From 1db54dd6a1abbdbde40f1fc69c335a8086b230aa Mon Sep 17 00:00:00 2001 From: Nathaniel Case Date: Wed, 15 Aug 2018 11:34:36 -0400 Subject: [PATCH] Fix ios_user auth test ssh key usage (#44170) * Set PasswordAuthentication=no for ios_user pubkey login * Set ssh key to 0600 to avoid ssh failure * Swap PasswordAuthentication for BatchMode --- test/integration/targets/ios_user/tests/cli/auth.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/test/integration/targets/ios_user/tests/cli/auth.yaml b/test/integration/targets/ios_user/tests/cli/auth.yaml index bc5930ddebb..7e7a7b000c0 100644 --- a/test/integration/targets/ios_user/tests/cli/auth.yaml +++ b/test/integration/targets/ios_user/tests/cli/auth.yaml @@ -41,6 +41,11 @@ - block: + - name: Ensure ssh key is not world readable + file: + path: "{{ role_path }}/files/test_rsa" + mode: 0600 + - name: Create user with sshkey ios_user: name: ssh_user @@ -51,7 +56,7 @@ sshkey: "{{ lookup('file', 'files/test_rsa.pub') }}" - name: test sshkey login - shell: "ssh ssh_user@{{ ansible_ssh_host }} -p {{ ansible_ssh_port|default(22) }} -o IdentityFile={{ role_path }}/files/test_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PubkeyAuthentication=yes show version" + shell: "ssh ssh_user@{{ ansible_ssh_host }} -p {{ ansible_ssh_port|default(22) }} -o IdentityFile={{ role_path }}/files/test_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o BatchMode=yes -o PubkeyAuthentication=yes show version" - name: test login without sshkey (should fail) expect: