Project

General

Profile

Actions
Copy link

action #156283

closed

[security][SP6] test fails in strongswan_server during scp password input

Added by emiler 2 months ago. Updated 2 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
emiler
Category:
Bugs in existing tests
Target version:
-
Start date:
2024-02-29
Due date:
% Done:

0%

Estimated time:
Difficulty:

Description

openQA test in scenario sle-15-SP6-Online-x86_64-fips_strongswan_server@64bit fails in
strongswan_server

There is a problem with inserting the password when executing scp:

    # Copy the keys and certificates to the second host
    exec_and_insert_password("scp -o StrictHostKeyChecking=no ca.cert.pem root\@$remote_ip:$ipsec_dir/cacerts/");
    exec_and_insert_password("scp -o StrictHostKeyChecking=no host1.cert.pem root\@$remote_ip:$ipsec_dir/certs/");
    exec_and_insert_password("scp -o StrictHostKeyChecking=no host2.cert.pem root\@$remote_ip:$ipsec_dir/certs/");
    exec_and_insert_password("scp -o StrictHostKeyChecking=no host2.pem root\@$remote_ip:$ipsec_dir/private/");
Actions
Copy link
 #1

Updated by emiler 2 months ago

  • Description updated (diff)
  • Status changed from New to In Progress

It seems the client machine is refusing root login with password via ssh. Something must have changed in the sshd configuration.

Actions
Copy link
 #2

Updated by emiler 2 months ago

New sshd version has PermitRootLogin disabled by default. The is an ongoing discussion about fixing this in general. Install tests will have to be modified to revert back to the default behavior.

Actions
Copy link
 #3

Updated by emiler 2 months ago

  • Status changed from In Progress to Resolved

It was actually fixed already, see https://openqa.suse.de/tests/13640743#next_previous.
We might still need to apply this to our custom install tests though.

Actions
Copy link

Also available in: Atom PDF