|
@@ -39,7 +39,7 @@ def test_regular_ssh_server_configuration(host):
|
|
|
|
|
|
with host.sudo():
|
|
|
|
|
|
assert "DenyGroups backup" in host.file('/etc/ssh/sshd_config').content
|
|
|
assert "DenyGroups backup" in host.file('/etc/ssh/sshd_config').content_string
|
|
|
|
|
|
|
|
|
def test_backup_ssh_server_configuration_directory(host):
|
|
@@ -70,7 +70,7 @@ def test_backup_ssh_server_service_configuration(host):
|
|
|
assert config_file.user == 'root'
|
|
|
assert config_file.group == 'root'
|
|
|
assert config_file.mode == 0o644
|
|
|
assert 'SSHD_OPTS="-f /etc/ssh-backup/sshd_config"' in config_file.content
|
|
|
assert 'SSHD_OPTS="-f /etc/ssh-backup/sshd_config"' in config_file.content_string
|
|
|
|
|
|
|
|
|
def test_backup_ssh_server_configuration(host):
|
|
@@ -86,16 +86,16 @@ def test_backup_ssh_server_configuration(host):
|
|
|
assert config_file.user == 'root'
|
|
|
assert config_file.group == 'root'
|
|
|
assert config_file.mode == 0o600
|
|
|
assert "AllowGroups backup" in config_file.content
|
|
|
assert "ChrootDirectory %h" in config_file.content
|
|
|
assert "ForceCommand internal-sftp" in config_file.content
|
|
|
assert "Subsystem sftp internal-sftp" in config_file.content
|
|
|
assert "PasswordAuthentication no" in config_file.content
|
|
|
assert "PubkeyAuthentication yes" in config_file.content
|
|
|
assert "PermitRootLogin no" in config_file.content
|
|
|
assert "HostKey /etc/ssh-backup/ssh_host_rsa_key" in config_file.content
|
|
|
assert "HostKey /etc/ssh-backup/ssh_host_ecdsa_key" in config_file.content
|
|
|
assert "HostKey /etc/ssh-backup/ssh_host_ed25519_key" in config_file.content
|
|
|
assert "AllowGroups backup" in config_file.content_string
|
|
|
assert "ChrootDirectory %h" in config_file.content_string
|
|
|
assert "ForceCommand internal-sftp" in config_file.content_string
|
|
|
assert "Subsystem sftp internal-sftp" in config_file.content_string
|
|
|
assert "PasswordAuthentication no" in config_file.content_string
|
|
|
assert "PubkeyAuthentication yes" in config_file.content_string
|
|
|
assert "PermitRootLogin no" in config_file.content_string
|
|
|
assert "HostKey /etc/ssh-backup/ssh_host_rsa_key" in config_file.content_string
|
|
|
assert "HostKey /etc/ssh-backup/ssh_host_ecdsa_key" in config_file.content_string
|
|
|
assert "HostKey /etc/ssh-backup/ssh_host_ed25519_key" in config_file.content_string
|
|
|
|
|
|
|
|
|
def test_backup_ssh_server_keys(host):
|
|
@@ -110,28 +110,28 @@ def test_backup_ssh_server_keys(host):
|
|
|
assert dsa.user == 'root'
|
|
|
assert dsa.group == 'root'
|
|
|
assert dsa.mode == 0o600
|
|
|
assert dsa.content == open('tests/data/ssh/server_dsa', 'r').read()
|
|
|
assert dsa.content_string == open('tests/data/ssh/server_dsa', 'r').read()
|
|
|
|
|
|
rsa = host.file('/etc/ssh-backup/ssh_host_rsa_key')
|
|
|
assert rsa.is_file
|
|
|
assert rsa.user == 'root'
|
|
|
assert rsa.group == 'root'
|
|
|
assert rsa.mode == 0o600
|
|
|
assert rsa.content == open('tests/data/ssh/server_rsa', 'r').read()
|
|
|
assert rsa.content_string == open('tests/data/ssh/server_rsa', 'r').read()
|
|
|
|
|
|
ed25519 = host.file('/etc/ssh-backup/ssh_host_ed25519_key')
|
|
|
assert ed25519.is_file
|
|
|
assert ed25519.user == 'root'
|
|
|
assert ed25519.group == 'root'
|
|
|
assert ed25519.mode == 0o600
|
|
|
assert ed25519.content == open('tests/data/ssh/server_ed25519', 'r').read()
|
|
|
assert ed25519.content_string == open('tests/data/ssh/server_ed25519', 'r').read()
|
|
|
|
|
|
ecdsa = host.file('/etc/ssh-backup/ssh_host_ecdsa_key')
|
|
|
assert ecdsa.is_file
|
|
|
assert ecdsa.user == 'root'
|
|
|
assert ecdsa.group == 'root'
|
|
|
assert ecdsa.mode == 0o600
|
|
|
assert ecdsa.content == open('tests/data/ssh/server_ecdsa', 'r').read()
|
|
|
assert ecdsa.content_string == open('tests/data/ssh/server_ecdsa', 'r').read()
|
|
|
|
|
|
|
|
|
def test_backup_ssh_server_systemd_service(host):
|
|
@@ -146,7 +146,7 @@ def test_backup_ssh_server_systemd_service(host):
|
|
|
assert service_file.user == 'root'
|
|
|
assert service_file.group == 'root'
|
|
|
assert service_file.mode == 0o644
|
|
|
assert "EnvironmentFile=-/etc/default/ssh-backup" in service_file.content
|
|
|
assert "EnvironmentFile=-/etc/default/ssh-backup" in service_file.content_string
|
|
|
|
|
|
|
|
|
def test_backup_ssh_server_service(host):
|