diff --git a/tests/build_docker_image.py b/tests/build_docker_image.py
new file mode 100755
index 00000000..02c9295e
--- /dev/null
+++ b/tests/build_docker_image.py
@@ -0,0 +1,60 @@
+#!/usr/bin/env python
+
+import commands
+import os
+import shlex
+import subprocess
+import tempfile
+
+
+DOCKERFILE = r"""
+FROM debian:stable
+RUN apt-get update
+RUN \
+    apt-get install -y python2.7 openssh-server sudo && \
+    apt-get clean
+RUN \
+    mkdir /var/run/sshd && \
+    echo '%sudo-nopw ALL=(ALL:ALL) NOPASSWD:ALL' > /etc/sudoers.d/001-sudo-nopw && \
+    echo i-am-mitogen-test-docker-image > /etc/sentinel && \
+    groupadd sudo-nopw && \
+    useradd -m has-sudo -G sudo && \
+    useradd -m has-sudo-pubkey -G sudo && \
+    useradd -m has-sudo-nopw -G sudo-nopw && \
+    useradd -m webapp && \
+    ( echo 'root:x' | chpasswd; ) && \
+    ( echo 'has-sudo:y' | chpasswd; ) && \
+    ( echo 'has-sudo-nopw:y' | chpasswd; ) && \
+    mkdir ~has-sudo-pubkey/.ssh
+
+COPY data/docker/has-sudo-pubkey.key /home/has-sudo-pubkey/.ssh/authorized_keys
+RUN \
+    chown -R has-sudo-pubkey ~has-sudo-pubkey && \
+    chmod -R go= ~has-sudo-pubkey
+
+RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
+RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+
+ENV NOTVISIBLE "in users profile"
+RUN echo "export VISIBLE=now" >> /etc/profile
+
+EXPOSE 22
+CMD ["/usr/sbin/sshd", "-D"]
+"""
+
+
+def sh(s, *args):
+    if args:
+        s %= tuple(map(commands.mkarg, args))
+    return shlex.split(s)
+
+
+mydir = os.path.dirname(__file__)
+with tempfile.NamedTemporaryFile(dir=mydir) as dockerfile_fp:
+    dockerfile_fp.write(DOCKERFILE)
+    dockerfile_fp.flush()
+
+    subprocess.check_call(sh('docker build %s -t d2mw/mitogen-test -f %s',
+        mydir,
+        dockerfile_fp.name
+    ))
diff --git a/tests/data/docker/has-sudo-pubkey.key b/tests/data/docker/has-sudo-pubkey.key
new file mode 100644
index 00000000..8be41787
--- /dev/null
+++ b/tests/data/docker/has-sudo-pubkey.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEApDM+7xOKYkXilwTWq4Roc3zK+oO3GqWlB5ZcU4ZrZuJ3ZTN5
+G4hBb8SPT+7Ne0+dAsnH3rCX+f9W5i8QAkTrXTBq4AawgABsBMtqpwjT4aqy6Xdm
