echo "-- adding admin as certifier..."
monkeysphere-server add-identity-certifier "$TESTDIR"/home/admin/.gnupg/pubkey.gpg
+# initialize base sshd_config
+cp etc/ssh/sshd_config "$TEMPDIR"/sshd_config
# write the sshd_config
-cat <<EOF > "$TEMPDIR"/sshd_config
+cat <<EOF >> "$TEMPDIR"/sshd_config
HostKey ${MONKEYSPHERE_SYSDATADIR}/ssh_host_rsa_key
+AuthorizedKeysFile ${MONKEYSPHERE_SYSDATADIR}/authorized_keys/%u
EOF
# launch sshd with the new host key.
--- /dev/null
+# Base sshd_config for monkeysphere test
+
+# HostKey and AuthorizedKeysFile lines will be added dynamically
+# during test.
+
+# goal: minimal ssh configuration to do public key authentication.
+
+Protocol 2
+PubkeyAuthentication yes
+HostbasedAuthentication no
+PermitEmptyPasswords no
+ChallengeResponseAuthentication no
+PasswordAuthentication no
+KerberosAuthentication no
+GSSAPIAuthentication no
+X11Forwarding no
+PrintMotd no
+PrintLastLog no
+TCPKeepAlive no
+AcceptEnv LANG LC_*
+UsePAM no