MCPcopy Index your code
hub / github.com/tailscale/tailscale / TestSSHAgentForwarding

Function TestSSHAgentForwarding

ssh/tailssh/tailssh_integration_test.go:302–384  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

300}
301
302func TestSSHAgentForwarding(t *testing.T) {
303 // Create a client SSH key
304 tmpDir, err := os.MkdirTemp("", "")
305 if err != nil {
306 t.Fatal(err)
307 }
308 t.Cleanup(func() {
309 _ = os.RemoveAll(tmpDir)
310 })
311 pkFile := filepath.Join(tmpDir, "pk")
312 clientKey, clientKeyRSA := generateClientKey(t, pkFile)
313
314 // Start upstream SSH server
315 l, err := net.Listen("tcp", "127.0.0.1:")
316 if err != nil {
317 t.Fatalf("unable to listen for SSH: %s", err)
318 }
319 t.Cleanup(func() {
320 _ = l.Close()
321 })
322
323 // Run an SSH server that accepts connections from that client SSH key.
324 gs := gliderssh.Server{
325 Handler: func(s gliderssh.Session) {
326 io.WriteString(s, "Hello world\n")
327 },
328 PublicKeyHandler: func(ctx gliderssh.Context, key gliderssh.PublicKey) error {
329 // Note - this is not meant to be cryptographically secure, it's
330 // just checking that SSH agent forwarding is forwarding the right
331 // key.
332 a := key.Marshal()
333 b := clientKey.PublicKey().Marshal()
334 if !bytes.Equal(a, b) {
335 return errors.New("key mismatch")
336 }
337 return nil
338 },
339 }
340 go gs.Serve(l)
341
342 // Run tailscale SSH server and connect to it
343 username := "testuser"
344 tailscaleAddr := testServer(t, username, false, false)
345 tcl, err := ssh.Dial("tcp", tailscaleAddr, &ssh.ClientConfig{
346 HostKeyCallback: ssh.InsecureIgnoreHostKey(),
347 })
348 if err != nil {
349 t.Fatal(err)
350 }
351 t.Cleanup(func() { tcl.Close() })
352
353 s, err := tcl.NewSession()
354 if err != nil {
355 t.Fatal(err)
356 }
357
358 // Set up SSH agent forwarding on the client
359 err = agent.RequestAgentForwarding(s)

Callers

nothing calls this directly

Calls 15

ServeMethod · 0.95
CombinedOutputMethod · 0.95
generateClientKeyFunction · 0.85
WriteStringMethod · 0.80
NewSessionMethod · 0.80
testServerFunction · 0.70
FatalMethod · 0.65
CleanupMethod · 0.65
RemoveAllMethod · 0.65
ListenMethod · 0.65
FatalfMethod · 0.65
CloseMethod · 0.65

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…