diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2024-06-16 08:18:07 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2024-06-16 08:18:07 +0000 |
| commit | 6f492f432bf2c79ace89542866400eaaadbf9e7e (patch) | |
| tree | 32765e37a1489828cb86ef908073cc3ef1a0ec29 /regress/usr.bin/ssh | |
| parent | c35577d3b08f07e0b23c07544bf781036f7228b7 (diff) | |
penalty test is still a bit racy
Diffstat (limited to 'regress/usr.bin/ssh')
| -rw-r--r-- | regress/usr.bin/ssh/penalty.sh | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/regress/usr.bin/ssh/penalty.sh b/regress/usr.bin/ssh/penalty.sh index 9556b31f707..8b835323811 100644 --- a/regress/usr.bin/ssh/penalty.sh +++ b/regress/usr.bin/ssh/penalty.sh @@ -25,14 +25,17 @@ verbose "penalty for authentication failure" cat /dev/null > $OBJ/authorized_keys_${USER} ${SSH} -F $OBJ/ssh_config somehost true && fatal "noauth connect succeeded" cp $OBJ/authorized_keys_${USER}.bak $OBJ/authorized_keys_${USER} +sleep 2 # Should be below penalty threshold ${SSH} -F $OBJ/ssh_config somehost true || fatal "authfail not expired" +sleep 2 # Fail authentication again; penalty should activate cat /dev/null > $OBJ/authorized_keys_${USER} ${SSH} -F $OBJ/ssh_config somehost true && fatal "noauth connect succeeded" cp $OBJ/authorized_keys_${USER}.bak $OBJ/authorized_keys_${USER} +sleep 2 # These should be refused by the active penalty ${SSH} -F $OBJ/ssh_config somehost true && fail "authfail not rejected" @@ -42,6 +45,7 @@ conf "noauth:100s" ${SSH} -F $OBJ/ssh_config somehost true || fatal "basic connect failed" verbose "penalty for no authentication" ${SSHKEYSCAN} -t ssh-ed25519 -p $PORT 127.0.0.1 >/dev/null || fatal "keyscan failed" +sleep 2 # Repeat attempt should be penalised ${SSHKEYSCAN} -t ssh-ed25519 -p $PORT 127.0.0.1 >/dev/null 2>&1 && fail "keyscan not rejected" |