summaryrefslogtreecommitdiff
path: root/smoketest/scripts/cli/test_service_ssh.py
AgeCommit message (Collapse)Author
2024-07-03ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms optionkhramshinr
(cherry picked from commit 06e6e011cdf12e8d10cf1f6d4d848fd5db51720d)
2024-04-06T6199: start validating smoketests against real CLI defaultValuesChristian Breunig
Use vyos.xml_ref.default_value to query XML default values and take them into account when validating properly applied defaults in individual smoketests instead of using hardcoded values like 443 for https port. (cherry picked from commit d9d2e9c8ead29c173fefd1b565d191a85baaa071)
2024-04-02ssh: T6192: allow binding to multiple VRF instancesChristian Breunig
Currently VyOS only supports binding a service to one individual VRF. It might become handy to have the services (initially it will be VRF, NTP and SNMP) be bound to multiple VRFs. Changed VRF from leafNode to multi leafNode with defaultValue: default - which is the name of the default VRF. (cherry picked from commit e5af1f0905991103b12302892e6f0070bbb7b770)
2023-07-14T5195: vyos.util -> vyos.utils package refactoring (#2093)Christian Breunig
* T5195: move run, cmd, call, rc_cmd helper to vyos.utils.process * T5195: use read_file and write_file implementation from vyos.utils.file Changed code automatically using: find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import read_file$/from vyos.utils.file import read_file/g' {} + find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import write_file$/from vyos.utils.file import write_file/g' {} + * T5195: move chmod* helpers to vyos.utils.permission * T5195: use colon_separated_to_dict from vyos.utils.dict * T5195: move is_systemd_service_* to vyos.utils.process * T5195: fix boot issues with missing imports * T5195: move dict_search_* helpers to vyos.utils.dict * T5195: move network helpers to vyos.utils.network * T5195: move commit_* helpers to vyos.utils.commit * T5195: move user I/O helpers to vyos.utils.io
2023-06-21smoketest: move SSH login functionality to base classChristian Breunig
2022-10-17T4720: Add smoketest for SSH NDcPPViacheslav Hletenko
2022-05-13smoketest: add sshguard allow-from caseChristian Poessinger
2022-05-12sshguard: T4408: Add service ssh dynamic-protectionViacheslav Hletenko
Sshguard protects hosts from brute-force attacks Can inspect logs and block "bad" addresses by threshold Auto-generate rules for nftables When service stopped all generated rules are deleted nft "type filter hook input priority filter - 10" set service ssh dynamic-protection set service ssh dynamic-protection block-time 120 set service ssh dynamic-protection detect-time 1800 set service ssh dynamic-protection threshold 30 set service ssh dynamic-protection whitelist-address 192.0.2.1
2022-04-25smoketest: bugfix on proper inheritance levels for classmethodChristian Poessinger
2022-04-04smoketest: ssh: verify SSH service is stopped on removalChristian Poessinger
2022-04-04smoketest: ssh: verify login of valid and invalid test userChristian Poessinger
In order to test for proper system authentication and security setup a new testcase is added which performs an SSH login and command execution with a predefined user. The result (output of uname -a) must match the output if the command is run natively. We also try to login as an invalid user - this is not allowed to work.
2021-11-21smoketest: remove superfluous ConfigSession importChristian Poessinger
2021-08-18smoketest: ssh: migrate setUp -> setUpClass to run code only onceChristian Poessinger
... minor change to speed-up test time
2021-03-17smoketest: add shim for every test to re-use common tastsChristian Poessinger
Currently every smoketest does the setup and destruction of the configsession on its own durin setUp(). This creates a lot of overhead and one configsession should be re-used during execution of every smoketest script. In addiion a test that failed will leaf the system in an unconsistent state. For this reason before the test is executed we will save the running config to /tmp and the will re-load the config after the test has passed, always ensuring a clean environment for the next test.
2021-01-17ssh: T671: generate rsa, dsa and ed25519 keys on demandChristian Poessinger
2021-01-16vrf: T31: add support for - and _ in VRF namesChristian Poessinger
2021-01-07ssh: T2635: harden Jinja2 template and daemon startupChristian Poessinger
2021-01-07ssh: T2635: change sshd_config path to /run/sshdChristian Poessinger
2020-12-29smoketest: adjust test method namesChristian Poessinger
This is for better readability during testruns
2020-12-29smoketest: run all tests with verbosity=2Christian Poessinger
2020-10-30smoketest: ssh: add bond to vrf testcaseChristian Poessinger
Bind sshd to given VRF and check if it really runs in the VRF context.
2020-09-24smoketest: (re-)use process_named_running() from vyos.utilChristian Poessinger
2020-09-19smoketest: T2886: validate RADIUS configurationChristian Poessinger
2020-09-01T2636: ssh: add smoketest for XML defaultValue nodeChristian Poessinger
2020-08-27Merge branch 'master' of github.com:vyos/vyos-smoketest into ↵Christian Poessinger
vyos-smoketest-integration (T2832) * 'master' of github.com:vyos/vyos-smoketest: (153 commits) pppoe-server: test some more values lcd: adjust to cli changes lcd: adapt test to new CLI design pppoe-server: initial smoketest with local and radius auth pppoe: validate dhcpv6 client will be started wireless: validate hostapd/wpa_supplicant is running pppoe: sync to new dhcpv6-pd cli anyconnect: T2812: add basic testing ethernet: check interface disable state router-advert: check 'infinity' option in script logic ssh: config file is now volatile (moved to /run) ipv6: link-local: test address assignment on interfaces router-advert: add initial test mdns-repeater: add basic test pseudo-ethernet: extend smoketests with VIFs l2tpv3: add initial interface test wireless: use library function for loading kernel modules ethernet: test "ip" subtree of interface for e.g. ARP settings pppoe: use assertEqual() service: bcast-relay: add initial tests ...