
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPuI+rpberfNkVz6Gf4QiUKYz3erfLZ5B4WxBge4I9Ax eagletmt@reinforce
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFWVMuzvkblhLWnZKQCwuDWKDurVol0qW0Z5s+AXliaZ root@30362be5f06c