+pqC1JAXLYZomk1ZlPnjDB5vLm8YdKhGrlzmmlal0xnCtWxjLLny2Bq9Jb+URNgBK
+4PYz2JIeqk9AqcRrUZn22LmxQCLpz+YMR4IjkKw+2M7NjRQ6j6va0br0TBl/1y6Q
+7qxZvcdei08dXw0lNWqprvPEDCbV6DMj5RwqnecfxXWdSqK0e/Swfh/3KbQdfzQ9
+YHmb+TgA/MnQnN5zRovIYsj6G2+ozl+vGoF8lwIDAQABAoIBACKT7BfajJS/VMUq
+rq411u0jBXeVzzRcV5Fud4jbULi8zhnQqhtDKUyJHwjdKAZksJLKvT1HAOoTfFBC
+7uMbclkQfiEpJ3f9HsIvuAju0fe+w6hojYRfaWXplne6R49VbUKnmaJ7i3gFU1Tt
+na3d5Re1NLMpPUhmwzrJ5mcn+JYIV6UqUz3qF6DVnsI7jafUxl5Dwn2EKuIqVnA3
+yOeFY6YaGwAiGVxOBSnkBOJyKeoOReUWEbkZMBHKx0A6AU9s3MiOn8oPJQGqglf/
+FsiWbTGkVW3+ya3v68pVGVXilSayThi21JTPJJWrUEXOYDynIPk88jQaq2AW63iY
+B4sAzXkCgYEA0aQC6aqIVEJDA29ffy5REMm74raUn4oraDRT37nxCr/LpykwKj2z
+FUJAH3vapDzC0e+0zTsk4js+/o7lI/nymdxv/T0KzQMk4uR3rxNjU93PJ4CzAaL3
+Lat+KWcTG41+FCAO38VJ+hVr3i6jaBYYlZmqPw9vggDlKhwoGZ82h4MCgYEAyILM
+Yh35k8b1nPeiM/F9qdQfIshCxyLY+znGRufvFWALxglXV++7V7imwpRjAUbQ+e5z
+bJJdUcyj64Or2gUbgUk5JDlkKzMWKvy7KeK/GBR7yF40thfKNlxmzdGyE5ZJDbY8
+lYCN5J2Ng6r8pyFND4w8TxRgb1DUXd9uZREvFl0CgYEAvXP01eoxDcRb/0y1BqB6
+zishSn8pzQv2slMnwTWuqcIub0B/sIzVvE6E2G77ZhUrEsIHqLjcWj6kbTQBzANj
+xLw70KVLj35Z5VoG9wcUaoQ3Y0Ghg8ccjf8/InduAyZZXCKkjoEim4ikVMPdFIFz
+ci7OdfKjGN9qOiX77zu88bUCgYBHnrjEXzKTf2Ch1a4hYaPiMnuAoAmCOcdJTSSu
+lQ/IEcuCzDlflqjTN4iRPhFzFkl0zKB76nfczPzMFfcfY+2kK3R2pO1LpO7JIgb0
+eiKJxl9EfanUVQEMk8rAv6Mc7fRgKnTPbeDBBSnUGxIt3G47HHs6P+wGNtf0Q+eZ
+wB6SnQKBgDdp19UStuKxKyhZ9dJwvhoMxGOJoJuHObb22if9Zg71nDrmbFBKbXCK
++lVnBMC6AzeGS+0Txu87VlilMHm2gzyvLrET2Pd/XOueSHk0B2j5FNwBAX5CyuQt
+Y31XJTI5IGCI9UyYJKadrf3XADrp9+Aq5JO6GZzdbOdJ5kK6GUKv
+-----END RSA PRIVATE KEY-----
diff --git a/tests/data/docker/has-sudo-pubkey.key.pub b/tests/data/docker/has-sudo-pubkey.key.pub
new file mode 100644
index 00000000..245ce379
--- /dev/null
+++ b/tests/data/docker/has-sudo-pubkey.key.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCkMz7vE4piReKXBNarhGhzfMr6g7capaUHllxThmtm4ndlM3kbiEFvxI9P7s17T50CycfesJf5/1bmLxACROtdMGrgBrCAAGwEy2qnCNPhqrLpd2amoLUkBcthmiaTVmU+eMMHm8ubxh0qEauXOaaVqXTGcK1bGMsufLYGr0lv5RE2AErg9jPYkh6qT0CpxGtRmfbYubFAIunP5gxHgiOQrD7Yzs2NFDqPq9rRuvRMGX/XLpDurFm9x16LTx1fDSU1aqmu88QMJtXoMyPlHCqd5x/FdZ1KorR79LB+H/cptB1/ND1geZv5OAD8ydCc3nNGi8hiyPobb6jOX68agXyX dmw@Eldil.local