tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

remove DSA from pester tests

This commit is contained in:
Tess Gauthier 2024-09-16 11:37:57 -04:00
parent 10d03163e9
commit f168dca436
2 changed files with 45 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
contrib/win32/openssh/config.h.vs
View File

@ -1767,4 +1767,3 @@
#define HAVE_EVP_PKEY_GET0_RSA 1 #define HAVE_EVP_PKEY_GET0_RSA 1
#define HAVE_EVP_MD_CTX_NEW 1 #define HAVE_EVP_MD_CTX_NEW 1
#define HAVE_EVP_MD_CTX_FREE 1 #define HAVE_EVP_MD_CTX_FREE 1
#define WITH_DSA 1

90
regress/pesterTests/KeyUtils.Tests.ps1
View File

@ -10,7 +10,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
{ {
Throw "`$OpenSSHTestInfo is null. Please run Set-OpenSSHTestEnvironment to set test environments." Throw "`$OpenSSHTestInfo is null. Please run Set-OpenSSHTestEnvironment to set test environments."
} }
$testDir = "$($OpenSSHTestInfo["TestDataPath"])\$suite" $testDir = "$($OpenSSHTestInfo["TestDataPath"])\$suite"
if( -not (Test-path $testDir -PathType Container)) if( -not (Test-path $testDir -PathType Container))
{ {
@ -21,24 +21,24 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$NoLibreSSL = $OpenSSHTestInfo["NoLibreSSL"] $NoLibreSSL = $OpenSSHTestInfo["NoLibreSSL"]
if($NoLibreSSL) if($NoLibreSSL)
{ {
$keytypes = @("ed25519") $keytypes = @("ed25519")
} }
else else
{ {
$keytypes = @("rsa","dsa","ecdsa","ed25519") $keytypes = @("rsa","ecdsa","ed25519")
} }
$ssouser = $OpenSSHTestInfo["SSOUser"] $ssouser = $OpenSSHTestInfo["SSOUser"]
$systemSid = Get-UserSID -WellKnownSidType ([System.Security.Principal.WellKnownSidType]::LocalSystemSid) $systemSid = Get-UserSID -WellKnownSidType ([System.Security.Principal.WellKnownSidType]::LocalSystemSid)
$adminsSid = Get-UserSID -WellKnownSidType ([System.Security.Principal.WellKnownSidType]::BuiltinAdministratorsSid) $adminsSid = Get-UserSID -WellKnownSidType ([System.Security.Principal.WellKnownSidType]::BuiltinAdministratorsSid)
$currentUserSid = Get-UserSID -User "$($env:USERDOMAIN)\$($env:USERNAME)" $currentUserSid = Get-UserSID -User "$($env:USERDOMAIN)\$($env:USERNAME)"
$objUserSid = Get-UserSID -User $ssouser $objUserSid = Get-UserSID -User $ssouser
$everyoneSid = Get-UserSID -WellKnownSidType ([System.Security.Principal.WellKnownSidType]::WorldSid) $everyoneSid = Get-UserSID -WellKnownSidType ([System.Security.Principal.WellKnownSidType]::WorldSid)
function ValidateRegistryACL { function ValidateRegistryACL {
param([string]$UserSid = $currentUserSid, $count) param([string]$UserSid = $currentUserSid, $count)
$agentPath = "Registry::HKEY_Users\$UserSid\Software\OpenSSH\Agent" $agentPath = "Registry::HKEY_Users\$UserSid\Software\OpenSSH\Agent"
$myACL = Get-ACL $agentPath $myACL = Get-ACL $agentPath
$OwnerSid = Get-UserSid -User $myACL.Owner $OwnerSid = Get-UserSid -User $myACL.Owner
$OwnerSid.Equals($adminsSid) | Should Be $true $OwnerSid.Equals($adminsSid) | Should Be $true
@ -48,8 +48,8 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
foreach ($a in $myACL.Access) { foreach ($a in $myACL.Access) {
$id = Get-UserSid -User $a.IdentityReference $id = Get-UserSid -User $a.IdentityReference
$identities -contains $id | Should Be $true $identities -contains $id | Should Be $true
([System.UInt32]$a.RegistryRights.value__) | Should Be $FullControlPerm ([System.UInt32]$a.RegistryRights.value__) | Should Be $FullControlPerm
$a.AccessControlType | Should Be ([System.Security.AccessControl.AccessControlType]::Allow) $a.AccessControlType | Should Be ([System.Security.AccessControl.AccessControlType]::Allow)
$a.IsInherited | Should Be $false $a.IsInherited | Should Be $false
$a.InheritanceFlags | Should Be ([System.Security.AccessControl.InheritanceFlags]::None) $a.InheritanceFlags | Should Be ([System.Security.AccessControl.InheritanceFlags]::None)
@ -60,7 +60,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$entries.Count | Should Be $count $entries.Count | Should Be $count
