From 7c7b8855f9522a0d762cd006919c1c545dad847a Mon Sep 17 00:00:00 2001 From: Rob Hague Date: Sat, 23 Sep 2023 15:07:13 +0200 Subject: [PATCH] Enable DSA tests --- README.md | 2 ++ .../HostKeyAlgorithmTests.cs | 7 ++----- .../HostKeyFile.cs | 2 +- .../PrivateKeyAuthenticationTests.cs | 5 +---- .../server/ssh/ssh_host_dsa_key | 20 +++++++++++++++++++ .../user/sshnet/authorized_keys | 1 + .../HostKeyAlgorithm.cs | 2 +- 7 files changed, 28 insertions(+), 11 deletions(-) create mode 100644 src/Renci.SshNet.IntegrationTests/server/ssh/ssh_host_dsa_key diff --git a/README.md b/README.md index 86d0e309b..9ab4978f2 100644 --- a/README.md +++ b/README.md @@ -97,6 +97,8 @@ Private keys can be encrypted using one of the following cipher methods: * ecdsa-sha2-nistp256 * ecdsa-sha2-nistp384 * ecdsa-sha2-nistp521 +* rsa-sha2-512 +* rsa-sha2-256 * ssh-rsa * ssh-dss diff --git a/src/Renci.SshNet.IntegrationTests/HostKeyAlgorithmTests.cs b/src/Renci.SshNet.IntegrationTests/HostKeyAlgorithmTests.cs index 7f177a6f4..d827fb47c 100644 --- a/src/Renci.SshNet.IntegrationTests/HostKeyAlgorithmTests.cs +++ b/src/Renci.SshNet.IntegrationTests/HostKeyAlgorithmTests.cs @@ -24,12 +24,9 @@ public void TearDown() } [TestMethod] - [Ignore] // No longer supported in recent versions of OpenSSH - // TODO: We should be able to enable some legacy settings to make it work - // https://www.openssh.com/legacy.html e.g. PubkeyAcceptedKeyTypes / HostbasedAcceptedKeyTypes ? - public void SshDsa() + public void SshDss() { - DoTest(HostKeyAlgorithm.SshDsa, HostKeyFile.Dsa, 1024); + DoTest(HostKeyAlgorithm.SshDss, HostKeyFile.Dsa, 2048); } [TestMethod] diff --git a/src/Renci.SshNet.IntegrationTests/HostKeyFile.cs b/src/Renci.SshNet.IntegrationTests/HostKeyFile.cs index 01cf957f5..66d09fd29 100644 --- a/src/Renci.SshNet.IntegrationTests/HostKeyFile.cs +++ b/src/Renci.SshNet.IntegrationTests/HostKeyFile.cs @@ -3,7 +3,7 @@ public sealed class HostKeyFile { public static readonly HostKeyFile Rsa = new HostKeyFile("ssh-rsa", "/etc/ssh/ssh_host_rsa_key", new byte[] { 0x3d, 0x90, 0xd8, 0x0d, 0xd5, 0xe0, 0xb6, 0x13, 0x42, 0x7c, 0x78, 0x1e, 0x19, 0xa3, 0x99, 0x2b }); - public static readonly HostKeyFile Dsa = new HostKeyFile("ssh-dsa", "/etc/ssh/ssh_host_dsa_key", new byte[] { 0x3d, 0x90, 0xd8, 0x0d, 0xd5, 0xe0, 0xb6, 0x13, 0x42, 0x7c, 0x78, 0x1e, 0x19, 0xa3, 0x99, 0x2b }); + public static readonly HostKeyFile Dsa = new HostKeyFile("ssh-dsa", "/etc/ssh/ssh_host_dsa_key", new