travis: cibuild: set up our own sshd server

Some tests of ours require to be running against an SSH server. Currently, we simply run against the SSH server provided and started by Travis itself. As our Linux tests run in a sudo-less environment, we have no control over its configuration and startup/shutdown procedure. While this has been no problem until now, it will become a problem as soon as we migrate over to newer Precise images, as the SSH server does not have any host keys set up. Luckily, we can simply set up our own unpriviledged SSH server. This has the benefit of us being able to modify its configuration even in a sudo-less environment. This commit sets up the unpriviledged SSH server on port 2222.

travis: cibuild: set up our own sshd server
Some tests of ours require to be running against an SSH server. Currently, we simply run against the SSH server provided and started by Travis itself. As our Linux tests run in a sudo-less environment, we have no control over its configuration and startup/shutdown procedure. While this has been no problem until now, it will become a problem as soon as we migrate over to newer Precise images, as the SSH server does not have any host keys set up. Luckily, we can simply set up our own unpriviledged SSH server. This has the benefit of us being able to modify its configuration even in a sudo-less environment. This commit sets up the unpriviledged SSH server on port 2222.
06619904 · Patrick Steinhardt · c2c95ad0 · 06619904
Commit 06619904 authored Apr 26, 2017 by Patrick Steinhardt
Hide whitespace changes
Inline Side-by-side

Showing with 26 additions and 8 deletions

script/cibuild.sh
+26 -8

No files found.
--- a/script/cibuild.sh
+++ b/script/cibuild.sh
@@ -43,23 +43,39 @@ ctest -V -R libgit2_clar || exit $?

 killall git-daemon

-if [ "$TRAVIS_OS_NAME" = "osx" ]; then
-    echo 'PasswordAuthentication yes' | sudo tee -a /etc/sshd_config
-fi
-
+# Set up sshd
+mkdir ~/sshd/
+cat >~/sshd/sshd_config<<-EOF
+	Port 2222
+	ListenAddress 0.0.0.0
+	Protocol 2
+	HostKey ${HOME}/sshd/id_rsa
+	RSAAuthentication yes
+	PasswordAuthentication yes
+	PubkeyAuthentication yes
+	ChallengeResponseAuthentication no
+	# Required here as sshd will simply close connection otherwise
+	UsePAM no
+EOF
+ssh-keygen -t rsa -f ~/sshd/id_rsa -N "" -q
+/usr/sbin/sshd -f ~/sshd/sshd_config
+
+# Set up keys
 ssh-keygen -t rsa -f ~/.ssh/id_rsa -N "" -q
 cat ~/.ssh/id_rsa.pub >>~/.ssh/authorized_keys
-ssh-keyscan -t rsa localhost >>~/.ssh/known_hosts
+while read algorithm key comment; do
+    echo "[localhost]:2222 $algorithm $key" >>~/.ssh/known_hosts
+done <~/sshd/id_rsa.pub

 # Get the fingerprint for localhost and remove the colons so we can parse it as
 # a hex number. The Mac version is newer so it has a different output format.
 if [ "$TRAVIS_OS_NAME" = "osx" ]; then
-    export GITTEST_REMOTE_SSH_FINGERPRINT=$(ssh-keygen -E md5 -F localhost -l | tail -n 1 | cut -d ' ' -f 3 | cut -d : -f2- | tr -d :)
+    export GITTEST_REMOTE_SSH_FINGERPRINT=$(ssh-keygen -E md5 -F '[localhost]:2222' -l | tail -n 1 | cut -d ' ' -f 3 | cut -d : -f2- | tr -d :)
 else
-    export GITTEST_REMOTE_SSH_FINGERPRINT=$(ssh-keygen -F localhost -l | tail -n 1 | cut -d ' ' -f 2 | tr -d ':')
+    export GITTEST_REMOTE_SSH_FINGERPRINT=$(ssh-keygen -F '[localhost]:2222' -l | tail -n 1 | cut -d ' ' -f 2 | tr -d ':')
 fi

-export GITTEST_REMOTE_URL="ssh://localhost/$HOME/_temp/test.git"
+export GITTEST_REMOTE_URL="ssh://localhost:2222/$HOME/_temp/test.git"
 export GITTEST_REMOTE_USER=$USER
 export GITTEST_REMOTE_SSH_KEY="$HOME/.ssh/id_rsa"
 export GITTEST_REMOTE_SSH_PUBKEY="$HOME/.ssh/id_rsa.pub"
@@ -83,6 +99,8 @@ if [ -e ./libgit2_clar ]; then

 fi

+killall sshd
+
 export GITTEST_REMOTE_URL="https://github.com/libgit2/non-existent"
 export GITTEST_REMOTE_USER="libgit2test"
 ctest -V -R libgit2_clar-cred_callback