if($count -gt 0) if($count -gt 0)
{ {
Test-Path $agentPath\keys | Should be $true Test-Path $agentPath\keys | Should be $true
$entries | % { $entries | % {
$keyentryAcl = Get-Acl $_.pspath $keyentryAcl = Get-Acl $_.pspath
$OwnerSid = Get-UserSid -User $keyentryAcl.Owner $OwnerSid = Get-UserSid -User $keyentryAcl.Owner
@ -68,19 +68,19 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$keyentryAcl.Access | Should Not Be $ $keyentryAcl.Access | Should Not Be $
foreach ($a in $keyentryAcl.Access) { foreach ($a in $keyentryAcl.Access) {
$id = Get-UserSid -User $a.IdentityReference $id = Get-UserSid -User $a.IdentityReference
$identities -contains $id | Should Be $true $identities -contains $id | Should Be $true
([System.UInt32]$a.RegistryRights.value__) | Should Be $FullControlPerm ([System.UInt32]$a.RegistryRights.value__) | Should Be $FullControlPerm
$a.AccessControlType | Should Be ([System.Security.AccessControl.AccessControlType]::Allow) $a.AccessControlType | Should Be ([System.Security.AccessControl.AccessControlType]::Allow)
$a.IsInherited | Should Be $false $a.IsInherited | Should Be $false
$a.InheritanceFlags | Should Be ([System.Security.AccessControl.InheritanceFlags]::None) $a.InheritanceFlags | Should Be ([System.Security.AccessControl.InheritanceFlags]::None)
$a.PropagationFlags | Should Be ([System.Security.AccessControl.PropagationFlags]::None) $a.PropagationFlags | Should Be ([System.Security.AccessControl.PropagationFlags]::None)
} }
} }
} }
else else
{ {
Test-Path $agentPath\keys | Should be $false Test-Path $agentPath\keys | Should be $false
} }
} }
#only validate owner and ACEs of the file #only validate owner and ACEs of the file
@ -94,7 +94,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$currentOwnerSid = Get-UserSid -User $myACL.Owner $currentOwnerSid = Get-UserSid -User $myACL.Owner
$currentOwnerSid.Equals($currentUserSid) | Should Be $true $currentOwnerSid.Equals($currentUserSid) | Should Be $true
$myACL.Access | Should Not Be $null $myACL.Access | Should Not Be $null
$ReadAccessPerm = ([System.UInt32] [System.Security.AccessControl.FileSystemRights]::Read.value__) -bor ` $ReadAccessPerm = ([System.UInt32] [System.Security.AccessControl.FileSystemRights]::Read.value__) -bor `
([System.UInt32] [System.Security.AccessControl.FileSystemRights]::ReadAndExecute.value__) -bor ` ([System.UInt32] [System.Security.AccessControl.FileSystemRights]::ReadAndExecute.value__) -bor `
([System.UInt32] [System.Security.AccessControl.FileSystemRights]::Synchronize.value__) ([System.UInt32] [System.Security.AccessControl.FileSystemRights]::Synchronize.value__)
@ -105,7 +105,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
([System.UInt32] [System.Security.AccessControl.FileSystemRights]::Synchronize.value__) ([System.UInt32] [System.Security.AccessControl.FileSystemRights]::Synchronize.value__)
$FullControlPerm = [System.UInt32] [System.Security.AccessControl.FileSystemRights]::FullControl.value__ $FullControlPerm = [System.UInt32] [System.Security.AccessControl.FileSystemRights]::FullControl.value__
if($FilePath.EndsWith(".pub")) { if($FilePath.EndsWith(".pub")) {
if ($IsHostKey) { if ($IsHostKey) {
$myACL.Access.Count | Should Be 3 $myACL.Access.Count | Should Be 3
@ -123,7 +123,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
foreach ($a in $myACL.Access) { foreach ($a in $myACL.Access) {
$id = Get-UserSid -User $a.IdentityReference $id = Get-UserSid -User $a.IdentityReference
$identities -contains $id | Should Be $true $identities -contains $id | Should Be $true
switch ($id) switch ($id)
{ {
@ -144,7 +144,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
break; break;
} }
} }
$a.AccessControlType | Should Be ([System.Security.AccessControl.AccessControlType]::Allow) $a.AccessControlType | Should Be ([System.Security.AccessControl.AccessControlType]::Allow)
$a.IsInherited | Should Be $false $a.IsInherited | Should Be $false
$a.InheritanceFlags | Should Be ([System.Security.AccessControl.InheritanceFlags]::None) $a.InheritanceFlags | Should Be ([System.Security.AccessControl.InheritanceFlags]::None)
@ -157,9 +157,9 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$stderrFile=Join-Path $testDir "$tC.$tI.stderr.txt" $stderrFile=Join-Path $testDir "$tC.$tI.stderr.txt"
$stdoutFile=Join-Path $testDir "$tC.$tI.stdout.txt" $stdoutFile=Join-Path $testDir "$tC.$tI.stdout.txt"
$logFile = Join-Path $testDir "$tC.$tI.log.txt" $logFile = Join-Path $testDir "$tC.$tI.log.txt"
} }
AfterEach {$tI++;} AfterEach {$tI++;}
Context "$tC -ssh-keygen all key types" { Context "$tC -ssh-keygen all key types" {
@ -171,14 +171,14 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
remove-item ssh_host_*_key* -ErrorAction SilentlyContinue remove-item ssh_host_*_key* -ErrorAction SilentlyContinue
ssh-keygen -A ssh-keygen -A
Pop-Location Pop-Location
Get-ChildItem (join-path $testDir ssh_host_*_key) | % { Get-ChildItem (join-path $testDir ssh_host_*_key) | % {
ValidateKeyFile -FilePath $_.FullName ValidateKeyFile -FilePath $_.FullName
} }
Get-ChildItem (join-path $testDir ssh_host_*_key.pub) | % { Get-ChildItem (join-path $testDir ssh_host_*_key.pub) | % {
ValidateKeyFile -FilePath $_.FullName ValidateKeyFile -FilePath $_.FullName
} }
} }
It "$tC.$tI - Keygen -t -f" { It "$tC.$tI - Keygen -t -f" {
@ -193,7 +193,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
else else
{ {
ssh-keygen -t $type -P $keypassphrase -f $keyPath ssh-keygen -t $type -P $keypassphrase -f $keyPath
} }
ValidateKeyFile -FilePath $keyPath ValidateKeyFile -FilePath $keyPath
ValidateKeyFile -FilePath "$keyPath.pub" -IsHostKey $false ValidateKeyFile -FilePath "$keyPath.pub" -IsHostKey $false
} }
@ -216,7 +216,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
AfterAll{$tC++} AfterAll{$tC++}
# Executing ssh-agent will start agent service # Executing ssh-agent will start agent service
# This is to support typical Unix scenarios where # This is to support typical Unix scenarios where
# running ssh-agent will setup the agent for current session # running ssh-agent will setup the agent for current session
It "$tC.$tI - ssh-agent starts agent service" { It "$tC.$tI - ssh-agent starts agent service" {
if ((Get-Service ssh-agent).Status -eq "Running") { if ((Get-Service ssh-agent).Status -eq "Running") {
@ -237,7 +237,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$nullFile = join-path $testDir ("$tC.$tI.nullfile") $nullFile = join-path $testDir ("$tC.$tI.nullfile")
$null > $nullFile $null > $nullFile
foreach($type in $keytypes) foreach($type in $keytypes)
{ {
$keyPath = Join-Path $testDir "id_$type" $keyPath = Join-Path $testDir "id_$type"
@ -259,7 +259,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
Set-content -Path $keyPathDifferentEnding -value "$newcontent" Set-content -Path $keyPathDifferentEnding -value "$newcontent"
Repair-UserKeyPermission $keyPathDifferentEnding -confirm:$false Repair-UserKeyPermission $keyPathDifferentEnding -confirm:$false
iex "cmd /c `"ssh-add $keyPathDifferentEnding < $nullFile 2> nul `"" iex "cmd /c `"ssh-add $keyPathDifferentEnding < $nullFile 2> nul `""
} }
} }
#remove SSH_ASKPASS #remove SSH_ASKPASS
@ -269,7 +269,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$allkeys = ssh-add -L $allkeys = ssh-add -L
$allkeys | Set-Content (Join-Path $testDir "$tC.$tI.allkeyonAdd.txt") $allkeys | Set-Content (Join-Path $testDir "$tC.$tI.allkeyonAdd.txt")
ValidateRegistryACL -count $allkeys.Count ValidateRegistryACL -count $allkeys.Count
foreach($type in $keytypes) foreach($type in $keytypes)
{ {
$keyPath = Join-Path $testDir "id_$type" $keyPath = Join-Path $testDir "id_$type"
@ -297,7 +297,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$allkeys = @(ssh-add -L) $allkeys = @(ssh-add -L)
