From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 29 Feb 2024 10:43:57 +0000 (+0100)
Subject: test: use ECDSA keys for ssh-related tests
X-Git-Tag: v256-rc1~697^2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=905c9d2c929a1a1b7137b066b1880b7b94b05be0;p=thirdparty%2Fsystemd.git

test: use ECDSA keys for ssh-related tests

This should make the test faster, especially on machines without
acceleration.
---

diff --git a/test/units/testsuite-46.sh b/test/units/testsuite-46.sh
index 6102a430a90..7952ea2202c 100755
--- a/test/units/testsuite-46.sh
+++ b/test/units/testsuite-46.sh
@@ -451,7 +451,7 @@ if command -v ssh &>/dev/null && command -v sshd &>/dev/null && ! [[ -v ASAN_OPT
         set +e
 
         systemctl is-active -q mysshserver.socket && systemctl stop mysshserver.socket
-        rm -f /tmp/homed.id_rsa /run/systemd/system/mysshserver{@.service,.socket}
+        rm -f /tmp/homed.id_ecdsa /run/systemd/system/mysshserver{@.service,.socket}
         systemctl daemon-reload
         homectl remove homedsshtest
         mv /etc/pam.d/sshd.bak /etc/pam.d/sshd
@@ -460,20 +460,20 @@ if command -v ssh &>/dev/null && command -v sshd &>/dev/null && ! [[ -v ASAN_OPT
     trap at_exit EXIT
 
     # Test that SSH logins work with delayed unlocking
-    ssh-keygen -N '' -C '' -t rsa -f /tmp/homed.id_rsa
+    ssh-keygen -N '' -C '' -t ecdsa -f /tmp/homed.id_ecdsa
     NEWPASSWORD=hunter4711 homectl create \
                        --disk-size=min \
                        --luks-discard=yes \
                        --luks-pbkdf-type=pbkdf2 \
                        --luks-pbkdf-time-cost=1ms \
                        --enforce-password-policy=no \
-                       --ssh-authorized-keys=@/tmp/homed.id_rsa.pub \
+                       --ssh-authorized-keys=@/tmp/homed.id_ecdsa.pub \
                        --stop-delay=0 \
                        homedsshtest
     homectl inspect homedsshtest
 
     mkdir -p /etc/ssh
-    test -f /etc/ssh/ssh_host_rsa_key || ssh-keygen -t rsa -C '' -N '' -f /etc/ssh/ssh_host_rsa_key
+    test -f /etc/ssh/ssh_host_ecdsa_key || ssh-keygen -t ecdsa -C '' -N '' -f /etc/ssh/ssh_host_ecdsa_key
 
     # ssh wants this dir around, but distros cannot agree on a common name for it, let's just create all that are aware of distros use
     mkdir -p /usr/share/empty.sshd /var/empty /var/empty/sshd
@@ -519,14 +519,14 @@ EOF
 
     userdbctl user -j homedsshtest
 
-    ssh -t -t -4 -p 4711 -i /tmp/homed.id_rsa \
+    ssh -t -t -4 -p 4711 -i /tmp/homed.id_ecdsa \
         -o "SetEnv PASSWORD=hunter4711" -o "StrictHostKeyChecking no" \
         homedsshtest@localhost echo zzz | tail -n 1 | tr -d '\r' > /tmp/homedsshtest.out
     cat /tmp/homedsshtest.out
     test "$(cat /tmp/homedsshtest.out)" = "zzz"
     rm /tmp/homedsshtest.out
 
-    ssh -t -t -4 -p 4711 -i /tmp/homed.id_rsa \
+    ssh -t -t -4 -p 4711 -i /tmp/homed.id_ecdsa \
         -o "SetEnv PASSWORD=hunter4711" -o "StrictHostKeyChecking no" \
         homedsshtest@localhost env