skip security-key key types for tests until we have a dummy

U2F middleware to use.

10 files changed, 22 insertions, 22 deletions

diff --git a/regress/usr.bin/ssh/cert-hostkey.sh b/regress/usr.bin/ssh/cert-hostkey.sh
index 86ea6250406..82195b11bd9 100644
--- a/regress/usr.bin/ssh/cert-hostkey.sh
+++ b/regress/usr.bin/ssh/cert-hostkey.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: cert-hostkey.sh,v 1.18 2019/07/25 08:28:15 dtucker Exp $
+#	$OpenBSD: cert-hostkey.sh,v 1.19 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="certified host keys"
@@ -9,7 +9,7 @@ rm -f $OBJ/cert_host_key* $OBJ/host_krl_*
 # Allow all hostkey/pubkey types, prefer certs for the client
 rsa=0
 types=""
-for i in `$SSH -Q key`; do
+for i in `$SSH -Q key | grep -v ^sk-`; do
 	if [ -z "$types" ]; then
 		types="$i"
 		continue
@@ -70,7 +70,7 @@ touch $OBJ/host_revoked_plain
 touch $OBJ/host_revoked_cert
 cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca
 
-PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
+PLAIN_TYPES=`$SSH -Q key-plain  | grep -v ^sk- | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
 
 if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then
 	PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512"
diff --git a/regress/usr.bin/ssh/cert-userkey.sh b/regress/usr.bin/ssh/cert-userkey.sh
index 38c14a69809..51ac8dcb9e1 100644
--- a/regress/usr.bin/ssh/cert-userkey.sh
+++ b/regress/usr.bin/ssh/cert-userkey.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: cert-userkey.sh,v 1.21 2019/07/25 08:28:15 dtucker Exp $
+#	$OpenBSD: cert-userkey.sh,v 1.22 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="certified user keys"
@@ -7,7 +7,7 @@ rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
 cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
 
-PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'`
+PLAIN_TYPES=`$SSH -Q key-plain | grep -v ^sk- | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'`
 EXTRA_TYPES=""
 rsa=""
 
diff --git a/regress/usr.bin/ssh/hostkey-agent.sh b/regress/usr.bin/ssh/hostkey-agent.sh
index 811b6b9ab25..c581c7bfdd4 100644
--- a/regress/usr.bin/ssh/hostkey-agent.sh
+++ b/regress/usr.bin/ssh/hostkey-agent.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: hostkey-agent.sh,v 1.7 2017/04/30 23:34:55 djm Exp $
+#	$OpenBSD: hostkey-agent.sh,v 1.8 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="hostkey agent"
@@ -14,7 +14,7 @@ grep -vi 'hostkey' $OBJ/sshd_proxy > $OBJ/sshd_proxy.orig
 echo "HostKeyAgent $SSH_AUTH_SOCK" >> $OBJ/sshd_proxy.orig
 
 trace "load hostkeys"
-for k in `${SSH} -Q key-plain` ; do
+for k in `${SSH} -Q key-plain | grep -v ^sk-` ; do
 	${SSHKEYGEN} -qt $k -f $OBJ/agent-key.$k -N '' || fatal "ssh-keygen $k"
 	(
 		printf 'localhost-with-alias,127.0.0.1,::1 '
@@ -31,7 +31,7 @@ cp $OBJ/known_hosts.orig $OBJ/known_hosts
 unset SSH_AUTH_SOCK
 
 for ps in no yes; do
-	for k in `${SSH} -Q key-plain` ; do
+	for k in `${SSH} -Q key-plain | grep -v ^sk-` ; do
 		verbose "key type $k privsep=$ps"
 		cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
 		echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy
diff --git a/regress/usr.bin/ssh/hostkey-rotate.sh b/regress/usr.bin/ssh/hostkey-rotate.sh
index cc6bd9cf6f7..707e32908e6 100644
--- a/regress/usr.bin/ssh/hostkey-rotate.sh
+++ b/regress/usr.bin/ssh/hostkey-rotate.sh
@@ -1,10 +1,10 @@
-#	$OpenBSD: hostkey-rotate.sh,v 1.6 2019/08/30 05:08:28 dtucker Exp $
+#	$OpenBSD: hostkey-rotate.sh,v 1.7 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="hostkey rotate"
 
 # Need full names here since they are used in HostKeyAlgorithms
-HOSTKEY_TYPES="`${SSH} -Q key-plain`"
+HOSTKEY_TYPES="`${SSH} -Q key-plain | grep -v ^sk-`"
 
 rm -f $OBJ/hkr.* $OBJ/ssh_proxy.orig
 
diff --git a/regress/usr.bin/ssh/keygen-change.sh b/regress/usr.bin/ssh/keygen-change.sh
index 8b8acd52fb9..c62f2c17c78 100644
--- a/regress/usr.bin/ssh/keygen-change.sh
+++ b/regress/usr.bin/ssh/keygen-change.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: keygen-change.sh,v 1.6 2017/04/30 23:34:55 djm Exp $
+#	$OpenBSD: keygen-change.sh,v 1.7 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="change passphrase for key"
@@ -6,7 +6,7 @@ tid="change passphrase for key"
 S1="secret1"
 S2="2secret"
 
