[libvirt-tck PATCH 2/2] nwfilter: Make use of the SSH pubkey auth rather than password-based auth

Erik Skultety <eskultet@xxxxxxxxxx> · Tue, 21 Jan 2020 17:47:17 +0100

Not only have SSH keys been a good practice for a while, it fixes our
SSH connections to the f31 test vm.

Signed-off-by: Erik Skultety <eskultet@xxxxxxxxxx>
---
 scripts/nwfilter/210-no-mac-spoofing.t  | 2 +-
 scripts/nwfilter/220-no-ip-spoofing.t   | 2 +-
 scripts/nwfilter/230-no-mac-broadcast.t | 2 +-
 scripts/nwfilter/240-no-arp-spoofing.t  | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/scripts/nwfilter/210-no-mac-spoofing.t b/scripts/nwfilter/210-no-mac-spoofing.t
index 95f003a..9798c4f 100644
--- a/scripts/nwfilter/210-no-mac-spoofing.t
+++ b/scripts/nwfilter/210-no-mac-spoofing.t
@@ -95,7 +95,7 @@ ok($ping =~ "10 received", "ping $guestip test");
 diag "ssh'ing into $guestip";
 my $ssh = Net::OpenSSH->new($guestip,
                             user => "root",
-                            password => $tck->root_password(),
+			    key_path => $tck->ssh_key_path($tck->scratch_dir()),
                             master_opts => [-o => "UserKnownHostsFile=/dev/null",
                                             -o => "StrictHostKeyChecking=no"]);
 
diff --git a/scripts/nwfilter/220-no-ip-spoofing.t b/scripts/nwfilter/220-no-ip-spoofing.t
index bacb861..9615d99 100644
--- a/scripts/nwfilter/220-no-ip-spoofing.t
+++ b/scripts/nwfilter/220-no-ip-spoofing.t
@@ -89,7 +89,7 @@ ok($ebtable =~ "$guestip", "check ebtables entry");
 diag "ssh'ing into $guestip";
 my $ssh = Net::OpenSSH->new($guestip,
                             user => "root",
-                            password => $tck->root_password(),
+			    key_path => $tck->ssh_key_path($tck->scratch_dir()),
                             master_opts => [-o => "UserKnownHostsFile=/dev/null",
                                             -o => "StrictHostKeyChecking=no"]);
 
diff --git a/scripts/nwfilter/230-no-mac-broadcast.t b/scripts/nwfilter/230-no-mac-broadcast.t
index b518a81..59683fa 100644
--- a/scripts/nwfilter/230-no-mac-broadcast.t
+++ b/scripts/nwfilter/230-no-mac-broadcast.t
@@ -117,7 +117,7 @@ system("/usr/sbin/tcpdump -v -i virbr0 -n host $networkipbroadcast and ether hos
 diag "ssh'ing into $guestip";
 my $ssh = Net::OpenSSH->new($guestip,
                             user => "root",
-                            password => $tck->root_password(),
+			    key_path => $tck->ssh_key_path($tck->scratch_dir()),
                             master_opts =>  [-o => "UserKnownHostsFile=/dev/null",
                                              -o => "StrictHostKeyChecking=no"]);
 
diff --git a/scripts/nwfilter/240-no-arp-spoofing.t b/scripts/nwfilter/240-no-arp-spoofing.t
index 77b36d2..2c860ed 100644
--- a/scripts/nwfilter/240-no-arp-spoofing.t
+++ b/scripts/nwfilter/240-no-arp-spoofing.t
@@ -98,7 +98,7 @@ system("/usr/sbin/tcpdump -v -i virbr0 not ip  > /tmp/tcpdump.log &");
 diag "ssh'ing into $guestip";
 my $ssh = Net::OpenSSH->new($guestip,
                             user => "root",
-                            password => $tck->root_password(),
+			    key_path => $tck->ssh_key_path($tck->scratch_dir()),
                             master_opts => [-o => "UserKnownHostsFile=/dev/null",
                                             -o => "StrictHostKeyChecking=no"]);
 
-- 
2.24.1