ValidateRegistryACL -count $allkeys.count ValidateRegistryACL -count $allkeys.count
} }
} }
Context "$tC ssh-keygen known_hosts operations" { Context "$tC ssh-keygen known_hosts operations" {
@ -329,7 +329,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$keyFileName = "sshadd_userPermTestkey_ed25519" $keyFileName = "sshadd_userPermTestkey_ed25519"
$keyFilePath = Join-Path $testDir $keyFileName $keyFilePath = Join-Path $testDir $keyFileName
Remove-Item -path "$keyFilePath*" -Force -ErrorAction SilentlyContinue Remove-Item -path "$keyFilePath*" -Force -ErrorAction SilentlyContinue
ssh-keygen.exe -t ed25519 -f $keyFilePath -P $keypassphrase ssh-keygen.exe -t ed25519 -f $keyFilePath -P $keypassphrase
#set up SSH_ASKPASS #set up SSH_ASKPASS
Add-PasswordSetting -Pass $keypassphrase Add-PasswordSetting -Pass $keypassphrase
$tI=1 $tI=1
@ -341,7 +341,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
AfterEach { AfterEach {
if(Test-Path $keyFilePath) { if(Test-Path $keyFilePath) {
Repair-FilePermission -FilePath $keyFilePath -Owner $currentUserSid -FullAccessNeeded $currentUserSid,$systemSid,$adminsSid -confirm:$false Repair-FilePermission -FilePath $keyFilePath -Owner $currentUserSid -FullAccessNeeded $currentUserSid,$systemSid,$adminsSid -confirm:$false
} }
} }
AfterAll { AfterAll {
@ -351,22 +351,22 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
} }
It "$tC.$tI- ssh-add - positive (Secured private key owned by current user)" { It "$tC.$tI- ssh-add - positive (Secured private key owned by current user)" {
#setup to have current user as owner and grant it full control #setup to have current user as owner and grant it full control
Repair-FilePermission -FilePath $keyFilePath -Owner $currentUserSid -FullAccessNeeded $currentUserSid,$systemSid,$adminsSid -confirm:$false Repair-FilePermission -FilePath $keyFilePath -Owner $currentUserSid -FullAccessNeeded $currentUserSid,$systemSid,$adminsSid -confirm:$false
# for ssh-add to consume SSh_ASKPASS, stdin should not be TTY # for ssh-add to consume SSh_ASKPASS, stdin should not be TTY
cmd /c "ssh-add $keyFilePath < $nullFile 2> nul" cmd /c "ssh-add $keyFilePath < $nullFile 2> nul"
$LASTEXITCODE | Should Be 0 $LASTEXITCODE | Should Be 0
$allkeys = ssh-add -L $allkeys = ssh-add -L
$pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1] $pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1]
@($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 1 @($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 1
#clean up #clean up
cmd /c "ssh-add -d $keyFilePath 2> nul " cmd /c "ssh-add -d $keyFilePath 2> nul "
} }
It "$tC.$tI - ssh-add - positive (Secured private key owned by Administrators group and the current user has no explicit ACE)" { It "$tC.$tI - ssh-add - positive (Secured private key owned by Administrators group and the current user has no explicit ACE)" {
#setup to have local admin group as owner and grant it full control #setup to have local admin group as owner and grant it full control
Repair-FilePermission -FilePath $keyFilePath -Owner $adminsSid -FullAccessNeeded $adminsSid,$systemSid -confirm:$false Repair-FilePermission -FilePath $keyFilePath -Owner $adminsSid -FullAccessNeeded $adminsSid,$systemSid -confirm:$false
# for ssh-add to consume SSh_ASKPASS, stdin should not be TTY # for ssh-add to consume SSh_ASKPASS, stdin should not be TTY
@ -375,7 +375,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$allkeys = ssh-add -L $allkeys = ssh-add -L
$pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1] $pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1]
@($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 1 @($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 1
#clean up #clean up
cmd /c "ssh-add -d $keyFilePath 2> nul " cmd /c "ssh-add -d $keyFilePath 2> nul "
} }
