-# $OpenBSD: agent.sh,v 1.16 2019/11/26 23:43:10 djm Exp $
+# $OpenBSD: agent.sh,v 1.17 2019/12/21 02:33:07 djm Exp $
# Placed in the Public Domain.
tid="simple agent test"
fatal "could not start ssh-agent: exit code $r"
fi
+eval `${SSHAGENT} ${EXTRA_AGENT_ARGS} -s | sed 's/SSH_/FW_SSH_/g'` > /dev/null
+r=$?
+if [ $r -ne 0 ]; then
+ fatal "could not start second ssh-agent: exit code $r"
+fi
+
${SSHADD} -l > /dev/null 2>&1
if [ $? -ne 1 ]; then
fail "ssh-add -l did not fail with exit code 1"
# add to authorized keys
cat $OBJ/$t-agent.pub >> $OBJ/authorized_keys_$USER
- # add privat key to agent
+ # add private key to agent
${SSHADD} $OBJ/$t-agent #> /dev/null 2>&1
if [ $? -ne 0 ]; then
fail "ssh-add failed exit code $?"
fi
+ # add private key to second agent
+ SSH_AUTH_SOCK=$FW_SSH_AUTH_SOCK ${SSHADD} $OBJ/$t-agent #> /dev/null 2>&1
+ if [ $? -ne 0 ]; then
+ fail "ssh-add failed exit code $?"
+ fi
# Remove private key to ensure that we aren't accidentally using it.
rm -f $OBJ/$t-agent
done
if [ $r -ne 0 ]; then
fail "ssh-add -l via agent fwd failed (exit code $r)"
fi
+${SSH} "-oForwardAgent=$SSH_AUTH_SOCK" -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1
+r=$?
+if [ $r -ne 0 ]; then
+ fail "ssh-add -l via agent path fwd failed (exit code $r)"
+fi
${SSH} -A -F $OBJ/ssh_proxy somehost \
"${SSH} -F $OBJ/ssh_proxy somehost exit 52"
r=$?
fail "agent fwd failed (exit code $r)"
fi
+trace "agent forwarding different agent"
+${SSH} "-oForwardAgent=$FW_SSH_AUTH_SOCK" -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1
+r=$?
+if [ $r -ne 0 ]; then
+ fail "ssh-add -l via agent path fwd of different agent failed (exit code $r)"
+fi
+${SSH} '-oForwardAgent=$FW_SSH_AUTH_SOCK' -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1
+r=$?
+if [ $r -ne 0 ]; then
+ fail "ssh-add -l via agent path env fwd of different agent failed (exit code $r)"
+fi
+
+# Remove keys from forwarded agent, ssh-add on remote machine should now fail.
+SSH_AUTH_SOCK=$FW_SSH_AUTH_SOCK ${SSHADD} -D > /dev/null 2>&1
+r=$?
+if [ $r -ne 0 ]; then
+ fail "ssh-add -D failed: exit code $r"
+fi
+${SSH} '-oForwardAgent=$FW_SSH_AUTH_SOCK' -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1
+r=$?
+if [ $r -ne 1 ]; then
+ fail "ssh-add -l with different agent did not fail with exit code 1 (exit code $r)"
+fi
+
(printf 'cert-authority,principals="estragon" '; cat $OBJ/user_ca_key.pub) \
> $OBJ/authorized_keys_$USER
for t in ${SSH_KEYTYPES}; do
trace "kill agent"
${SSHAGENT} -k > /dev/null
+SSH_AGENT_PID=$FW_SSH_AGENT_PID ${SSHAGENT} -k > /dev/null
-# $OpenBSD: sshcfgparse.sh,v 1.5 2019/07/23 13:32:48 dtucker Exp $
+# $OpenBSD: sshcfgparse.sh,v 1.6 2019/12/21 02:33:07 djm Exp $
# Placed in the Public Domain.
tid="ssh config parse"
expect_result_absent "$f" "ssh-dss-cert-v01.*"
fi
+verbose "agentforwarding"
+f=`${SSH} -GF none host | awk '/^forwardagent /{print$2}'`
+expect_result_present "$f" "no"
+f=`${SSH} -GF none -oforwardagent=no host | awk '/^forwardagent /{print$2}'`
+expect_result_present "$f" "no"
+f=`${SSH} -GF none -oforwardagent=yes host | awk '/^forwardagent /{print$2}'`
+expect_result_present "$f" "yes"
+f=`${SSH} -GF none '-oforwardagent=SSH_AUTH_SOCK.forward' host | awk '/^forwardagent /{print$2}'`
+expect_result_present "$f" "SSH_AUTH_SOCK.forward"
+
# cleanup
rm -f $OBJ/ssh_config.[012]
projects / thirdparty / openssh-portable.git / commitdiff
