-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
71 lines (62 loc) · 2.52 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
SSH-Test by Tim Chen <[email protected]> Date: Wed May 11 02:39:31 CST 2011
-------------------------------------------------------------------------------
Tools to test for the following the SSH authentications.
public key authentication
host-based authentication
password authentication
-------------------------------------------------------------------------------
usage: ssh-test.py [-h] -a {0,1,2} -u USER -o HOST
SSH authentication test.
optional arguments:
-h, --help show this help message and exit
-a {0,1,2} the authentication type, 0: public key, 1: password, 2: host-
based.
-u USER the user for public key and password authentication.
-o HOST the host to perform the SSH test, for host-based authenticaion,
the host name must be in FQDN. default: localhost.localdomain
-------------------------------------------------------------------------------
Manual test cases:
public key authentication:
Run ssh command to do the test
Require:
1)ssh
2)add user public key to authorized_keys
Steps to test:
1) run ssh command:
ssh -o StrictHostKeyChecking=no -o PreferredAuthentications=publickey \
USER@HOST /bin/sh -c exit
2) check the return code: echo $?
Expected result:
Test ok on return code = 0, otherwise test failed.
host-based authentication:
Run ssh command to do the test
Require:
1)ssh
2)turn on HostbasedAuthentication in server side sshd_config
3)add host public key to ssh_known_hosts
Steps to test:
1) run ssh command:
ssh -o StrictHostKeyChecking=no -o PreferredAuthentications=hostbased \
HOST /bin/sh -c exit
2) check the return code: echo $?
Expected result:
Test ok on return code = 0, otherwise test failed.
password authentication:
Use sshpass tool to do the test
Require:
1)sshpass
2)ssh
3)add user password to PASSWORDFILE.
Steps to test:
1) run sshpass command:
sshpass -f PASSWORDFILE ssh -o StrictHostKeyChecking=no \
-o PreferredAuthentications=password USER@HOST /bin/sh -c exit
2) check the return code: echo $?
Expected result:
Test ok on return code = 0, otherwise test failed.
-------------------------------------------------------------------------------
Authentication verified on the server side
Check file /var/log/auth.log
May 13 14:39:09 xxx sshd[4246]: Accepted publickey for tim from ::1 port 50973 ssh2
May 13 15:12:51 xxx sshd[4894]: Accepted password for tim from 127.0.0.1 port 36879 ssh2
May 13 15:12:54 xxx sshd[4973]: Accepted hostbased for tim from 127.0.0.1 port 42451 ssh2