Add test for ssh hashed known_hosts handling.

2 files changed, 19 insertions, 1 deletions

diff --git a/regress/usr.bin/ssh/Makefile b/regress/usr.bin/ssh/Makefile
index 66b4bac4cc6..5f422cc9b76 100644
--- a/regress/usr.bin/ssh/Makefile
+++ b/regress/usr.bin/ssh/Makefile
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.117 2021/09/03 04:11:13 dtucker Exp $
+#	$OpenBSD: Makefile,v 1.118 2021/10/01 05:20:20 dtucker Exp $
 
 OPENSSL?=	yes
 
@@ -96,6 +96,7 @@ LTESTS= 	connect \
 		allow-deny-users \
 		authinfo \
 		sshsig \
+		knownhosts \
 		knownhosts-command
 
 INTEROP_TESTS=	putty-transfer putty-ciphers putty-kex conch-ciphers
diff --git a/regress/usr.bin/ssh/knownhosts.sh b/regress/usr.bin/ssh/knownhosts.sh
new file mode 100644
index 00000000000..dfc768ac974
--- /dev/null
+++ b/regress/usr.bin/ssh/knownhosts.sh
@@ -0,0 +1,17 @@
+#	$OpenBSD: knownhosts.sh,v 1.1 2021/10/01 05:20:20 dtucker Exp $
+#	Placed in the Public Domain.
+
+tid="known hosts"
+
+opts="-F $OBJ/ssh_proxy"
+
+trace "test initial connection"
+${SSH} $opts somehost true || fail "initial connection"
+
+trace "learn hashed known host"
+>$OBJ/known_hosts
+${SSH} -ohashknownhosts=yes -o stricthostkeychecking=no $opts somehost true \
+   || fail "learn hashed known_hosts"
+
+trace "test hashed known hosts"
+${SSH} $opts somehost true || fail "reconnect with hashed known hosts"