1# $OpenBSD: keytype.sh,v 1.4 2015/07/10 06:23:25 markus Exp $ 2# Placed in the Public Domain. 3 4tid="login with different key types" 5 6TIME=/usr/bin/time 7cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 8cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak 9 10ktypes="dsa-1024 rsa-2048 ecdsa-256 rsa-3072 ecdsa-384 ecdsa-521 ed25519-512" 11 12for kt in $ktypes; do 13 rm -f $OBJ/key.$kt 14 bits=${kt#*-} 15 type=${kt%-*} 16 printf "keygen $type, $bits bits:\t" 17 ${TIME} ${SSHKEYGEN} -b $bits -q -N '' -t $type -f $OBJ/key.$kt ||\ 18 fail "ssh-keygen for type $type, $bits bits failed" 19done 20 21tries="1 2 3" 22for ut in $ktypes; do 23 htypes=$ut 24 #htypes=$ktypes 25 for ht in $htypes; do 26 case $ht in 27 dsa-1024) t=ssh-dss;; 28 ecdsa-256) t=ecdsa-sha2-nistp256;; 29 ecdsa-384) t=ecdsa-sha2-nistp384;; 30 ecdsa-521) t=ecdsa-sha2-nistp521;; 31 ed25519-512) t=ssh-ed25519;; 32 rsa-*) t=ssh-rsa;; 33 esac 34 trace "ssh connect, userkey $ut, hostkey $ht" 35 ( 36 grep -v HostKey $OBJ/sshd_proxy_bak 37 echo HostKey $OBJ/key.$ht 38 echo PubkeyAcceptedKeyTypes $t 39 echo HostKeyAlgorithms $t 40 ) > $OBJ/sshd_proxy 41 ( 42 grep -v IdentityFile $OBJ/ssh_proxy_bak 43 echo IdentityFile $OBJ/key.$ut 44 echo PubkeyAcceptedKeyTypes $t 45 echo HostKeyAlgorithms $t 46 ) > $OBJ/ssh_proxy 47 ( 48 printf 'localhost-with-alias,127.0.0.1,::1 ' 49 cat $OBJ/key.$ht.pub 50 ) > $OBJ/known_hosts 51 cat $OBJ/key.$ut.pub > $OBJ/authorized_keys_$USER 52 for i in $tries; do 53 printf "userkey $ut, hostkey ${ht}:\t" 54 ${TIME} ${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true 55 if [ $? -ne 0 ]; then 56 fail "ssh userkey $ut, hostkey $ht failed" 57 fi 58 done 59 done 60done 61