tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-31 01:35:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

upstream: penalty test is still a bit racy

Browse Source 
OpenBSD-Regress-ID: 90c9ac224db454637baf1ebee5857e007321e824
This commit is contained in:
djm@openbsd.org 2024-06-16 08:18:06 +00:00 committed by Damien Miller
parent 8d0f7eb147
commit 45562a95ea
No known key found for this signature in database
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
regress/penalty.sh
View File

@ -25,14 +25,17 @@ verbose "penalty for authentication failure"
cat /dev/null > $OBJ/authorized_keys_${USER}
${SSH} -F $OBJ/ssh_config somehost true && fatal "noauth connect succeeded"
cp $OBJ/authorized_keys_${USER}.bak $OBJ/authorized_keys_${USER}
sleep 2
# Should be below penalty threshold
${SSH} -F $OBJ/ssh_config somehost true || fatal "authfail not expired"
sleep 2
# Fail authentication again; penalty should activate
cat /dev/null > $OBJ/authorized_keys_${USER}
${SSH} -F $OBJ/ssh_config somehost true && fatal "noauth connect succeeded"
cp $OBJ/authorized_keys_${USER}.bak $OBJ/authorized_keys_${USER}
sleep 2
# These should be refused by the active penalty
${SSH} -F $OBJ/ssh_config somehost true && fail "authfail not rejected"
@ -42,6 +45,7 @@ conf "noauth:100s"
${SSH} -F $OBJ/ssh_config somehost true || fatal "basic connect failed"
verbose "penalty for no authentication"
${SSHKEYSCAN} -t ssh-ed25519 -p $PORT 127.0.0.1 >/dev/null || fatal "keyscan failed"
sleep 2
# Repeat attempt should be penalised
${SSHKEYSCAN} -t ssh-ed25519 -p $PORT 127.0.0.1 >/dev/null 2>&1 && fail "keyscan not rejected"