-KEYTYPES=`${SSH} -Q key-plain`
+KEYTYPES=`${SSH} -Q key-plain | grep -v ^sk-`
 
 for t in $KEYTYPES; do
 	# generate user key for agent
diff --git a/regress/usr.bin/ssh/keyscan.sh b/regress/usr.bin/ssh/keyscan.sh
index 8940d24b639..4e16ecd8742 100644
--- a/regress/usr.bin/ssh/keyscan.sh
+++ b/regress/usr.bin/ssh/keyscan.sh
@@ -1,9 +1,9 @@
-#	$OpenBSD: keyscan.sh,v 1.9 2019/01/28 03:50:39 dtucker Exp $
+#	$OpenBSD: keyscan.sh,v 1.10 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="keyscan"
 
-KEYTYPES=`${SSH} -Q key-plain`
+KEYTYPES=`${SSH} -Q key-plain | grep -v ^sk-`
 for i in $KEYTYPES; do
 	if [ -z "$algs" ]; then
 		algs="$i"
diff --git a/regress/usr.bin/ssh/krl.sh b/regress/usr.bin/ssh/krl.sh
index e18d0ec7f67..c9b2e67eb3f 100644
--- a/regress/usr.bin/ssh/krl.sh
+++ b/regress/usr.bin/ssh/krl.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: krl.sh,v 1.8 2019/07/25 09:17:35 dtucker Exp $
+#	$OpenBSD: krl.sh,v 1.9 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="key revocation lists"
@@ -6,7 +6,7 @@ tid="key revocation lists"
 # Use ed25519 by default since it's fast and it's supported when building
 # w/out OpenSSL.  Populate ktype[2-4] with the other types if supported.
 ktype1=ed25519; ktype2=ed25519; ktype3=ed25519; ktype4=ed25519
-for t in `${SSH} -Q key-plain`; do
+for t in `${SSH} -Q key-plain | grep -v ^sk-`; do
 	case "$t" in
 		ecdsa*)		ktype2=ecdsa ;;
 		ssh-rsa)	ktype3=rsa ;;
diff --git a/regress/usr.bin/ssh/limit-keytype.sh b/regress/usr.bin/ssh/limit-keytype.sh
index 5c30af0063a..6eb255c2402 100644
--- a/regress/usr.bin/ssh/limit-keytype.sh
+++ b/regress/usr.bin/ssh/limit-keytype.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: limit-keytype.sh,v 1.6 2019/07/26 04:22:21 dtucker Exp $
+#	$OpenBSD: limit-keytype.sh,v 1.7 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="restrict pubkey type"
@@ -10,7 +10,7 @@ mv $OBJ/sshd_proxy $OBJ/sshd_proxy.orig
 mv $OBJ/ssh_proxy $OBJ/ssh_proxy.orig
 
 ktype1=ed25519; ktype2=$ktype1; ktype3=$ktype1; ktype4=$ktype1
-for t in `${SSH} -Q key-plain`; do
+for t in `${SSH} -Q key-plain | grep -v ^sk-`; do
 	case "$t" in
 		ssh-rsa)	ktype2=rsa ;;
 		ecdsa*)		ktype3=ecdsa ;;  # unused
diff --git a/regress/usr.bin/ssh/principals-command.sh b/regress/usr.bin/ssh/principals-command.sh
index b3a722aaa79..fe82ee712f0 100644
--- a/regress/usr.bin/ssh/principals-command.sh
+++ b/regress/usr.bin/ssh/principals-command.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: principals-command.sh,v 1.7 2019/09/06 04:24:06 dtucker Exp $
+#	$OpenBSD: principals-command.sh,v 1.8 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 tid="authorized principals command"
@@ -10,7 +10,7 @@ if [ -z "$SUDO" -a ! -w /var/run ]; then
 	fatal "need SUDO to create file in /var/run, test won't work without"
 fi
 
-case "`${SSH} -Q key-plain`" in
+case "`${SSH} -Q key-plain | grep -v ^sk-`" in
 	*ssh-rsa*)	userkeytype=rsa ;;
 	*)		userkeytype=ed25519 ;;
 esac
diff --git a/regress/usr.bin/ssh/test-exec.sh b/regress/usr.bin/ssh/test-exec.sh
index b2c84e04f9a..11e907525f9 100644
--- a/regress/usr.bin/ssh/test-exec.sh
+++ b/regress/usr.bin/ssh/test-exec.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: test-exec.sh,v 1.66 2019/07/05 04:12:46 dtucker Exp $
+#	$OpenBSD: test-exec.sh,v 1.67 2019/11/01 01:55:41 djm Exp $
 #	Placed in the Public Domain.
 
 USER=`id -un`
@@ -312,7 +312,7 @@ fi
 
 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 
-SSH_KEYTYPES=`$SSH -Q key-plain`
+SSH_KEYTYPES=`$SSH -Q key-plain | grep -v ^sk`
 
 for t in ${SSH_KEYTYPES}; do
 	# generate user key