summaryrefslogtreecommitdiff
path: root/regress/principals-command.sh
diff options
context:
space:
mode:
Diffstat (limited to 'regress/principals-command.sh')
-rw-r--r--regress/principals-command.sh11
1 files changed, 8 insertions, 3 deletions
diff --git a/regress/principals-command.sh b/regress/principals-command.sh
index 197c00021..7d380325b 100644
--- a/regress/principals-command.sh
+++ b/regress/principals-command.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: principals-command.sh,v 1.6 2018/11/22 08:48:32 dtucker Exp $ 1# $OpenBSD: principals-command.sh,v 1.7 2019/09/06 04:24:06 dtucker Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="authorized principals command" 4tid="authorized principals command"
@@ -12,12 +12,17 @@ if [ -z "$SUDO" -a ! -w /var/run ]; then
12 exit 0 12 exit 0
13fi 13fi
14 14
15case "`${SSH} -Q key-plain`" in
16 *ssh-rsa*) userkeytype=rsa ;;
17 *) userkeytype=ed25519 ;;
18esac
19
15SERIAL=$$ 20SERIAL=$$
16 21
17# Create a CA key and a user certificate. 22# Create a CA key and a user certificate.
18${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key || \ 23${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key || \
19 fatal "ssh-keygen of user_ca_key failed" 24 fatal "ssh-keygen of user_ca_key failed"
20${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/cert_user_key || \ 25${SSHKEYGEN} -q -N '' -t ${userkeytype} -f $OBJ/cert_user_key || \
21 fatal "ssh-keygen of cert_user_key failed" 26 fatal "ssh-keygen of cert_user_key failed"
22${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "Joanne User" \ 27${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "Joanne User" \
23 -z $$ -n ${USER},mekmitasdigoat $OBJ/cert_user_key || \ 28 -z $$ -n ${USER},mekmitasdigoat $OBJ/cert_user_key || \
@@ -35,7 +40,7 @@ trap "$SUDO rm -f ${PRINCIPALS_COMMAND}" 0
35cat << _EOF | $SUDO sh -c "cat > '$PRINCIPALS_COMMAND'" 40cat << _EOF | $SUDO sh -c "cat > '$PRINCIPALS_COMMAND'"
36#!/bin/sh 41#!/bin/sh
37test "x\$1" != "x${LOGNAME}" && exit 1 42test "x\$1" != "x${LOGNAME}" && exit 1
38test "x\$2" != "xssh-rsa-cert-v01@openssh.com" && exit 1 43test "x\$2" != "xssh-${userkeytype}-cert-v01@openssh.com" && exit 1
39test "x\$3" != "xssh-ed25519" && exit 1 44test "x\$3" != "xssh-ed25519" && exit 1
40test "x\$4" != "xJoanne User" && exit 1 45test "x\$4" != "xJoanne User" && exit 1
41test "x\$5" != "x${SERIAL}" && exit 1 46test "x\$5" != "x${SERIAL}" && exit 1