@ -390,13 +390,13 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$allkeys = ssh-add -L $allkeys = ssh-add -L
$pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1] $pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1]
@($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 1 @($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 1
#clean up #clean up
cmd /c "ssh-add -d $keyFilePath 2> nul " cmd /c "ssh-add -d $keyFilePath 2> nul "
} }
It "$tC.$tI - ssh-add - positive (Secured private key owned by local system group)" { It "$tC.$tI - ssh-add - positive (Secured private key owned by local system group)" {
#setup to have local admin group as owner and grant it full control #setup to have local admin group as owner and grant it full control
Repair-FilePermission -FilePath $keyFilePath -Owners $systemSid -FullAccessNeeded $systemSid,$adminsSid -confirm:$false Repair-FilePermission -FilePath $keyFilePath -Owners $systemSid -FullAccessNeeded $systemSid,$adminsSid -confirm:$false
# for ssh-add to consume SSh_ASKPASS, stdin should not be TTY # for ssh-add to consume SSh_ASKPASS, stdin should not be TTY
@ -405,11 +405,11 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$allkeys = ssh-add -L $allkeys = ssh-add -L
$pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1] $pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1]
@($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 1 @($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 1
#clean up #clean up
cmd /c "ssh-add -d $keyFilePath 2> nul " cmd /c "ssh-add -d $keyFilePath 2> nul "
} }
It "$tC.$tI- ssh-add - negative (other account can access private key file)" { It "$tC.$tI- ssh-add - negative (other account can access private key file)" {
#setup to have current user as owner and grant it full control #setup to have current user as owner and grant it full control
Repair-FilePermission -FilePath $keyFilePath -Owners $currentUserSid -FullAccessNeeded $currentUserSid,$adminsSid, $systemSid -ReadAccessNeeded $objUserSid -confirm:$false Repair-FilePermission -FilePath $keyFilePath -Owners $currentUserSid -FullAccessNeeded $currentUserSid,$adminsSid, $systemSid -ReadAccessNeeded $objUserSid -confirm:$false
@ -418,7 +418,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$LASTEXITCODE | Should Not Be 0 $LASTEXITCODE | Should Not Be 0
$allkeys = ssh-add -L $allkeys = ssh-add -L
$pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1] $pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1]
@($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 0 @($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 0
} }
@ -430,13 +430,13 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
$LASTEXITCODE | Should Not Be 0 $LASTEXITCODE | Should Not Be 0
$allkeys = ssh-add -L $allkeys = ssh-add -L
$pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1] $pubkeyraw = ((Get-Content "$keyFilePath.pub").Split(' '))[1]
@($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 0 @($allkeys | where { $_.contains($pubkeyraw) }).count | Should Be 0
} }
} }
Context "$tC - ssh-keyscan test cases" { Context "$tC - ssh-keyscan test cases" {
BeforeAll { BeforeAll {
$tI=1 $tI=1
$port = $OpenSSHTestInfo["Port"] $port = $OpenSSHTestInfo["Port"]
Remove-item (join-path $testDir "$tC.$tI.out.txt") -force -ErrorAction SilentlyContinue Remove-item (join-path $testDir "$tC.$tI.out.txt") -force -ErrorAction SilentlyContinue
@ -464,7 +464,7 @@ Describe "E2E scenarios for ssh key management" -Tags "CI" {
It "$tC.$tI - ssh-keyscan with -f -t" -Skip:$NoLibreSSL { It "$tC.$tI - ssh-keyscan with -f -t" -Skip:$NoLibreSSL {
Set-Content -Path tmp.txt -Value "127.0.0.1" Set-Content -Path tmp.txt -Value "127.0.0.1"
cmd /c "ssh-keyscan -p $port -f tmp.txt -t rsa,dsa 2>&1 > $outputFile" cmd /c "ssh-keyscan -p $port -f tmp.txt -t rsa 2>&1 > $outputFile"
$outputFile | Should Contain '.*ssh-rsa.*' $outputFile | Should Contain '.*ssh-rsa.*'
} }
} }