action #43703
closed[functional][u] openssh: test needs to use key-based login for root
0%
Description
Motivation¶
This is a change needed in order to be able to update to openssh 7.9, based on sr
https://build.opensuse.org/request/show/645637
The submit request changes the default configuration of openssh for user root to only permit keybased auth, no longer password auth (as per upstream default).
This breaks the assumptions done in our openQA tests, where at least two tests rely on root/password combo for ssh.
Suggestions¶
- A member from QSF-u should be test module maintainer and update the test module
The identified tests, so far, are:
- sshxterm
- rsync
- sshfs
both should switch the logic to be root/keybased auth. As an addition for completion, a test user/password might be added in plus
Updated by okurz about 6 years ago
- Category set to Bugs in existing tests
- Assignee set to coolo
@coolo, as you are the test module maintainer, do you want to adapt the test module or rely on QSF-u?
Updated by okurz about 6 years ago
- Subject changed from openssh: test needs to use key-based login for root to [functional][u] openssh: test needs to use key-based login for root
- Description updated (diff)
- Status changed from New to Workable
- Assignee deleted (
coolo) - Target version set to Milestone 22
I guess that means "no".
Updated by okurz about 6 years ago
- Copied to coordination #44147: [functional][u][epic] openssh: extend tests added
Updated by dheidler about 6 years ago
The rsync test already has its unique way of dealing with this issue:
assert_script_run("sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config");
Updated by dheidler about 6 years ago
- Status changed from Workable to In Progress
Updated by okurz about 6 years ago
dheidler wrote:
The rsync test already has its unique way of dealing with this issue:
I guess we can do better than this :)
Updated by dheidler about 6 years ago
Updated by dheidler about 6 years ago
- Status changed from In Progress to Feedback
Updated by dheidler about 6 years ago
PR got merged.
@dimstar:
Now we need the OBS SR accepted as the test will fail without the fix in the SR due to https://bugzilla.opensuse.org/show_bug.cgi?id=1114008
Updated by SLindoMansilla about 6 years ago
- Related to action #44399: [easy][beginner] Fix assert_script_sudo and script_sudo being called as root added
Updated by okurz about 6 years ago
thank you for even commenting in the SR directly :)
Updated by dheidler about 6 years ago
- Status changed from Feedback to Resolved
Updated by okurz almost 6 years ago
- Related to action #45053: Test installation over ssh as root on Tumbleweed with latest update forbidding root-password login added