Browse Source

Add a check for ssh host key

using ssh-keyscan
Yann Weber 2 years ago
parent
commit
1ef264c978
2 changed files with 36 additions and 1 deletions
  1. 34
    0
      check.sh
  2. 2
    1
      example.sh

+ 34
- 0
check.sh View File

@@ -521,3 +521,37 @@ check_ssh_nc() {
521 521
 		fail "Bad replie from $host:$port : '$rep'"
522 522
 	fi
523 523
 }
524
+
525
+check_ssh_key() {
526
+	host="$1"
527
+	testkey="$2"
528
+	keytype="$3"
529
+	port="$4"
530
+	
531
+	if [ -z "$port" ]
532
+	then
533
+		port=22
534
+	fi
535
+
536
+	if [ -z "$keytype" ]
537
+	then
538
+		keytype="rsa"
539
+	fi
540
+
541
+	key=$(ssh-keyscan -p $port -t $keytype $host 2>/dev/null | cut -d " " -f3)
542
+
543
+	if [ -z "$key" ]
544
+	then
545
+		fail "SSH server not responding"
546
+		return
547
+	elif [ "$key" = "$testkey" ]
548
+	then
549
+		success "OpenSSH $host:$port key is $testkey"
550
+		return
551
+	else
552
+		fail "OpenSSH $host:$port missmatch : "
553
+		logdate ERR "Expected : $testkey" 1
554
+		logdate ERR "Received : $key" 1
555
+		return
556
+	fi
557
+}

+ 2
- 1
example.sh View File

@@ -51,7 +51,8 @@ TC_RUN check_ping localhost
51 51
 TC_END
52 52
 
53 53
 TC_INIT "SSH" "Testing ssh server" # Needs netcat
54
-TC_RUN check_ssh_nc ssh.cluster001.ovh.net
54
+TC_RUN check_ssh_nc ssh.cluster007.ovh.net
55
+TC_RUN check_ssh_key ssh.cluster007.ovh.net 'AAAAB3NzaC1yc2EAAAADAQABAAABAQCxTdeGLZ7JYXj6XbxlRSK5YXxfgD3HMmaXFtsM+jMZXKAVG6wLBTaLS3CqhUbtuFNs/or6geS1tban33x2nyGn283Wbf3x1PS1cgg9fBAd9tQNsZZ7pEJ6shqv4Lnv+cHRdgNPrGnEim/eUs3H7ZOd5CuCpaoDV31XD+klwCAu/ANq+GiX4iarER59Ij6xd736r+kYAWbguZCV0lL91ag5g6+vVvufHngr6HY5rvl1Ybw1nSfzEG4+UYl5EwvWFSuxPq706DV1kUDmQ17GkD/z0GzBdPDMzgQSLEVvT3CBqAqrosGZO2Iap8EOLDBd/h6ZWWsO2EjEadJJXb23xwhr'
55 56
 TC_END
56 57
 
57 58
 TC_INIT "HTTP/HTTPS" "Testing HTTP status & HTTPS cert" # Needs curl

Loading…
Cancel
Save