byte[] { 0x50, 0xe0, 0xd5, 0x11, 0xf7, 0xed, 0x54, 0x75, 0x0d, 0x03, 0xc6, 0x52, 0x9b, 0x3b, 0x3c, 0x9f }); public static readonly HostKeyFile Ed25519 = new HostKeyFile("ssh-ed25519", "/etc/ssh/ssh_host_ed25519_key", new byte[] { 0xb3, 0xb9, 0xd0, 0x1b, 0x73, 0xc4, 0x60, 0xb4, 0xce, 0xed, 0x06, 0xf8, 0x58, 0x49, 0xa3, 0xda }); public const string Ecdsa = "/etc/ssh/ssh_host_ecdsa_key"; diff --git a/src/Renci.SshNet.IntegrationTests/PrivateKeyAuthenticationTests.cs b/src/Renci.SshNet.IntegrationTests/PrivateKeyAuthenticationTests.cs index 308f2ab3f..950079370 100644 --- a/src/Renci.SshNet.IntegrationTests/PrivateKeyAuthenticationTests.cs +++ b/src/Renci.SshNet.IntegrationTests/PrivateKeyAuthenticationTests.cs @@ -23,10 +23,7 @@ public void TearDown() } [TestMethod] - [Ignore] // No longer supported in recent versions of OpenSSH - // TODO: We should be able to enable some legacy settings to make it work - // https://www.openssh.com/legacy.html e.g. PubkeyAcceptedKeyTypes / HostbasedAcceptedKeyTypes ? - public void SshDsa() + public void SshDss() { DoTest(PublicKeyAlgorithm.SshDss, "id_dsa"); } diff --git a/src/Renci.SshNet.IntegrationTests/server/ssh/ssh_host_dsa_key b/src/Renci.SshNet.IntegrationTests/server/ssh/ssh_host_dsa_key new file mode 100644 index 000000000..eedaafb05 --- /dev/null +++ b/src/Renci.SshNet.IntegrationTests/server/ssh/ssh_host_dsa_key @@ -0,0 +1,20 @@ +-----BEGIN DSA PRIVATE KEY----- +MIIDPgIBAAKCAQEAuXza5HoqeOTKgTBY0iTglJGVLmmGvp9mWbrx20Xj8V1ouy8u +0ceju7/4AR6m9BzYWm2sAMAwvQcDeUi6pD4C4oIRzQSOg/nuUJO6RkneLQjMYEzD +61FokmxcUzHXQiKtqRRGL97naxj5fFIOppQXfllRASuvHeiG+I6EiFJL4zL7Uwen +CshEkpZsLZ2Xj8nfaD8yPmviDT/QWRUsZgw8lte7MonYVdKd0yeRQwS3vgJwusZv +fFHP4X7aXSwDJTlTGagxFV7jCktwtSc6QFoLWv5LZ2OAJxmgBM1HJQKOnP8dvn56 +EZub3DQrx3IpAgtsxa/8bxt/xFbbfp4sDHwLLQIVAKTEaiNtqneHljGoEGhUWJrs ++kdpAoIBAQCdBG7aHBIV83/icpkELAZ87I/0XDA9pVG+Sgs/OFgUd24tXi9S+dwp +LsVMVaBnN9TaEwZYR6z7Zg12r2j2q8BDTrRwwYHYJvwjHtsZVqaHi35fgBT2RO4T +SqRKYjrjb4mtPodUEo7CzK5+rLpvLM1SiiHfeqmUJqbkDwxQ9xXkCjRP50huJ+tA +ccgQIUyOYioz9omszJGANZlF5ZabzbAiTcXews2p97OeFWNTGTbXebV3FPSV+KBO +c0A5jxzQhEo3Kk58GXuog8t3OksNISdZPIJxHn+th644ZOj0L1v6PrUbXshPL1hp +VNlbn9fO4/HbQzL4NThmgzaZkT2FqxPxAoIBADuwcLTKtLX2cy9cqFiraeEaBXT3 +lQiPTFSLQKVm/k+iumXuOy5Fh3Akzu35MpNLK2gsdoWN9ZRQ8eWODdcnFXSJrnqX +cMWV6ONQ+nZ9YHrRp47KHKWKe+2c0T++S8QZAimb3KCjSOyEwn+i4aAGIvoaYIoH ++tRKmeL+7z1Ff/zJEB1FYVDmcqxhUKd74En6O17EmUHPfiQvwwTYvP5NvlLB23Hz +9ZO4nwrUSUIyVsWYT01s0JThkjI06N0dqKS1we94Ht1mT7iNJ5x5DhVR6qSNOgQH +FMKxKdXHdSFopwwHUrzm3BpKzKW3NuQHazcdZEl1vHb6LpfTv6O6bZIANyACFGBZ +9othW6gmt8t4cI6IyoaLCtLp +-----END DSA PRIVATE KEY----- diff --git a/src/Renci.SshNet.IntegrationTests/user/sshnet/authorized_keys b/src/Renci.SshNet.IntegrationTests/user/sshnet/authorized_keys index 8f0372d84..d91b4786c 100644 --- a/src/Renci.SshNet.IntegrationTests/user/sshnet/authorized_keys +++ b/src/Renci.SshNet.IntegrationTests/user/sshnet/authorized_keys @@ -3,3 +3,4 @@ ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPzzrPpI ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBLSsu/HNKiaALhQ26UDv+N0AFdMb26fMVrOKe866CGu6ajSf9HUOhJFdjhseihB2rTalMPr8MrcXNLufii4mL8u4l9fUQXFgwnM/ZpiVPSs6C+8i4u/ZDg7Nx2NXybNIgQ== ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACB4WgRgGBRo6Uk+cRgg8tJPCbEtGURRWlUA7PDDerXR+P9O6mm3L99Etxsyh5XNYqXyaMNtH5c51ooMajrFwcayAHIhPPb8X3CsTwEfIUQ96aDyHQMotbRfnkn6uefeUTRrSNcqeAndUtVyAqBdqbsq2mgJYXHrz2NUKlPFYgauQi+WQ== ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAkNGPVOTuzuKTgGfHcve2MRj57yXhmZgkUyi9RpmJrl +ssh-dss AAAAB3NzaC1kc3MAAACBALVl3fae2O4qwsAK95SUShX0KMUNP+yl/uT3lGH9T/ZptnHSlrTxnTWXCl0g91KEeCaEnDDhLxm4aCv1Ag4B/yvcM4u34qkmaNLy2LiAxiqdobZcNG61Pqwqd5IDkp38LBsn8tmb12xu9NalpUfOiSEB1cyCr4zFZMrm0wtdyJQVAAAAFQCu+iNkqf/YOAYjYrHSCHFmWAfEYQAAAIAOVJ434UAR3Hn6lA5nWNfFOuUVH3W7nJaP0FQJiIPx7GUbdxO9qtDNTbWkWL3c9qx5+B7Ole4xM7cvyXPrNQUYDHCFlS+Ue2x3IeJrkdfZkH9ePP25y5A0J4/c+8XXvQaj4zA5nfw13oy5Ptyd7d3Kq5tEDM8KiVdIhwkXjUA3PQAAAIEAm8IGZQatS7M6AfNITNWG4TI7Z2aRQjLb9/MWJIID7c/VQ4zdTZdG3kpk0Gj9n4xreopK5NmYAdj8rtFfPBgmXltsLqt+bBcXkpxW//7WC29WOXW3t90ySTh+cWuWfr9fV7mf4Ql/6u/ZIgpQNvnNYezazt3fK8EXjI1dAXEuQxE= diff --git a/src/Renci.SshNet.TestTools.OpenSSH/HostKeyAlgorithm.cs b/src/Renci.SshNet.TestTools.OpenSSH/HostKeyAlgorithm.cs index 0c79f7792..65807f462 100644 --- a/src/Renci.SshNet.TestTools.OpenSSH/HostKeyAlgorithm.cs +++ b/src/Renci.SshNet.TestTools.OpenSSH/HostKeyAlgorithm.cs @@ -16,7 +16,7 @@ public class HostKeyAlgorithm public static readonly HostKeyAlgorithm RsaSha2512 = new HostKeyAlgorithm("rsa-sha2-512"); public static readonly HostKeyAlgorithm RsaSha2256 = new HostKeyAlgorithm("rsa-sha2-256"); public static readonly HostKeyAlgorithm SshRsa = new HostKeyAlgorithm("ssh-rsa"); - public static readonly HostKeyAlgorithm SshDsa = new HostKeyAlgorithm("ssh-dsa"); + public static readonly HostKeyAlgorithm SshDss = new HostKeyAlgorithm("ssh-dss"); public HostKeyAlgorithm(string name) {